Stay Connected:

OVMSA-2023-0020

OVMSA-2023-0020 - Unbreakable Enterprise kernel security update

Type:SECURITY
Severity:IMPORTANT
Release Date:2023-09-07

Description


[4.1.12-124.78.2]
- xfrm: fix crash in XFRM_MSG_GETSA netlink handler (Vegard Nossum) [Orabug: 35598955] {CVE-2023-3106}
- netfilter: nf_tables: validate registers coming from userspace (Harshvardhan Jha) [Orabug: 34012909] {CVE-2022-1015}

[4.1.12-124.78.1]
- vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF (George Kennedy) [Orabug: 35649493] {CVE-2023-3567}


Related CVEs


CVE-2022-1015
CVE-2023-3106
CVE-2023-3567

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By AdvisoryChannel Label
Oracle VM 3 (x86_64) kernel-uek-4.1.12-124.78.2.el6uek.src.rpmbe658d723e2b55832192e2c8dfacc3e0-ovm3_x86_64_ELS
kernel-uek-4.1.12-124.78.2.el6uek.x86_64.rpm673e0eaf022912bd7edeea2be879da53-ovm3_x86_64_ELS
kernel-uek-firmware-4.1.12-124.78.2.el6uek.noarch.rpmab248cfc4a7bd20c72ceb7597fc77752-ovm3_x86_64_ELS



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights