OVMSA-2023-0020

ULN >
Oracle Linux Errata repository >
OVMSA-2023-0020

OVMSA-2023-0020 - Unbreakable Enterprise kernel security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2023-09-07

Description

[4.1.12-124.78.2]
- xfrm: fix crash in XFRM_MSG_GETSA netlink handler (Vegard Nossum) [Orabug: 35598955] {CVE-2023-3106}
- netfilter: nf_tables: validate registers coming from userspace (Harshvardhan Jha) [Orabug: 34012909] {CVE-2022-1015}

[4.1.12-124.78.1]
- vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF (George Kennedy) [Orabug: 35649493] {CVE-2023-3567}

Related CVEs

CVE-2022-1015

CVE-2023-3106

CVE-2023-3567

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle VM 3 (x86_64)	kernel-uek-4.1.12-124.78.2.el6uek.src.rpm	5eb23b36763ba2217b9bbdf2f1f837c653ebe28584cd3d0bbba7e59df5a3925e	OVMSA-2025-0001	ovm3_x86_64_ELS
	kernel-uek-4.1.12-124.78.2.el6uek.x86_64.rpm	c94a8e7817c1dfd5c84735e1983e12e33b2af15c37b3ee455eb30cf044179f86	OVMSA-2025-0001	ovm3_x86_64_ELS
	kernel-uek-firmware-4.1.12-124.78.2.el6uek.noarch.rpm	7a11629f8c8efe434937b1f2e17acc3a7242ae41ce37561467225bf10133fd82	OVMSA-2025-0001	ovm3_x86_64_ELS

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691