OVMSA-2023-0025 - Unbreakable Enterprise kernel security update
| Type: | SECURITY |
| Severity: | IMPORTANT |
| Release Date: | 2023-12-07 |
Description
[4.1.12-124.81.2]
- rebuild bumping release
[4.1.12-124.81.1]
- netfilter: xt_sctp: validate the flag_info count (Wander Lairson Costa) [Orabug: 35923500] {CVE-2023-39193}
- USB: ene_usb6250: Allocate enough memory for full object (Kees Cook) [Orabug: 35924058] {CVE-2023-45862}
- netfilter: xt_u32: validate user space input (Wander Lairson Costa) [Orabug: 35923470] {CVE-2023-39192}
- net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-free (valis) [Orabug: 35707466] {CVE-2023-4207}
Related CVEs
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory | Channel Label |
|
| Oracle VM 3 (x86_64) | kernel-uek-4.1.12-124.81.2.el6uek.src.rpm | dd2fbf6834cfd77adf5322c28f227ae0 | - | ovm3_x86_64_ELS |
| kernel-uek-4.1.12-124.81.2.el6uek.x86_64.rpm | 32c35373efd036b7661273d6a8b08559 | - | ovm3_x86_64_ELS |
| kernel-uek-firmware-4.1.12-124.81.2.el6uek.noarch.rpm | 091558ff6c74f852abcf440337bfc466 | - | ovm3_x86_64_ELS |
This page is generated automatically and has not been checked for errors or omissions. For clarification
or corrections please contact the Oracle Linux ULN team
