OVMSA-2024-0002

OVMSA-2024-0002 - Unbreakable Enterprise kernel security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2024-03-01

Description

[4.1.12-124.82.2]
- Bluetooth: Reject connection with the device which has same BD_ADDR (Lee, Chun-Yi) [Orabug: 35959598] {CVE-2020-26555}
- sched/rt: pick_next_rt_entity(): check list_entry (Pietro Borrello) [Orabug: 35181560] {CVE-2023-1077}
- sched/debug: Fix SCHED_WARN_ON() to return a value on !CONFIG_SCHED_DEBUG as well (Ingo Molnar) [Orabug: 35181560]
- sched/debug: Add SCHED_WARN_ON() (Peter Zijlstra) [Orabug: 35181560]

[4.1.12-124.82.1]
- igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU (Eric Dumazet) [Orabug: 35924002] {CVE-2023-42752}
- net: sched: sch_qfq: Fix UAF in qfq_dequeue() (valis) [Orabug: 35814457] {CVE-2023-4921}
- ixgbe: fix large MTU request from VF (Samasth Norway Ananda) [Orabug: 33752821] {CVE-2021-33098}

Related CVEs

CVE-2020-26555

CVE-2023-1077

CVE-2021-33098

CVE-2023-4921

CVE-2023-42752

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label
Oracle VM 3 (x86_64)	kernel-uek-4.1.12-124.82.2.el6uek.src.rpm	9a64bc01c55e5a53abb02d97cee70e0134da8868b35f68c1d3d2cb7031c61ddd	OVMSA-2025-0001	ovm3_x86_64_ELS
	kernel-uek-4.1.12-124.82.2.el6uek.x86_64.rpm	3bbbee91f3db7db293514124b1e3379925d04f890d62a9bc764221519afa144f	OVMSA-2025-0001	ovm3_x86_64_ELS
	kernel-uek-firmware-4.1.12-124.82.2.el6uek.noarch.rpm	8b787e46dbb272130bee03f5e5086bda021d92d16c53e4ba7a6464b9d61d9db0	OVMSA-2025-0001	ovm3_x86_64_ELS

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team