OVMSA-2024-0013 - Unbreakable Enterprise kernel security update
| Type: | SECURITY |
| Severity: | IMPORTANT |
| Release Date: | 2024-10-01 |
Description
[4.1.12-124.90.3]
- SUNRPC: increase size of rpc_wait_queue.qlen from unsigned short to unsigned int (Dai Ngo) [Orabug: 37055439]
[4.1.12-124.90.2]
- scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc() (Justin Tee) [Orabug: 36643241] {CVE-2024-35930}
- scsi: qla2xxx: Fix command flush on cable pull (Quinn Tran) [Orabug: 36596617] {CVE-2024-26931}
- VMCI: Fix use-after-free when removing resource in vmci_resource_remove() (David Fernandez Gonzalez) [Orabug: 33917166]
[4.1.12-124.90.1]
- i40e: Do not use WQ_MEM_RECLAIM flag for workqueue (Sindhu Devale) [Orabug: 36643519] {CVE-2024-36004}
- dyndbg: fix old BUG_ON in >control parser (Jim Cromie) [Orabug: 36643340] {CVE-2024-35947}
- btrfs: send: handle path ref underflow in header iterate_inode_ref() (David Sterba) [Orabug: 36643269] {CVE-2024-35935}
- ipv6: Fix infinite recursion in fib6_dump_done(). (Kuniyuki Iwashima) [Orabug: 36643095] {CVE-2024-35886}
- x86/mm/pat: fix VM_PAT handling in COW mappings (David Hildenbrand) [Orabug: 36643059] {CVE-2024-35877}
Related CVEs
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory | Channel Label |
|
| Oracle VM 3 (x86_64) | kernel-uek-4.1.12-124.90.3.el6uek.src.rpm | bd5388e612388bce1039497f9068f075 | - | ovm3_x86_64_ELS |
| kernel-uek-4.1.12-124.90.3.el6uek.x86_64.rpm | e04ffb54bb9a7633bf304681b5f16cc8 | - | ovm3_x86_64_ELS |
| kernel-uek-firmware-4.1.12-124.90.3.el6uek.noarch.rpm | b238cdb3f9917f1fc84aa80bd7acafb6 | - | ovm3_x86_64_ELS |
