OVMSA-2024-0016
- ULN >
- Oracle Linux Errata repository >
- OVMSA-2024-0016
OVMSA-2024-0016 - Unbreakable Enterprise kernel security update
| Type: | SECURITY |
| Severity: | IMPORTANT |
| Release Date: | 2024-12-03 |
Description
[4.1.12-124.92.3]
- memcg_write_event_control(): fix a user-triggerable oops (Al Viro) [Orabug: 37070674] {CVE-2024-45021}
- ocfs2: fix races between hole punching and AIO+DIO (Su Yue) [Orabug: 36835819] {CVE-2024-40943}
[4.1.12-124.92.2]
- fbdev: savage: Handle err return when savagefb_check_var failed (Cai Xinchen) [Orabug: 36984058] {CVE-2024-39475}
- bnx2x: Fix multiple UBSAN array-index-out-of-bounds (Ghadi Elie Rahme) [Orabug: 36897888] {CVE-2024-42148}
- vmci: prevent speculation leaks by sanitizing event in event_deliver() (Hagar Gamal Halim Hemdan) [Orabug: 36835584] {CVE-2024-39499}
- aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts (Chun-Yi Lee) [Orabug: 36544953] {CVE-2024-26898}
[4.1.12-124.92.1]
- Input: MT - limit max slots (Tetsuo Handa) [Orabug: 37029139] {CVE-2024-45008}
- drm/nouveau: fix null pointer dereference in nouveau_connector_get_modes (Ma Ke) [Orabug: 36897642] {CVE-2024-42101}
- wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup() (Remi Pommarel) [Orabug: 36835737] {CVE-2024-40912}
- USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages (Alan Stern) [Orabug: 36835711] {CVE-2024-40904}
- bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set() (Sam Sun) [Orabug: 36825250] {CVE-2024-39487}
- jffs2: prevent xattr node from overflowing the eraseblock (Ilya Denisyev) [Orabug: 36753653] {CVE-2024-38599}
- scsi: bfa: Ensure the copied buf is NUL terminated (Bui Quang Minh) [Orabug: 36753475] {CVE-2024-38560}
- ALSA: usb-audio: Stop parsing channels bits when all channels are found. (Johan Carlsson) [Orabug: 36642150] {CVE-2024-27436}
- USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command (Alan Stern) [Orabug: 36598221] {CVE-2024-27059}
- fat: fix uninitialized field in nostale filehandles (Jan Kara) [Orabug: 36597870] {CVE-2024-26973}
- ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit() (Armin Wolf) [Orabug: 36544941] {CVE-2024-26894}
Related CVEs
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory | Channel Label |
| Oracle VM 3 (x86_64) | kernel-uek-4.1.12-124.92.3.el6uek.src.rpm | 29ba9c79aceb1be7c947a25e1eac8471 | - | ovm3_x86_64_ELS |
| kernel-uek-4.1.12-124.92.3.el6uek.x86_64.rpm | d845060bef86a7ad51990608e964b289 | - | ovm3_x86_64_ELS | |
| kernel-uek-firmware-4.1.12-124.92.3.el6uek.noarch.rpm | 5bade54fa04d25ee9e19d90afe19e3b8 | - | ovm3_x86_64_ELS | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections:
- Oracle customers - enter a support request
- Vulnerability scanning tools vendors and project maintainers - follow the standard ISV process
