Oracle Linux Security Advisory ELSA-2024-12110

https://linux.oracle.com/errata/ELSA-2024-12110.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-uek-doc-4.1.12-124.82.2.el7uek.noarch.rpm
kernel-uek-firmware-4.1.12-124.82.2.el7uek.noarch.rpm
kernel-uek-4.1.12-124.82.2.el7uek.x86_64.rpm
kernel-uek-devel-4.1.12-124.82.2.el7uek.x86_64.rpm
kernel-uek-debug-4.1.12-124.82.2.el7uek.x86_64.rpm
kernel-uek-debug-devel-4.1.12-124.82.2.el7uek.x86_64.rpm


SRPMS:
https://oss.oracle.com:443/ol7/SRPMS-updates//kernel-uek-4.1.12-124.82.2.el7uek.src.rpm

Related CVEs:

CVE-2020-26555
CVE-2021-33098
CVE-2023-1077
CVE-2023-42752
CVE-2023-4921




Description of changes:

[4.1.12-124.82.2.el7uek]
- Bluetooth: Reject connection with the device which has same BD_ADDR (Lee, Chun-Yi)  [Orabug: 35959598]  {CVE-2020-26555}
- sched/rt: pick_next_rt_entity(): check list_entry (Pietro Borrello)  [Orabug: 35181560]  {CVE-2023-1077}
- sched/debug: Fix SCHED_WARN_ON() to return a value on !CONFIG_SCHED_DEBUG as well (Ingo Molnar)  [Orabug: 35181560]
- sched/debug: Add SCHED_WARN_ON() (Peter Zijlstra)  [Orabug: 35181560]

[4.1.12-124.82.1.el7uek]
- igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU (Eric Dumazet)  [Orabug: 35924002]  {CVE-2023-42752}
- net: sched: sch_qfq: Fix UAF in qfq_dequeue() (valis)  [Orabug: 35814457]  {CVE-2023-4921}
- ixgbe: fix large MTU request from VF (Samasth Norway Ananda)  [Orabug: 33752821]  {CVE-2021-33098}


_______________________________________________
El-errata mailing list
El-errata@oss.oracle.com
https://oss.oracle.com/mailman/listinfo/el-errata

Oracle7: ELSA-2024-12110: kernel Important Security Update

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

Summary

[4.1.12-124.82.2.el7uek] - Bluetooth: Reject connection with the device which has same BD_ADDR (Lee, Chun-Yi) [Orabug: 35959598] {CVE-2020-26555} - sched/rt: pick_next_rt_entity(): check list_entry (Pietro Borrello) [Orabug: 35181560] {CVE-2023-1077} - sched/debug: Fix SCHED_WARN_ON() to return a value on !CONFIG_SCHED_DEBUG as well (Ingo Molnar) [Orabug: 35181560] - sched/debug: Add SCHED_WARN_ON() (Peter Zijlstra) [Orabug: 35181560] [4.1.12-124.82.1.el7uek] - igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU (Eric Dumazet) [Orabug: 35924002] {CVE-2023-42752} - net: sched: sch_qfq: Fix UAF in qfq_dequeue() (valis) [Orabug: 35814457] {CVE-2023-4921} - ixgbe: fix large MTU request from VF (Samasth Norway Ananda) [Orabug: 33752821] {CVE-2021-33098}

SRPMs

https://oss.oracle.com:443/ol7/SRPMS-updates//kernel-uek-4.1.12-124.82.2.el7uek.src.rpm

x86_64

kernel-uek-doc-4.1.12-124.82.2.el7uek.noarch.rpm kernel-uek-firmware-4.1.12-124.82.2.el7uek.noarch.rpm kernel-uek-4.1.12-124.82.2.el7uek.x86_64.rpm kernel-uek-devel-4.1.12-124.82.2.el7uek.x86_64.rpm kernel-uek-debug-4.1.12-124.82.2.el7uek.x86_64.rpm kernel-uek-debug-devel-4.1.12-124.82.2.el7uek.x86_64.rpm

aarch64

i386

Severity
Related CVEs: CVE-2020-26555 CVE-2021-33098 CVE-2023-1077 CVE-2023-42752 CVE-2023-4921

Related News

News

Powered By

Footer Logo

Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.

Powered By

Footer Logo