Oracle Linux Security Advisory ELSA-2023-12842

https://linux.oracle.com/errata/ELSA-2023-12842.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-uek-doc-4.1.12-124.79.2.el7uek.noarch.rpm
kernel-uek-firmware-4.1.12-124.79.2.el7uek.noarch.rpm
kernel-uek-4.1.12-124.79.2.el7uek.x86_64.rpm
kernel-uek-devel-4.1.12-124.79.2.el7uek.x86_64.rpm
kernel-uek-debug-4.1.12-124.79.2.el7uek.x86_64.rpm
kernel-uek-debug-devel-4.1.12-124.79.2.el7uek.x86_64.rpm


SRPMS:
https://oss.oracle.com:443/ol7/SRPMS-updates//kernel-uek-4.1.12-124.79.2.el7uek.src.rpm

Related CVEs:

CVE-2022-34918
CVE-2023-2513
CVE-2023-4387
CVE-2023-22024
CVE-2023-3772
CVE-2023-35001
CVE-2023-4206
CVE-2023-3611
CVE-2023-4459
CVE-2023-3776




Description of changes:

[4.1.12-124.79.2]
- net/sched: cls_route: No longer copy tcf_result on update to avoid use-after-free (valis)  [Orabug: 35814273]  {CVE-2023-4206}
- net/sched: sch_qfq: account for stab overhead in qfq_enqueue (Pedro Tammela)  [Orabug: 35636291]  {CVE-2023-3611}
- rds: Fix lack of reentrancy for connection reset with dst addr zero (HÃ¥kon Bugge)  [Orabug: 35741584] [Orabug: 35818110]  {CVE-2023-22024}

[4.1.12-124.79.1]
- xfrm: add NULL check in xfrm_update_ae_params (Lin Ma)  [Orabug: 35754509]  {CVE-2023-3772}
- net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup() (Zixuan Fu)  [Orabug: 35732892]  {CVE-2023-4459}
- net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf() (Zixuan Fu)  [Orabug: 35732764]  {CVE-2023-4387}
- net/sched: cls_fw: Fix improper refcount update leads to use-after-free (M A Ramdhan)  [Orabug: 35636313]  {CVE-2023-3776}
- netfilter: nf_tables: prevent OOB access in nft_byteorder_eval (Thadeu Lima de Souza Cascardo)  [Orabug: 35609787]  {CVE-2023-35001}
- ext4: fix use-after-free in ext4_xattr_set_entry (Baokun Li)  [Orabug: 35382025]  {CVE-2023-2513}
- ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h (Baokun Li)  [Orabug: 35382025]  {CVE-2023-2513}
- netfilter: nf_tables: stricter validation of element data (Pablo Neira Ayuso)  [Orabug: 34362008]  {CVE-2022-34918}


_______________________________________________
El-errata mailing list
El-errata@oss.oracle.com
https://oss.oracle.com/mailman/listinfo/el-errata

Oracle7: ELSA-2023-12842: kernel Important Security Update

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

Summary

[4.1.12-124.79.2] - net/sched: cls_route: No longer copy tcf_result on update to avoid use-after-free (valis) [Orabug: 35814273] {CVE-2023-4206} - net/sched: sch_qfq: account for stab overhead in qfq_enqueue (Pedro Tammela) [Orabug: 35636291] {CVE-2023-3611} - rds: Fix lack of reentrancy for connection reset with dst addr zero (HÃ¥kon Bugge) [Orabug: 35741584] [Orabug: 35818110] {CVE-2023-22024} [4.1.12-124.79.1] - xfrm: add NULL check in xfrm_update_ae_params (Lin Ma) [Orabug: 35754509] {CVE-2023-3772} - net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup() (Zixuan Fu) [Orabug: 35732892] {CVE-2023-4459} - net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf() (Zixuan Fu) [Orabug: 35732764] {CVE-2023-4387} - net/sched: cls_fw: Fix improper refcount update leads to use-after-free (M A Ramdhan) [Orabug: 35636313] {CVE-2023-3776} - netfilter: nf_tables: prevent OOB access in nft_byteorder_eval (Thadeu Lima de Souza Cascardo) ...

Read the Full Advisory

SRPMs

https://oss.oracle.com:443/ol7/SRPMS-updates//kernel-uek-4.1.12-124.79.2.el7uek.src.rpm

x86_64

kernel-uek-doc-4.1.12-124.79.2.el7uek.noarch.rpm kernel-uek-firmware-4.1.12-124.79.2.el7uek.noarch.rpm kernel-uek-4.1.12-124.79.2.el7uek.x86_64.rpm kernel-uek-devel-4.1.12-124.79.2.el7uek.x86_64.rpm kernel-uek-debug-4.1.12-124.79.2.el7uek.x86_64.rpm kernel-uek-debug-devel-4.1.12-124.79.2.el7uek.x86_64.rpm

aarch64

i386

Severity
Related CVEs: CVE-2022-34918 CVE-2023-2513 CVE-2023-4387 CVE-2023-22024 CVE-2023-3772 CVE-2023-35001 CVE-2023-4206 CVE-2023-3611 CVE-2023-4459 CVE-2023-3776

Related News

The End of the Road for Linux 6.11: A Call to Upgrade to Kernel 6.12
3 - 5 min read
The Linux kernel community recently issued an EOL announcement regarding the 6.11 kernel series, urging sysadmins to upgrade quickly to 6.12 . This
A Linux Admin
3 - 6 min read
As 2025 approaches, we Linux admins are facing new and often unseen cloud-native security obstacles. While skilled at mitigating known risks,
Leveraging Insights from the Linux Foundation
3 - 5 min read
The Linux Foundation's recent Census III report provides critical insights for Linux administrators, information security professionals, and anyone
Chrome 131 Released: Emergency Security Update Fixes Over a Dozen Significant Vulns
3 - 6 min read
Google recently unveiled a critical security update to their popular web browser, Google Chrome, addressing over a dozen significant security
From Wayland Fixes to Security Boosts: Examining Qt 6.8.1
3 - 6 min read
The recent Qt 6.8.1 release brings significant updates and improvements, strengthening its reputation as a secure and reliable application
Exploring Arch Linux 2024.12.01: Security Implications & Notable Enhancements for Linux Admins
3 - 6 min read
The Arch Linux 2024.12.01 ISO release marks an impressive milestone, offering cutting-edge updates that enhance functionality, streamline
Deck the Halls with Enhanced Security: Linux Kernel 6.13
3 - 5 min read
As Linux admins and infosec professionals prepare for the holiday season, there's much cause for celebration this year! Linus Torvalds recently made
Lessons from Bootkitty: Securing Linux Systems Against UEFI Intrusions
3 - 5 min read
New Linux security threats mark critical junctures that challenge existing policies and test security protocols to their limit. One such milestone

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved