Oracle Linux Security Advisory ELSA-2022-9969

https://linux.oracle.com/errata/ELSA-2022-9969.html

The following updated rpms for Oracle Linux 6 Extended Lifecycle Support (ELS) have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-uek-doc-4.1.12-124.68.3.el6uek.noarch.rpm
kernel-uek-firmware-4.1.12-124.68.3.el6uek.noarch.rpm
kernel-uek-4.1.12-124.68.3.el6uek.x86_64.rpm
kernel-uek-devel-4.1.12-124.68.3.el6uek.x86_64.rpm
kernel-uek-debug-4.1.12-124.68.3.el6uek.x86_64.rpm
kernel-uek-debug-devel-4.1.12-124.68.3.el6uek.x86_64.rpm



Related CVEs:

CVE-2015-1350
CVE-2017-13166
CVE-2020-10690
CVE-2020-12654
CVE-2020-12655
CVE-2021-42739
CVE-2022-3239
CVE-2022-36946




Description of changes:

[4.1.12-124.68.3.el6uek]
- Orabug: 34733462 (Alok Tiwari)

[4.1.12-124.68.2.el6uek]
- ptp: fix the race between the release of ptp_clock and cdev (Vladis Dronov)  [Orabug: 31350707]  {CVE-2020-10690}
- ptp: Fix pass zero to ERR_PTR() in ptp_clock_register (YueHaibing)  [Orabug: 31350707]
- chardev: add helper function to register char devs with a struct device (Logan Gunthorpe)  [Orabug: 31350707]
- ptp: create "pins" together with the rest of attributes (Dmitry Torokhov)  [Orabug: 31350707]
- ptp: use is_visible method to hide unused attributes (Dmitry Torokhov)  [Orabug: 31350707]
- ptp: do not explicitly set drvdata in ptp_clock_register() (Dmitry Torokhov)  [Orabug: 31350707]
- xfs: add agf freeblocks verify in xfs_agf_verify (Zheng Bin)  [Orabug: 31350923]  {CVE-2020-12655}
- netfilter: nf_queue: do not allow packet truncation below transport header offset (Florian Westphal)  [Orabug: 34475433]  {CVE-2022-36946}
- media: em28xx: initialize refcount before kref_get (Dongliang Mu)  [Orabug: 34619522]  {CVE-2022-3239}

[4.1.12-124.68.1.el6uek]
- fs: Avoid premature clearing of capabilities (Jan Kara)  [Orabug: 20429825]  {CVE-2015-1350}
- fs: Give dentry to inode_change_ok() instead of inode (Jan Kara)  [Orabug: 20429825]  {CVE-2015-1350}
- nfsd: Disable NFSv2 timestamp workaround for NFSv3+ (Andreas Gruenbacher)  [Orabug: 20429825]  {CVE-2015-1350}
- fuse: Propagate dentry down to inode_change_ok() (Jan Kara)  [Orabug: 20429825]  {CVE-2015-1350}
- xfs: Propagate dentry down to inode_change_ok() (Jan Kara)  [Orabug: 20429825]  {CVE-2015-1350}
- media: v4l2-compat-ioctl32.c: refactor compat ioctl32 logic (Daniel Mentz)  [Orabug: 28036613]  {CVE-2017-13166}
- media: v4l2-compat-ioctl32.c: don't copy back the result for certain errors (Hans Verkuil)  [Orabug: 28036613]  {CVE-2017-13166}
- media: v4l2-compat-ioctl32.c: drop pr_info for unknown buffer type (Hans Verkuil)  [Orabug: 28036613]  {CVE-2017-13166}
- media: v4l2-compat-ioctl32.c: copy clip list in put_v4l2_window32 (Hans Verkuil)  [Orabug: 28036613]  {CVE-2017-13166}
- media: v4l2-compat-ioctl32: Copy v4l2_window->global_alpha (Daniel Mentz)  [Orabug: 28036613]  {CVE-2017-13166}
- media: v4l2-compat-ioctl32.c: make ctrl_is_pointer work for subdevs (Hans Verkuil)  [Orabug: 28036613]  {CVE-2017-13166}
- media: v4l2-compat-ioctl32.c: fix ctrl_is_pointer (Hans Verkuil)  [Orabug: 28036613]  {CVE-2017-13166}
- media: v4l2-compat-ioctl32.c: copy m.userptr in put_v4l2_plane32 (Hans Verkuil)  [Orabug: 28036613]  {CVE-2017-13166}
- media: v4l2-compat-ioctl32.c: avoid sizeof(type) (Hans Verkuil)  [Orabug: 28036613]  {CVE-2017-13166}
- media: v4l2-compat-ioctl32.c: move 'helper' functions to __get/put_v4l2_format32 (Hans Verkuil)  [Orabug: 28036613]  {CVE-2017-13166}
- media: v4l2-compat-ioctl32.c: fix the indentation (Hans Verkuil)  [Orabug: 28036613]  {CVE-2017-13166}
- media: v4l2-compat-ioctl32.c: add missing VIDIOC_PREPARE_BUF (Hans Verkuil)  [Orabug: 28036613]  {CVE-2017-13166}
- media: v4l2-compat-ioctl32: Fix timespec conversion (Daniel Mentz)  [Orabug: 28036613]  {CVE-2017-13166}
- media: v4l2-compat-ioctl32: fix missing reserved field copy in put_v4l2_create32 (Tiffany Lin)  [Orabug: 28036613]  {CVE-2017-13166}
- media: v4l2-compat-ioctl32: fix missing length copy in put_v4l2_buffer32 (Tiffany Lin)  [Orabug: 28036613]  {CVE-2017-13166}
- mwifiex: Fix possible buffer overflows in mwifiex_ret_wmm_get_status() (Qing Xu)  [Orabug: 31350517]  {CVE-2020-12654}
- media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt() (Dan Carpenter)  [Orabug: 33488041]  {CVE-2021-42739}


_______________________________________________
El-errata mailing list
El-errata@oss.oracle.com
https://oss.oracle.com/mailman/listinfo/el-errata

Oracle6: ELSA-2022-9969: Extended Lifecycle Support (ELS) Unbreakable Enterprise kernel Im

The following updated rpms for Oracle Linux 6 Extended Lifecycle Support (ELS) have been uploaded to the Unbreakable Linux Network:

Summary

[4.1.12-124.68.3.el6uek] - Orabug: 34733462 (Alok Tiwari) [4.1.12-124.68.2.el6uek] - ptp: fix the race between the release of ptp_clock and cdev (Vladis Dronov) [Orabug: 31350707] {CVE-2020-10690} - ptp: Fix pass zero to ERR_PTR() in ptp_clock_register (YueHaibing) [Orabug: 31350707] - chardev: add helper function to register char devs with a struct device (Logan Gunthorpe) [Orabug: 31350707] - ptp: create "pins" together with the rest of attributes (Dmitry Torokhov) [Orabug: 31350707] - ptp: use is_visible method to hide unused attributes (Dmitry Torokhov) [Orabug: 31350707] - ptp: do not explicitly set drvdata in ptp_clock_register() (Dmitry Torokhov) [Orabug: 31350707] - xfs: add agf freeblocks verify in xfs_agf_verify (Zheng Bin) [Orabug: 31350923] {CVE-2020-12655} - netfilter: nf_queue: do not allow packet truncation below transport header offset (Florian Westphal) [Orabug: 34475433] {CVE-2022-36946} - media: em28xx: initialize refcount before kref_get (Dongliang Mu) [Orabug: 34619522] {CVE-2022-3239} [4.1.12-124.68.1.el6uek] - fs: Avoid premature clearing of capabilities (Jan Kara) [Orabug: 20429825] {CVE-2015-1350} - fs: Give dentry to inode_change_ok() instead of inode (Jan Kara) [Orabug: 20429825] {CVE-2015-1350} - nfsd: Disable NFSv2 timestamp workaround for NFSv3+ (Andreas Gruenbacher) [Orabug: 20429825] {CVE-2015-1350} - fuse: Propagate dentry down to inode_change_ok() (Jan Kara) [Orabug: 20429825] {CVE-2015-1350} - xfs: Propagate dentry down to inode_change_ok() (Jan Kara) [Orabug: 20429825] {CVE-2015-1350} - media: v4l2-compat-ioctl32.c: refactor compat ioctl32 logic (Daniel Mentz) [Orabug: 28036613] {CVE-2017-13166} - media: v4l2-compat-ioctl32.c: don't copy back the result for certain errors (Hans Verkuil) [Orabug: 28036613] {CVE-2017-13166} - media: v4l2-compat-ioctl32.c: drop pr_info for unknown buffer type (Hans Verkuil) [Orabug: 28036613] {CVE-2017-13166} - media: v4l2-compat-ioctl32.c: copy clip list in put_v4l2_window32 (Hans Verkuil) [Orabug: 28036613] {CVE-2017-13166} - media: v4l2-compat-ioctl32: Copy v4l2_window->global_alpha (Daniel Mentz) [Orabug: 28036613] {CVE-2017-13166} - media: v4l2-compat-ioctl32.c: make ctrl_is_pointer work for subdevs (Hans Verkuil) [Orabug: 28036613] {CVE-2017-13166} - media: v4l2-compat-ioctl32.c: fix ctrl_is_pointer (Hans Verkuil) [Orabug: 28036613] {CVE-2017-13166} - media: v4l2-compat-ioctl32.c: copy m.userptr in put_v4l2_plane32 (Hans Verkuil) [Orabug: 28036613] {CVE-2017-13166} - media: v4l2-compat-ioctl32.c: avoid sizeof(type) (Hans Verkuil) [Orabug: 28036613] {CVE-2017-13166} - media: v4l2-compat-ioctl32.c: move 'helper' functions to __get/put_v4l2_format32 (Hans Verkuil) [Orabug: 28036613] {CVE-2017-13166} - media: v4l2-compat-ioctl32.c: fix the indentation (Hans Verkuil) [Orabug: 28036613] {CVE-2017-13166} - media: v4l2-compat-ioctl32.c: add missing VIDIOC_PREPARE_BUF (Hans Verkuil) [Orabug: 28036613] {CVE-2017-13166} - media: v4l2-compat-ioctl32: Fix timespec conversion (Daniel Mentz) [Orabug: 28036613] {CVE-2017-13166} - media: v4l2-compat-ioctl32: fix missing reserved field copy in put_v4l2_create32 (Tiffany Lin) [Orabug: 28036613] {CVE-2017-13166} - media: v4l2-compat-ioctl32: fix missing length copy in put_v4l2_buffer32 (Tiffany Lin) [Orabug: 28036613] {CVE-2017-13166} - mwifiex: Fix possible buffer overflows in mwifiex_ret_wmm_get_status() (Qing Xu) [Orabug: 31350517] {CVE-2020-12654} - media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt() (Dan Carpenter) [Orabug: 33488041] {CVE-2021-42739}

SRPMs

x86_64

kernel-uek-doc-4.1.12-124.68.3.el6uek.noarch.rpm kernel-uek-firmware-4.1.12-124.68.3.el6uek.noarch.rpm kernel-uek-4.1.12-124.68.3.el6uek.x86_64.rpm kernel-uek-devel-4.1.12-124.68.3.el6uek.x86_64.rpm kernel-uek-debug-4.1.12-124.68.3.el6uek.x86_64.rpm kernel-uek-debug-devel-4.1.12-124.68.3.el6uek.x86_64.rpm

aarch64

i386

Severity
Related CVEs: CVE-2015-1350 CVE-2017-13166 CVE-2020-10690 CVE-2020-12654 CVE-2020-12655 CVE-2021-42739 CVE-2022-3239 CVE-2022-36946

Related News

30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
28.Lock Globe Esm H320
1 - 2 min read
A resurgence of cyberattacks targeting Linux systems in Asian campaigns through the utilization of the Pupy Remote Access Trojan (RAT) has been
27.Tablet Connections Blocks Lock Esm H320
2 - 4 min read
Canonical has recently announced the Beta release of Ubuntu Linux 24.04 LTS , codenamed "Noble Numbat." This release aims to continue Ubuntu's
21.Globe RadiatingCode Esm H320
2 - 3 min read
The open-source movement has come a long way, from its origins in the 1960s and 1970s to becoming an integral part of organizations worldwide.
13.Lock StylizedMotherboard Esm H320
2 - 3 min read
The Rust-based Edera project demonstrates a unique approach to container security that addresses cloud-native computing challenges. Let's examine
8.Locks HexConnections CodeGlobe Esm H320
2 - 3 min read
Canonical has launched Ubuntu Pro for Devices , a comprehensive offering emphasizing security and compliance for IoT device deployments. This
2.Motherboard Esm H320
2 - 3 min read
The recently uncovered "Native Branch History Injection (BHI)" exploit against the Linux kernel marks a significant milestone in the ongoing battle
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved