Oracle Linux Security Advisory ELSA-2023-12970

https://linux.oracle.com/errata/ELSA-2023-12970.html

The following updated rpms for Oracle Linux 6 Extended Lifecycle Support (ELS) have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-uek-doc-4.1.12-124.80.1.el6uek.noarch.rpm
kernel-uek-firmware-4.1.12-124.80.1.el6uek.noarch.rpm
kernel-uek-4.1.12-124.80.1.el6uek.x86_64.rpm
kernel-uek-devel-4.1.12-124.80.1.el6uek.x86_64.rpm
kernel-uek-debug-4.1.12-124.80.1.el6uek.x86_64.rpm
kernel-uek-debug-devel-4.1.12-124.80.1.el6uek.x86_64.rpm



Related CVEs:

CVE-2023-40283
CVE-2023-4208




Description of changes:

[4.1.12-124.80.1.el6uek]
- Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb (Sungwoo Kim)  [Orabug: 35814478]  {CVE-2023-40283}
- net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free (valis)  [Orabug: 35814297]  {CVE-2023-4208}
- RDMA/core: net: fix kernel NULL error (Zhu Yanjun)  [Orabug: 35723252]


_______________________________________________
El-errata mailing list
El-errata@oss.oracle.com
https://oss.oracle.com/mailman/listinfo/el-errata

Oracle6: ELSA-2023-12970: Extended Lifecycle Support (ELS) Unbreakable

The following updated rpms for Oracle Linux 6 Extended Lifecycle Support (ELS) have been uploaded to the Unbreakable Linux Network:

Summary

[4.1.12-124.80.1.el6uek] - Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb (Sungwoo Kim) [Orabug: 35814478] {CVE-2023-40283} - net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free (valis) [Orabug: 35814297] {CVE-2023-4208} - RDMA/core: net: fix kernel NULL error (Zhu Yanjun) [Orabug: 35723252]

SRPMs

x86_64

kernel-uek-doc-4.1.12-124.80.1.el6uek.noarch.rpm kernel-uek-firmware-4.1.12-124.80.1.el6uek.noarch.rpm kernel-uek-4.1.12-124.80.1.el6uek.x86_64.rpm kernel-uek-devel-4.1.12-124.80.1.el6uek.x86_64.rpm kernel-uek-debug-4.1.12-124.80.1.el6uek.x86_64.rpm kernel-uek-debug-devel-4.1.12-124.80.1.el6uek.x86_64.rpm

aarch64

i386

Severity
Related CVEs: CVE-2023-40283 CVE-2023-4208

Related News

Defending Against Remote Code Execution in Google Chrome: A Critical Update
2 - 3 min read
Google Chrome, a widely used web browser, serves millions of internet users by connecting them to the online world. Unfortunately, severe
Navigating the Linux Kernel
2 - 4 min read
The Linux operating system, widely acclaimed for its robustness and security , recently received widespread media attention due to a significant
Staying a Step Ahead of Adversaries: Mitigating Chromium
2 - 4 min read
Google Chrome, one of the world's most widely used web browsers, has recently been scrutinized due to the discovery of multiple Chromium
Unmasking Cicada3301: Examining the Threat of the New Rust-Based Ransomware
2 - 4 min read
Ransomware has long been a severe threat to organizations and admins alike. Recently, cybersecurity researchers discovered a new variant called
Buffer Overflow Exploits in Linux: Origins, Impact, and Countermeasures
3 - 6 min read
Buffer overflow vulnerabilities have long been one of the biggest headaches in computer security, especially on Linux operating systems that power
8 Expert-Recommended Security Practices to Fortify Your Linux Systems
4 - 8 min read
As a Linux admin or an infosec professional, you understand how the security landscape changes due to evolving threats, newly discovered
Open Source Strategies for Enhancing Security in Digital Business Operations
5 - 9 min read
Digital transformation, powered by the principles of open-source security , is vital for businesses looking to excel in today's technology-driven
Microsoft Update Mayhem: Rescuing Linux Dual-Boot Systems from Secure Boot Woes
2 - 4 min read
Microsoft's recent patch, intended to strengthen Secure Boot defenses, has resulted in an unexpected setback for Linux-Windows dual-boot setups

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved