Oracle Linux Security Advisory ELSA-2024-1831

http://linux.oracle.com/errata/ELSA-2024-1831.html

The following updated rpms for Oracle Linux 6 Extended Lifecycle Support (ELS) have been uploaded to the Unbreakable Linux Network:

i386:
kernel-2.6.32-754.53.1.el6.i686.rpm
kernel-abi-whitelists-2.6.32-754.53.1.el6.noarch.rpm
kernel-debug-2.6.32-754.53.1.el6.i686.rpm
kernel-debug-devel-2.6.32-754.53.1.el6.i686.rpm
kernel-devel-2.6.32-754.53.1.el6.i686.rpm
kernel-doc-2.6.32-754.53.1.el6.noarch.rpm
kernel-firmware-2.6.32-754.53.1.el6.noarch.rpm
kernel-headers-2.6.32-754.53.1.el6.i686.rpm
perf-2.6.32-754.53.1.el6.i686.rpm
python-perf-2.6.32-754.53.1.el6.i686.rpm

x86_64:
kernel-2.6.32-754.53.1.el6.x86_64.rpm
kernel-abi-whitelists-2.6.32-754.53.1.el6.noarch.rpm
kernel-debug-2.6.32-754.53.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-754.53.1.el6.i686.rpm
kernel-debug-devel-2.6.32-754.53.1.el6.x86_64.rpm
kernel-devel-2.6.32-754.53.1.el6.x86_64.rpm
kernel-doc-2.6.32-754.53.1.el6.noarch.rpm
kernel-firmware-2.6.32-754.53.1.el6.noarch.rpm
kernel-headers-2.6.32-754.53.1.el6.x86_64.rpm
perf-2.6.32-754.53.1.el6.x86_64.rpm
python-perf-2.6.32-754.53.1.el6.x86_64.rpm



Related CVEs:

CVE-2023-3611
CVE-2023-3776
CVE-2023-4921
CVE-2023-31436




Description of changes:

[2.6.32-754.53.1.el6.OL6]
- net/sched: sch_qfq: refactor parsing of netlink parameters [Orabug: 36517546]
- net/sched: sch_qfq: account for stab overhead in qfq_enqueue {CVE-2023-3611} [Orabug: 36517546]
- net/sched: cls_fw: Fix improper refcount update leads to use-after-free {CVE-2023-3776} [Orabug: 36517546]
- net: sched: sch_qfq: Fix UAF in qfq_dequeue() {CVE-2023-4921} [Orabug: 36517546]
- net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg {CVE-2023-31436} [Orabug: 36517546]


_______________________________________________
El-errata mailing list
El-errata@oss.oracle.com
https://oss.oracle.com/mailman/listinfo/el-errata

Oracle6: ELSA-2024-1831: Extended Lifecycle Support (ELS) kernel Important Security Advisory Updates

The following updated rpms for Oracle Linux 6 Extended Lifecycle Support (ELS) have been uploaded to the Unbreakable Linux Network:

Summary

[2.6.32-754.53.1.el6.OL6] - net/sched: sch_qfq: refactor parsing of netlink parameters [Orabug: 36517546] - net/sched: sch_qfq: account for stab overhead in qfq_enqueue {CVE-2023-3611} [Orabug: 36517546] - net/sched: cls_fw: Fix improper refcount update leads to use-after-free {CVE-2023-3776} [Orabug: 36517546] - net: sched: sch_qfq: Fix UAF in qfq_dequeue() {CVE-2023-4921} [Orabug: 36517546] - net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg {CVE-2023-31436} [Orabug: 36517546]

SRPMs

x86_64

kernel-2.6.32-754.53.1.el6.x86_64.rpm kernel-abi-whitelists-2.6.32-754.53.1.el6.noarch.rpm kernel-debug-2.6.32-754.53.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-754.53.1.el6.i686.rpm kernel-debug-devel-2.6.32-754.53.1.el6.x86_64.rpm kernel-devel-2.6.32-754.53.1.el6.x86_64.rpm kernel-doc-2.6.32-754.53.1.el6.noarch.rpm kernel-firmware-2.6.32-754.53.1.el6.noarch.rpm kernel-headers-2.6.32-754.53.1.el6.x86_64.rpm perf-2.6.32-754.53.1.el6.x86_64.rpm python-perf-2.6.32-754.53.1.el6.x86_64.rpm

aarch64

i386

kernel-2.6.32-754.53.1.el6.i686.rpm kernel-abi-whitelists-2.6.32-754.53.1.el6.noarch.rpm kernel-debug-2.6.32-754.53.1.el6.i686.rpm kernel-debug-devel-2.6.32-754.53.1.el6.i686.rpm kernel-devel-2.6.32-754.53.1.el6.i686.rpm kernel-doc-2.6.32-754.53.1.el6.noarch.rpm kernel-firmware-2.6.32-754.53.1.el6.noarch.rpm kernel-headers-2.6.32-754.53.1.el6.i686.rpm perf-2.6.32-754.53.1.el6.i686.rpm python-perf-2.6.32-754.53.1.el6.i686.rpm

Severity
Related CVEs: CVE-2023-3611 CVE-2023-3776 CVE-2023-4921 CVE-2023-31436

Related News

22.Lock ScreenEffect Esm H320
2 - 3 min read
Red Hat recently released its newest enterprise Linux distro, Red Hat Enterprise Linux (RHEL) 9.4 , which introduces several features designed to
8.Locks HexConnections CodeGlobe Esm H320
1 - 2 min read
The latest release of Debian , one of the oldest and most trusted distributions within the Linux ecosystem, redefines security, stability, and
20.Lock AbstractDigital Circular Esm H320
1 - 2 min read
The Ubuntu security team has recently discovered and addressed multiple vulnerabilities in the Apache HTTP Server. The vulnerabilities affected
1.Penguin Landscape Esm H320
1 - 2 min read
A critical vulnerability was discovered in the Linux kernel's netfilter subsystem, specifically within the nf_tables component, posing potential
19.Laptop Bed Esm H320
2 - 3 min read
The release of Google Chrome 124 addresses four vulnerabilities, including a critical security flaw that can enable attackers to execute arbitrary
23.Tablet Connections Esm H320
2 - 3 min read
The release of Ubuntu 24.04 LTS , also known as Noble Numbat, brings various security enhancements and exciting new features . These improvements
4.Lock AbstractDigital Esm H320
2 - 3 min read
Tails 6.2 is a new Linux distribution release that expands its multilingual support and improves security features. The distribution is a
19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved