Oracle Linux Security Advisory ELSA-2024-12606

http://linux.oracle.com/errata/ELSA-2024-12606.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-uek-doc-4.1.12-124.89.4.el7uek.noarch.rpm
kernel-uek-firmware-4.1.12-124.89.4.el7uek.noarch.rpm
kernel-uek-4.1.12-124.89.4.el7uek.x86_64.rpm
kernel-uek-devel-4.1.12-124.89.4.el7uek.x86_64.rpm
kernel-uek-debug-4.1.12-124.89.4.el7uek.x86_64.rpm
kernel-uek-debug-devel-4.1.12-124.89.4.el7uek.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//kernel-uek-4.1.12-124.89.4.el7uek.src.rpm

Related CVEs:

CVE-2021-46939
CVE-2021-47118
CVE-2021-47153
CVE-2021-47171
CVE-2021-47236
CVE-2021-47284
CVE-2021-47310
CVE-2021-47353
CVE-2021-47356
CVE-2022-48627
CVE-2023-52445
CVE-2023-52477
CVE-2023-52574
CVE-2023-52594
CVE-2023-52615
CVE-2023-52620
CVE-2023-52628
CVE-2023-52703
CVE-2023-52809
CVE-2023-52881
CVE-2023-6040
CVE-2024-26635
CVE-2024-26651
CVE-2024-26675
CVE-2024-26679
CVE-2024-26704
CVE-2024-26772
CVE-2024-26778
CVE-2024-26801
CVE-2024-26805
CVE-2024-26816
CVE-2024-26859
CVE-2024-26880
CVE-2024-26903
CVE-2024-35922
CVE-2024-35944
CVE-2024-35978
CVE-2024-35982
CVE-2024-36016
CVE-2024-36883
CVE-2024-36919
CVE-2024-36950
CVE-2024-36960




Description of changes:

[4.1.12-124.89.4.el7uek]
- isdn: mISDN: netjet: Fix crash in nj_probe: (Zheyu Ma)  [Orabug: 36940405]  {CVE-2021-47284}
- tracing: Restructure trace_clock_global() to never block (Steven Rostedt (VMware))  [Orabug: 36940388]  {CVE-2021-46939}
- udf: Fix NULL pointer dereference in udf_symlink function (Arturo Giusti)  [Orabug: 36806640]  {CVE-2021-47353}
- media: pvrusb2: fix use after free on context disconnection (Ricardo B. Marliere)  [Orabug: 36802294]  {CVE-2023-52445}
- vt: fix memory overlapping when deleting chars in the buffer (Yangxi Xiang)  [Orabug: 36802212]  {CVE-2022-48627}
- tty: n_gsm: fix possible out-of-bounds in gsm0_receive() (Daniel Starke)  [Orabug: 36678070]  {CVE-2024-36016}
- netfilter: nftables: exthdr: fix 4-byte stack OOB write (Florian Westphal)  [Orabug: 36654631]  {CVE-2023-52628}
- dm: call the resume method on internal suspend (Mikulas Patocka)  [Orabug: 36544879]  {CVE-2024-26880}
- net/bnx2x: Prevent access to a freed page in page_pool (Thinh Tran)  [Orabug: 36544783]  {CVE-2024-26859}
- x86, relocs: Ignore relocations in .notes section (Kees Cook)  [Orabug: 36531115]  {CVE-2024-26816}
- netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter (Ryosuke Yasuoka)  [Orabug: 36531057]  {CVE-2024-26805}
- fbdev: savage: Error out if pixclock equals zero (Fullway Wang)  [Orabug: 36530913]  {CVE-2024-26778}
- ext4: fix double-free of blocks due to wrong extents moved_len (Baokun Li)  [Orabug: 36530519]  {CVE-2024-26704}
- sr9800: Add check for usbnet_get_endpoints (Chen Ni)  [Orabug: 36530183]  {CVE-2024-26651}
- llc: Drop support for ETH_P_TR_802_2. (Kuniyuki Iwashima)  [Orabug: 36530047]  {CVE-2024-26635}
- netfilter: nf_tables: Reject tables of unsupported family (Phil Sutter)  [Orabug: 36192155]  {CVE-2023-6040}

[4.1.12-124.89.3.el7uek]
- wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus() (Minsuk Kang)  [Orabug: 36802321]  {CVE-2023-52594}
- batman-adv: Avoid infinite loop trying to resize local TT (Sven Eckelmann)  [Orabug: 36643464]  {CVE-2024-35982}
- Bluetooth: Fix memory leak in hci_req_sync_complete() (Dmitry Antipov)  [Orabug: 36643456]  {CVE-2024-35978}
- VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host() (Harshit Mogalapalli)  [Orabug: 36643323]  {CVE-2024-35944}
- fbmon: prevent division by zero in fb_videomode_from_videomode() (Roman Smirnov)  [Orabug: 36643194]  {CVE-2024-35922}

[4.1.12-124.89.2.el7uek]
- scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() (Wenchao Hao)  [Orabug: 36901390]  {CVE-2023-52809}
- net: usb: fix memory leak in smsc75xx_bind (Pavel Skripkin)  [Orabug: 36802200]  {CVE-2021-47171}
- i2c: i801: Don't generate an interrupt on bus reset (Jean Delvare)  [Orabug: 36792714]  {CVE-2021-47153}
- pid: take a reference when initializing cad_pid (Mark Rutland)  [Orabug: 36792687]  {CVE-2021-47118}
- drm/vmwgfx: Fix invalid reads in fence signaled events (Zack Rusin)  [Orabug: 36691531]  {CVE-2024-36960}
- firewire: ohci: mask bus reset interrupts between ISR and bottom half (Adam Goldman)  [Orabug: 36683507]  {CVE-2024-36950}
- scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload (Saurav Kashyap)  [Orabug: 36683370]  {CVE-2024-36919}
- net: fix out-of-bounds access in ops_init (Thadeu Lima de Souza Cascardo)  [Orabug: 36683115]  {CVE-2024-36883}
- netfilter: nf_tables: disallow timeout for anonymous sets (Pablo Neira Ayuso)  [Orabug: 36654625]  {CVE-2023-52620}
- team: fix null-ptr-deref when team device type is changed (Ziyang Xuan)  [Orabug: 36654606]  {CVE-2023-52574}

[4.1.12-124.89.1.el7uek]
- tcp: do not accept ACK of bytes we never sent (Eric Dumazet)  [Orabug: 36806731]  {CVE-2023-52881}
- net/usb: kalmia: Don't pass act_len in usb_bulk_msg error path (Miko Larsson)  [Orabug: 36806698]  {CVE-2023-52703}
- hwrng: core - Fix page fault dead lock on mmap-ed hwrng (Herbert Xu)  [Orabug: 36806668]  {CVE-2023-52615}
- mISDN: fix possible use-after-free in HFC_cleanup() (Zou Wei)  [Orabug: 36806645]  {CVE-2021-47356}
- net: ti: fix UAF in tlan_remove_one (Pavel Skripkin)  [Orabug: 36806628]  {CVE-2021-47310}
- net: cdc_eem: fix tx fixup skb leak (Linyu Yuan)  [Orabug: 36806622]  {CVE-2021-47236}
- usb: hub: Guard against accesses to uninitialized BOS descriptors (Ricardo Cañuelo)  [Orabug: 36802300]  {CVE-2023-52477}
- USB: add quirk for devices with broken LPM (Alan Stern)  [Orabug: 36802300]  {CVE-2023-52477}
- Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security (Yuxuan Hu)  [Orabug: 36544991]  {CVE-2024-26903}
- Bluetooth: Avoid potential use-after-free in hci_error_reset (Ying Hsu)  [Orabug: 36531042]  {CVE-2024-26801}
- ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() (Baokun Li)  [Orabug: 36530881]  {CVE-2024-26772}
- inet: read sk->sk_family once in inet_recv_error() (Eric Dumazet)  [Orabug: 36530348]  {CVE-2024-26679}
- ppp_async: limit MRU to 64K (Eric Dumazet)  [Orabug: 36530335]  {CVE-2024-26675}


_______________________________________________
El-errata mailing list
El-errata@oss.oracle.com
https://oss.oracle.com/mailman/listinfo/el-errata

Oracle7: ELSA-2024-12606: kernel Important Security Advisory Updates

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

Summary

[4.1.12-124.89.4.el7uek] - isdn: mISDN: netjet: Fix crash in nj_probe: (Zheyu Ma) [Orabug: 36940405] {CVE-2021-47284} - tracing: Restructure trace_clock_global() to never block (Steven Rostedt (VMware)) [Orabug: 36940388] {CVE-2021-46939} - udf: Fix NULL pointer dereference in udf_symlink function (Arturo Giusti) [Orabug: 36806640] {CVE-2021-47353} - media: pvrusb2: fix use after free on context disconnection (Ricardo B. Marliere) [Orabug: 36802294] {CVE-2023-52445} - vt: fix memory overlapping when deleting chars in the buffer (Yangxi Xiang) [Orabug: 36802212] {CVE-2022-48627} - tty: n_gsm: fix possible out-of-bounds in gsm0_receive() (Daniel Starke) [Orabug: 36678070] {CVE-2024-36016} - netfilter: nftables: exthdr: fix 4-byte stack OOB write (Florian Westphal) [Orabug: 36654631] {CVE-2023-52628} - dm: call the resume method on internal suspend (Mikulas Patocka) [Orabug: 36544879] {CVE-2024-26880} - net/bnx2x: Prevent access to a freed page in page_pool (Thinh Tran) [Orabug: 36544783] {CVE-2024-26859} - x86, relocs: Ignore relocations in .notes section (Kees Cook) [Orabug: 36531115] {CVE-2024-26816} - netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter (Ryosuke Yasuoka) [Orabug: 36531057] {CVE-2024-26805} - fbdev: savage: Error out if pixclock equals zero (Fullway Wang) [Orabug: 36530913] {CVE-2024-26778} - ext4: fix double-free of blocks due to wrong extents moved_len (Baokun Li) [Orabug: 36530519] {CVE-2024-26704} - sr9800: Add check for usbnet_get_endpoints (Chen Ni) [Orabug: 36530183] {CVE-2024-26651} - llc: Drop support for ETH_P_TR_802_2. (Kuniyuki Iwashima) [Orabug: 36530047] {CVE-2024-26635} - netfilter: nf_tables: Reject tables of unsupported family (Phil Sutter) [Orabug: 36192155] {CVE-2023-6040} [4.1.12-124.89.3.el7uek] - wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus() (Minsuk Kang) [Orabug: 36802321] {CVE-2023-52594} - batman-adv: Avoid infinite loop trying to resize local TT (Sven Eckelmann) [Orabug: 36643464] {CVE-2024-35982} - Bluetooth: Fix memory leak in hci_req_sync_complete() (Dmitry Antipov) [Orabug: 36643456] {CVE-2024-35978} - VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host() (Harshit Mogalapalli) [Orabug: 36643323] {CVE-2024-35944} - fbmon: prevent division by zero in fb_videomode_from_videomode() (Roman Smirnov) [Orabug: 36643194] {CVE-2024-35922} [4.1.12-124.89.2.el7uek] - scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() (Wenchao Hao) [Orabug: 36901390] {CVE-2023-52809} - net: usb: fix memory leak in smsc75xx_bind (Pavel Skripkin) [Orabug: 36802200] {CVE-2021-47171} - i2c: i801: Don't generate an interrupt on bus reset (Jean Delvare) [Orabug: 36792714] {CVE-2021-47153} - pid: take a reference when initializing cad_pid (Mark Rutland) [Orabug: 36792687] {CVE-2021-47118} - drm/vmwgfx: Fix invalid reads in fence signaled events (Zack Rusin) [Orabug: 36691531] {CVE-2024-36960} - firewire: ohci: mask bus reset interrupts between ISR and bottom half (Adam Goldman) [Orabug: 36683507] {CVE-2024-36950} - scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload (Saurav Kashyap) [Orabug: 36683370] {CVE-2024-36919} - net: fix out-of-bounds access in ops_init (Thadeu Lima de Souza Cascardo) [Orabug: 36683115] {CVE-2024-36883} - netfilter: nf_tables: disallow timeout for anonymous sets (Pablo Neira Ayuso) [Orabug: 36654625] {CVE-2023-52620} - team: fix null-ptr-deref when team device type is changed (Ziyang Xuan) [Orabug: 36654606] {CVE-2023-52574} [4.1.12-124.89.1.el7uek] - tcp: do not accept ACK of bytes we never sent (Eric Dumazet) [Orabug: 36806731] {CVE-2023-52881} - net/usb: kalmia: Don't pass act_len in usb_bulk_msg error path (Miko Larsson) [Orabug: 36806698] {CVE-2023-52703} - hwrng: core - Fix page fault dead lock on mmap-ed hwrng (Herbert Xu) [Orabug: 36806668] {CVE-2023-52615} - mISDN: fix possible use-after-free in HFC_cleanup() (Zou Wei) [Orabug: 36806645] {CVE-2021-47356} - net: ti: fix UAF in tlan_remove_one (Pavel Skripkin) [Orabug: 36806628] {CVE-2021-47310} - net: cdc_eem: fix tx fixup skb leak (Linyu Yuan) [Orabug: 36806622] {CVE-2021-47236} - usb: hub: Guard against accesses to uninitialized BOS descriptors (Ricardo Cañuelo) [Orabug: 36802300] {CVE-2023-52477} - USB: add quirk for devices with broken LPM (Alan Stern) [Orabug: 36802300] {CVE-2023-52477} - Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security (Yuxuan Hu) [Orabug: 36544991] {CVE-2024-26903} - Bluetooth: Avoid potential use-after-free in hci_error_reset (Ying Hsu) [Orabug: 36531042] {CVE-2024-26801} - ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() (Baokun Li) [Orabug: 36530881] {CVE-2024-26772} - inet: read sk->sk_family once in inet_recv_error() (Eric Dumazet) [Orabug: 36530348] {CVE-2024-26679} - ppp_async: limit MRU to 64K (Eric Dumazet) [Orabug: 36530335] {CVE-2024-26675}

SRPMs

http://oss.oracle.com/ol7/SRPMS-updates//kernel-uek-4.1.12-124.89.4.el7uek.src.rpm

x86_64

kernel-uek-doc-4.1.12-124.89.4.el7uek.noarch.rpm kernel-uek-firmware-4.1.12-124.89.4.el7uek.noarch.rpm kernel-uek-4.1.12-124.89.4.el7uek.x86_64.rpm kernel-uek-devel-4.1.12-124.89.4.el7uek.x86_64.rpm kernel-uek-debug-4.1.12-124.89.4.el7uek.x86_64.rpm kernel-uek-debug-devel-4.1.12-124.89.4.el7uek.x86_64.rpm

aarch64

i386

Severity
Related CVEs: CVE-2021-46939 CVE-2021-47118 CVE-2021-47153 CVE-2021-47171 CVE-2021-47236 CVE-2021-47284 CVE-2021-47310 CVE-2021-47353 CVE-2021-47356 CVE-2022-48627 CVE-2023-52445 CVE-2023-52477 CVE-2023-52574 CVE-2023-52594 CVE-2023-52615 CVE-2023-52620 CVE-2023-52628 CVE-2023-52703 CVE-2023-52809 CVE-2023-52881 CVE-2023-6040 CVE-2024-26635 CVE-2024-26651 CVE-2024-26675 CVE-2024-26679 CVE-2024-26704 CVE-2024-26772 CVE-2024-26778 CVE-2024-26801 CVE-2024-26805 CVE-2024-26816 CVE-2024-26859 CVE-2024-26880 CVE-2024-26903 CVE-2024-35922 CVE-2024-35944 CVE-2024-35978 CVE-2024-35982 CVE-2024-36016 CVE-2024-36883 CVE-2024-36919 CVE-2024-36950 CVE-2024-36960

Related News

CISA Sounds Alarm on Newly Exploited Vulnerabilities: Is Your System at Risk?
3 - 5 min read
CISA regularly publishes updates regarding vulnerabilities that present severe threats to global cybersecurity. Recently, CISA added three
Defending Against Remote Code Execution in Google Chrome: A Critical Update
2 - 3 min read
Google Chrome, a widely used web browser, serves millions of internet users by connecting them to the online world. Unfortunately, severe
Fighting Back Against Hadooken Malware by Strengthening WebLogic Security
2 - 4 min read
Cybercriminals have been relentlessly attacking the digital landscape, aiming to exploit vulnerabilities in well-known systems. One such exploit is
Navigating the Linux Kernel
2 - 4 min read
The Linux operating system, widely acclaimed for its robustness and security , recently received widespread media attention due to a significant
Staying a Step Ahead of Adversaries: Mitigating Chromium
2 - 4 min read
Google Chrome, one of the world's most widely used web browsers, has recently been scrutinized due to the discovery of multiple Chromium
Unmasking Cicada3301: Examining the Threat of the New Rust-Based Ransomware
2 - 4 min read
Ransomware has long been a severe threat to organizations and admins alike. Recently, cybersecurity researchers discovered a new variant called
Buffer Overflow Exploits in Linux: Origins, Impact, and Countermeasures
3 - 6 min read
Buffer overflow vulnerabilities have long been one of the biggest headaches in computer security, especially on Linux operating systems that power
8 Expert-Recommended Security Practices to Fortify Your Linux Systems
4 - 8 min read
As a Linux admin or an infosec professional, you understand how the security landscape changes due to evolving threats, newly discovered

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved