Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 0 articles for you...
217
security advisorykernel updatesecurity fixOracle Linux 6 ELSA-2024-12714: Important Kernel Security Update
The following updated rpms for Oracle Linux 6 Extended Lifecycle Support (ELS) have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2024-12714 http://linux.oracle.com/errata/ELSA-2024-12714.html The following updated rpms for Oracle Linux 6 Extended Lifecycle Support (ELS) have been uploaded to the Unbreakable Linux Network: x86_64: kernel-uek-doc-4.1.12-124.90.3.1.el6uek.noarch.rpm kernel-uek-firmware-4.1.12-124.90.3.1.el6uek.noarch.rpm kernel-uek-4.1.12-124.90.3.1.el6uek.x86_64.rpm kernel-uek-devel-4.1.12-124.90.3.1.el6uek.x86_64.rpm kernel-uek-debug-4.1.12-124.90.3.1.el6uek.x86_64.rpm kernel-uek-debug-devel-4.1.12-124.90.3.1.el6uek.x86_64.rpm Description of changes: [4.1.12-124.90.3.1.el6uek] - vhost/scsi: null-ptr-dereference in vhost_scsi_get_req() (Haoran Zhang) [Orabug: 37132352] _______________________________________________ El-errata mailing list
Oct 07, 2024
•Important
Oracle
217
security advisoryupdate informationsecurity issuesOracle Linux 6 ELSA-2024-12606 Important Kernel Security Advisory
The following updated rpms for Oracle Linux 6 Extended Lifecycle Support (ELS) have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2024-12606 http://linux.oracle.com/errata/ELSA-2024-12606.html The following updated rpms for Oracle Linux 6 Extended Lifecycle Support (ELS) have been uploaded to the Unbreakable Linux Network: x86_64: kernel-uek-doc-4.1.12-124.89.4.el6uek.noarch.rpm kernel-uek-firmware-4.1.12-124.89.4.el6uek.noarch.rpm kernel-uek-4.1.12-124.89.4.el6uek.x86_64.rpm kernel-uek-devel-4.1.12-124.89.4.el6uek.x86_64.rpm kernel-uek-debug-4.1.12-124.89.4.el6uek.x86_64.rpm kernel-uek-debug-devel-4.1.12-124.89.4.el6uek.x86_64.rpm Related CVEs: CVE-2021-46939 CVE-2021-47118 CVE-2021-47153 CVE-2021-47171 CVE-2021-47236 CVE-2021-47284 CVE-2021-47310 CVE-2021-47353 CVE-2021-47356 CVE-2022-48627 CVE-2023-52445 CVE-2023-52477 CVE-2023-52574 CVE-2023-52594 CVE-2023-52615 CVE-2023-52620 CVE-2023-52628 CVE-2023-52703 CVE-2023-52809 CVE-2023-52881 CVE-2023-6040 CVE-2024-26635 CVE-2024-26651 CVE-2024-26675 CVE-2024-26679 CVE-2024-26704 CVE-2024-26772 CVE-2024-26778 CVE-2024-26801 CVE-2024-26805 CVE-2024-26816 CVE-2024-26859 CVE-2024-26880 CVE-2024-26903 CVE-2024-35922 CVE-2024-35944 CVE-2024-35978 CVE-2024-35982 CVE-2024-36016 CVE-2024-36883 CVE-2024-36919 CVE-2024-36950 CVE-2024-36960 Description of changes: [4.1.12-124.89.4.el6uek] - isdn: mISDN: netjet: Fix crash in nj_probe: (Zheyu Ma) [Orabug: 36940405] {CVE-2021-47284} - tracing: Restructure trace_clock_global() to never block (Steven Rostedt (VMware)) [Orabug: 36940388] {CVE-2021-46939} - udf: Fix NULL pointer dereference in udf_symlink function (Arturo Giusti) [Orabug: 36806640] {CVE-2021-47353} - media: pvrusb2: fix use after free on context disconnection (Ricardo B. Marliere) [Orabug: 36802294] {CVE-2023-52445} - vt: fix memory overlapping when deleting chars in the buffer (Yangxi Xiang) [Orabug: 36802212] {CVE-2022-48627} - tty: n_gsm: fix possible out-of-bounds in gsm0_receive() (Daniel Starke) [Orabug: 36678070] {CVE-2024-36016} - netfilter: nftables: exthdr: fix 4-byte stack OOB write (Florian Westphal) [Orabug: 36654631] {CVE-2023-52628} - dm: call the resume method on internal suspend (Mikulas Patocka) [Orabug: 36544879] {CVE-2024-26880} - net/bnx2x: Prevent access to a freed page in page_pool (Thinh Tran) [Orabug: 36544783] {CVE-2024-26859} - x86, relocs: Ignore relocations in .notes section (Kees Cook) [Orabug: 36531115] {CVE-2024-26816} - netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter (Ryosuke Yasuoka) [Orabug: 36531057] {CVE-2024-26805} - fbdev: savage: Error out if pixclock equals zero (Fullway Wang) [Orabug: 36530913] {CVE-2024-26778} - ext4: fix double-free of blocks due to wrong extents moved_len (Baokun Li) [Orabug: 36530519] {CVE-2024-26704} - sr9800: Add check for usbnet_get_endpoints (Chen Ni) [Orabug: 36530183] {CVE-2024-26651} - llc: Drop support for ETH_P_TR_802_2. (Kuniyuki Iwashima) [Orabug: 36530047] {CVE-2024-26635} - netfilter: nf_tables: Reject tables of unsupported family (Phil Sutter) [Orabug: 36192155] {CVE-2023-6040} [4.1.12-124.89.3.el6uek] - wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus() (Minsuk Kang) [Orabug: 36802321] {CVE-2023-52594} - batman-adv: Avoid infinite loop trying to resize local TT (Sven Eckelmann) [Orabug: 36643464] {CVE-2024-35982} - Bluetooth: Fix memory leak in hci_req_sync_complete() (Dmitry Antipov) [Orabug: 36643456] {CVE-2024-35978} - VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host() (Harshit Mogalapalli) [Orabug: 36643323] {CVE-2024-35944} - fbmon: prevent division by zero in fb_videomode_from_videomode() (Roman Smirnov) [Orabug: 36643194] {CVE-2024-35922} [4.1.12-124.89.2.el6uek] - scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() (Wenchao Hao) [Orabug: 36901390] {CVE-2023-52809} - net: usb: fix memory leak in smsc75xx_bind (Pavel Skripkin) [Orabug: 36802200] {CVE-2021-47171} - i2c: i801: Don't generate an interrupt on busreset (Jean Delvare) [Orabug: 36792714] {CVE-2021-47153} - pid: take a reference when initializing cad_pid (Mark Rutland) [Orabug: 36792687] {CVE-2021-47118} - drm/vmwgfx: Fix invalid reads in fence signaled events (Zack Rusin) [Orabug: 36691531] {CVE-2024-36960} - firewire: ohci: mask bus reset interrupts between ISR and bottom half (Adam Goldman) [Orabug: 36683507] {CVE-2024-36950} - scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload (Saurav Kashyap) [Orabug: 36683370] {CVE-2024-36919} - net: fix out-of-bounds access in ops_init (Thadeu Lima de Souza Cascardo) [Orabug: 36683115] {CVE-2024-36883} - netfilter: nf_tables: disallow timeout for anonymous sets (Pablo Neira Ayuso) [Orabug: 36654625] {CVE-2023-52620} - team: fix null-ptr-deref when team device type is changed (Ziyang Xuan) [Orabug: 36654606] {CVE-2023-52574} [4.1.12-124.89.1.el6uek] - tcp: do not accept ACK of bytes we never sent (Eric Dumazet) [Orabug: 36806731] {CVE-2023-52881} - net/usb: kalmia: Don't pass act_len in usb_bulk_msg error path (Miko Larsson) [Orabug: 36806698] {CVE-2023-52703} - hwrng: core - Fix page fault dead lock on mmap-ed hwrng (Herbert Xu) [Orabug: 36806668] {CVE-2023-52615} - mISDN: fix possible use-after-free in HFC_cleanup() (Zou Wei) [Orabug: 36806645] {CVE-2021-47356} - net: ti: fix UAF in tlan_remove_one (Pavel Skripkin) [Orabug: 36806628] {CVE-2021-47310} - net: cdc_eem: fix tx fixup skb leak (Linyu Yuan) [Orabug: 36806622] {CVE-2021-47236} - usb: hub: Guard against accesses to uninitialized BOS descriptors (Ricardo Cañuelo) [Orabug: 36802300] {CVE-2023-52477} - USB: add quirk for devices with broken LPM (Alan Stern) [Orabug: 36802300] {CVE-2023-52477} - Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security (Yuxuan Hu) [Orabug: 36544991] {CVE-2024-26903} - Bluetooth: Avoid potential use-after-free in hci_error_reset (Ying Hsu) [Orabug: 36531042] {CVE-2024-26801} - ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() (Baokun Li) [Orabug: 36530881] {CVE-2024-26772} - inet: read sk-> sk_family once in inet_recv_error() (Eric Dumazet) [Orabug: 36530348] {CVE-2024-26679} - ppp_async: limit MRU to 64K (Eric Dumazet) [Orabug: 36530335] {CVE-2024-26675} _______________________________________________ El-errata mailing list
Sep 04, 2024
•Important
Oracle
217
security advisorykernel updatesecurity fixOracle Linux 6 ELSA-2024-12193 Critical Kernel Update Details
The following updated rpms for Oracle Linux 6 Extended Lifecycle Support (ELS) have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2024-12193 https://linux.oracle.com/errata/ELSA-2024-12193.html The following updated rpms for Oracle Linux 6 Extended Lifecycle Support (ELS) have been uploaded to the Unbreakable Linux Network: x86_64: kernel-uek-doc-4.1.12-124.83.2.el6uek.noarch.rpm kernel-uek-firmware-4.1.12-124.83.2.el6uek.noarch.rpm kernel-uek-4.1.12-124.83.2.el6uek.x86_64.rpm kernel-uek-devel-4.1.12-124.83.2.el6uek.x86_64.rpm kernel-uek-debug-4.1.12-124.83.2.el6uek.x86_64.rpm kernel-uek-debug-devel-4.1.12-124.83.2.el6uek.x86_64.rpm Related CVEs: CVE-2021-34981 CVE-2022-48619 CVE-2023-51780 CVE-2023-7192 CVE-2024-0775 Description of changes: [4.1.12-124.83.2.el6uek] - Input: add bounds checking to input_set_capability() (Jeff LaBundy) [Orabug: 36192120] {CVE-2022-48619} - netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() (Hangyu Hua) [Orabug: 36155598] {CVE-2023-7192} [4.1.12-124.83.1.el6uek] - ext4: improve error recovery code paths in __ext4_remount() (Theodore Ts'o) [Orabug: 36229451] {CVE-2024-0775} - atm: Fix Use-After-Free in do_vcc_ioctl (Hyunwoo Kim) [Orabug: 36229396] {CVE-2023-51780} - Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails (Thadeu Lima de Souza Cascardo) [Orabug: 36229182] {CVE-2021-34981} _______________________________________________ El-errata mailing list
Mar 04, 2024
•Critical
Oracle
217
security advisorymoderateupdateOracle Linux 6 ELSA-2024-12110 Kernel Update with Moderate Severity
The following updated rpms for Oracle Linux 6 Extended Lifecycle Support (ELS) have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2024-12110 https://linux.oracle.com/errata/ELSA-2024-12110.html The following updated rpms for Oracle Linux 6 Extended Lifecycle Support (ELS) have been uploaded to the Unbreakable Linux Network: x86_64: kernel-uek-doc-4.1.12-124.82.2.el6uek.noarch.rpm kernel-uek-firmware-4.1.12-124.82.2.el6uek.noarch.rpm kernel-uek-4.1.12-124.82.2.el6uek.x86_64.rpm kernel-uek-devel-4.1.12-124.82.2.el6uek.x86_64.rpm kernel-uek-debug-4.1.12-124.82.2.el6uek.x86_64.rpm kernel-uek-debug-devel-4.1.12-124.82.2.el6uek.x86_64.rpm Related CVEs: CVE-2020-26555 CVE-2021-33098 CVE-2023-1077 CVE-2023-42752 CVE-2023-4921 Description of changes: [4.1.12-124.82.2.el6uek] - Bluetooth: Reject connection with the device which has same BD_ADDR (Lee, Chun-Yi) [Orabug: 35959598] {CVE-2020-26555} - sched/rt: pick_next_rt_entity(): check list_entry (Pietro Borrello) [Orabug: 35181560] {CVE-2023-1077} - sched/debug: Fix SCHED_WARN_ON() to return a value on !CONFIG_SCHED_DEBUG as well (Ingo Molnar) [Orabug: 35181560] - sched/debug: Add SCHED_WARN_ON() (Peter Zijlstra) [Orabug: 35181560] [4.1.12-124.82.1.el6uek] - igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU (Eric Dumazet) [Orabug: 35924002] {CVE-2023-42752} - net: sched: sch_qfq: Fix UAF in qfq_dequeue() (valis) [Orabug: 35814457] {CVE-2023-4921} - ixgbe: fix large MTU request from VF (Samasth Norway Ananda) [Orabug: 33752821] {CVE-2021-33098} _______________________________________________ El-errata mailing list
Feb 05, 2024
Oracle
217
security advisorycriticalsecurity fixOracle Linux 6 ELSA-2023-12970 Critical: Kernel Security Fixes
The following updated rpms for Oracle Linux 6 Extended Lifecycle Support (ELS) have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2023-12970 https://linux.oracle.com/errata/ELSA-2023-12970.html The following updated rpms for Oracle Linux 6 Extended Lifecycle Support (ELS) have been uploaded to the Unbreakable Linux Network: x86_64: kernel-uek-doc-4.1.12-124.80.1.el6uek.noarch.rpm kernel-uek-firmware-4.1.12-124.80.1.el6uek.noarch.rpm kernel-uek-4.1.12-124.80.1.el6uek.x86_64.rpm kernel-uek-devel-4.1.12-124.80.1.el6uek.x86_64.rpm kernel-uek-debug-4.1.12-124.80.1.el6uek.x86_64.rpm kernel-uek-debug-devel-4.1.12-124.80.1.el6uek.x86_64.rpm Related CVEs: CVE-2023-40283 CVE-2023-4208 Description of changes: [4.1.12-124.80.1.el6uek] - Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb (Sungwoo Kim) [Orabug: 35814478] {CVE-2023-40283} - net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free (valis) [Orabug: 35814297] {CVE-2023-4208} - RDMA/core: net: fix kernel NULL error (Zhu Yanjun) [Orabug: 35723252] _______________________________________________ El-errata mailing list
Nov 06, 2023
•Critical
Oracle
217
security advisorycriticalsecurity patchOracle Linux 6: ELSA-2023-12104 Critical: krb5 Integer Overflow
The following updated rpms for Oracle Linux 6 Extended Lifecycle Support (ELS) have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2023-12104 https://linux.oracle.com/errata/ELSA-2023-12104.html The following updated rpms for Oracle Linux 6 Extended Lifecycle Support (ELS) have been uploaded to the Unbreakable Linux Network: krb5-devel-1.10.3-65.0.1.el6.i686.rpm krb5-libs-1.10.3-65.0.1.el6.i686.rpm krb5-pkinit-openssl-1.10.3-65.0.1.el6.i686.rpm krb5-server-1.10.3-65.0.1.el6.i686.rpm krb5-server-ldap-1.10.3-65.0.1.el6.i686.rpm krb5-workstation-1.10.3-65.0.1.el6.i686.rpm libkadm5-1.10.3-65.0.1.el6.i686.rpm x86_64: krb5-devel-1.10.3-65.0.1.el6.i686.rpm krb5-devel-1.10.3-65.0.1.el6.x86_64.rpm krb5-libs-1.10.3-65.0.1.el6.i686.rpm krb5-libs-1.10.3-65.0.1.el6.x86_64.rpm krb5-pkinit-openssl-1.10.3-65.0.1.el6.x86_64.rpm krb5-server-1.10.3-65.0.1.el6.x86_64.rpm krb5-server-ldap-1.10.3-65.0.1.el6.i686.rpm krb5-server-ldap-1.10.3-65.0.1.el6.x86_64.rpm krb5-workstation-1.10.3-65.0.1.el6.x86_64.rpm libkadm5-1.10.3-65.0.1.el6.i686.rpm libkadm5-1.10.3-65.0.1.el6.x86_64.rpm Related CVEs: CVE-2022-42898 Description of changes: [1.10.3-65.0.1] - Fix integer overflows in PAC parsing (CVE-2022-42898) [Orabug: 34843511] _______________________________________________ El-errata mailing list
Feb 09, 2023
•Critical
Oracle
217
security advisorysecurity issuekernel updateOracle Linux 6 ELSA-2022-9761 Important: Kernel Security Fixes
The following updated rpms for Oracle Linux 6 Extended Lifecycle Support (ELS) have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2022-9761 https://linux.oracle.com/errata/ELSA-2022-9761.html The following updated rpms for Oracle Linux 6 Extended Lifecycle Support (ELS) have been uploaded to the Unbreakable Linux Network: x86_64: kernel-uek-doc-4.1.12-124.66.3.el6uek.noarch.rpm kernel-uek-firmware-4.1.12-124.66.3.el6uek.noarch.rpm kernel-uek-4.1.12-124.66.3.el6uek.x86_64.rpm kernel-uek-devel-4.1.12-124.66.3.el6uek.x86_64.rpm kernel-uek-debug-4.1.12-124.66.3.el6uek.x86_64.rpm kernel-uek-debug-devel-4.1.12-124.66.3.el6uek.x86_64.rpm Related CVEs: CVE-2022-1011 CVE-2021-33656 CVE-2021-33655 CVE-2022-21546 CVE-2019-9213 CVE-2020-36516 CVE-2020-36557 CVE-2020-36558 CVE-2022-2588 Description of changes: [4.1.12-124.66.3.el6uek] - fuse: fix pipe buffer lifetime for direct_io (Miklos Szeredi) [Orabug: 33981149] {CVE-2022-1011} - vt: drop old FONT ioctls (Jiri Slaby) [Orabug: 34408794] {CVE-2021-33656} - video: of_display_timing.h: include errno.h (Hsin-Yi Wang) [Orabug: 34408910] {CVE-2021-33655} - fbcon: Disallow setting font bigger than screen size (Helge Deller) [Orabug: 34408910] {CVE-2021-33655} - scsi: target: Fix WRITE_SAME No Data Buffer crash (Mike Christie) [Orabug: 34419974] {CVE-2022-21546} - scsi/eh: fix hang adding ehandler wakeups after decrementing host_busy (Gulam Mohamed) [Orabug: 33349684] [Orabug: 34492498] [4.1.12-124.66.2.el6uek] - mm: enforce min addr even if capable() in expand_downwards() (Jann Horn) [Orabug: 29501997] {CVE-2019-9213} - ACPICA: Reference Counts: increase max to 0x4000 for large servers (Erik Schmauss) - ipv4: tcp: send zero IPID in SYNACK messages (Eric Dumazet) [Orabug: 33917058] {CVE-2020-36516} - ipv4: Cache net in ip_build_and_send_pkt and ip_queue_xmit (Eric W. Biederman) [Orabug: 33917058] {CVE-2020-36516} - ipv4: igmp: guard against silly MTU values (Eric Dumazet) [Orabug: 33917058] {CVE-2020-36516} - inet: constify ip_dont_fragment() arguments (Eric Dumazet) [Orabug: 33917058] {CVE-2020-36516} - ip: constify ip_build_and_send_pkt() socket argument (Eric Dumazet) [Orabug: 33917058] {CVE-2020-36516} - vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console (Eric Biggers) [Orabug: 34433461] {CVE-2020-36557} - vt: vt_ioctl: fix race in VT_RESIZEX (Eric Dumazet) [Orabug: 34433476] {CVE-2020-36558} - VT_RESIZEX: get rid of field-by-field copyin (Al Viro) [Orabug: 34433476] - net_sched: cls_route: remove from list when handle is 0 (Thadeu Lima de Souza Cascardo) [Orabug: 34460939] [Orabug: 34484730] {CVE-2022-2588} [4.1.12-124.66.1.el6uek] - net: fix uninit-value in __hw_addr_add_ex() (Eric Dumazet) [Orabug: 34395887] - mac80211: silence an uninitialized variable warning (Dan Carpenter) [Orabug: 34396283] _______________________________________________ El-errata mailing list
Sep 06, 2022
•Important
Oracle
217
security advisorycriticalremote code executionOracle Linux 6: ELSA-2022-9056 Critical Log4j Remote Code Execution Update
The following updated rpms for Oracle Linux 6 Extended Lifecycle Support (ELS) have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2022-9056 https://linux.oracle.com/errata/ELSA-2022-9056.html The following updated rpms for Oracle Linux 6 Extended Lifecycle Support (ELS) have been uploaded to the Unbreakable Linux Network: i386: log4j-1.2.14-6.4.1.el6_10.i686.rpm log4j-javadoc-1.2.14-6.4.1.el6_10.i686.rpm log4j-manual-1.2.14-6.4.1.el6_10.i686.rpm x86_64: log4j-1.2.14-6.4.1.el6_10.x86_64.rpm log4j-javadoc-1.2.14-6.4.1.el6_10.x86_64.rpm log4j-manual-1.2.14-6.4.1.el6_10.x86_64.rpm Related CVEs: CVE-2021-4104 Description of changes: [0:1.2.14-6.4.1] - Fix remote code execution vulnerability - Resolves: CVE-2021-4104 [Orabug: 33689748] _______________________________________________ El-errata mailing list
Jan 28, 2022
•Critical
Oracle
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!