Oracle alert ELSA-2024-12851 (kernel)
| From: | Errata Announcements for Oracle Linux via El-errata <el-errata@oss.oracle.com> | |
| To: | el-errata@oss.oracle.com | |
| Subject: | [El-errata] ELSA-2024-12851 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update | |
| Date: | Thu, 05 Dec 2024 05:45:21 -0800 | |
| Message-ID: | <mailman.7.1733406329.246.el-errata@oss.oracle.com> |
Oracle Linux Security Advisory ELSA-2024-12851 http://linux.oracle.com/errata/ELSA-2024-12851.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: kernel-uek-doc-4.1.12-124.92.3.el7uek.noarch.rpm kernel-uek-firmware-4.1.12-124.92.3.el7uek.noarch.rpm kernel-uek-4.1.12-124.92.3.el7uek.x86_64.rpm kernel-uek-devel-4.1.12-124.92.3.el7uek.x86_64.rpm kernel-uek-debug-4.1.12-124.92.3.el7uek.x86_64.rpm kernel-uek-debug-devel-4.1.12-124.92.3.el7uek.x86_64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates//kernel-uek-4.1.1... Related CVEs: CVE-2024-26894 CVE-2024-26898 CVE-2024-26973 CVE-2024-27059 CVE-2024-27436 CVE-2024-38560 CVE-2024-38599 CVE-2024-39475 CVE-2024-39487 CVE-2024-39499 CVE-2024-40904 CVE-2024-40912 CVE-2024-40943 CVE-2024-42101 CVE-2024-42148 CVE-2024-45008 CVE-2024-45021 Description of changes: [4.1.12-124.92.3.el7uek] - memcg_write_event_control(): fix a user-triggerable oops (Al Viro) [Orabug: 37070674] {CVE-2024-45021} - ocfs2: fix races between hole punching and AIO+DIO (Su Yue) [Orabug: 36835819] {CVE-2024-40943} [4.1.12-124.92.2.el7uek] - fbdev: savage: Handle err return when savagefb_check_var failed (Cai Xinchen) [Orabug: 36984058] {CVE-2024-39475} - bnx2x: Fix multiple UBSAN array-index-out-of-bounds (Ghadi Elie Rahme) [Orabug: 36897888] {CVE-2024-42148} - vmci: prevent speculation leaks by sanitizing event in event_deliver() (Hagar Gamal Halim Hemdan) [Orabug: 36835584] {CVE-2024-39499} - aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts (Chun-Yi Lee) [Orabug: 36544953] {CVE-2024-26898} [4.1.12-124.92.1.el7uek] - Input: MT - limit max slots (Tetsuo Handa) [Orabug: 37029139] {CVE-2024-45008} - drm/nouveau: fix null pointer dereference in nouveau_connector_get_modes (Ma Ke) [Orabug: 36897642] {CVE-2024-42101} - wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup() (Remi Pommarel) [Orabug: 36835737] {CVE-2024-40912} - USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages (Alan Stern) [Orabug: 36835711] {CVE-2024-40904} - bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set() (Sam Sun) [Orabug: 36825250] {CVE-2024-39487} - jffs2: prevent xattr node from overflowing the eraseblock (Ilya Denisyev) [Orabug: 36753653] {CVE-2024-38599} - scsi: bfa: Ensure the copied buf is NUL terminated (Bui Quang Minh) [Orabug: 36753475] {CVE-2024-38560} - ALSA: usb-audio: Stop parsing channels bits when all channels are found. (Johan Carlsson) [Orabug: 36642150] {CVE-2024-27436} - USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command (Alan Stern) [Orabug: 36598221] {CVE-2024-27059} - fat: fix uninitialized field in nostale filehandles (Jan Kara) [Orabug: 36597870] {CVE-2024-26973} - ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit() (Armin Wolf) [Orabug: 36544941] {CVE-2024-26894} _______________________________________________ El-errata mailing list El-errata@oss.oracle.com https://oss.oracle.com/mailman/listinfo/el-errata