[Oraclevm-errata] OVMSA-2023-0025 Important: Oracle VM 3 Extended Lifecycle Support (ELS) Unbreakable Enterprise kernel security update
Errata Announcements for Oracle VM
oraclevm-errata at oss.oracle.com
Mon Dec 11 15:56:59 UTC 2023
Oracle VM Security Advisory OVMSA-2023-0025
The following updated rpms for Oracle VM 3 Extended Lifecycle Support (ELS) have been uploaded to the Unbreakable Linux Network:
x86_64:
kernel-uek-4.1.12-124.81.2.el6uek.x86_64.rpm
kernel-uek-firmware-4.1.12-124.81.2.el6uek.noarch.rpm
Related CVEs:
CVE-2023-39193
CVE-2023-45862
CVE-2023-39192
CVE-2023-4207
Description of changes:
[4.1.12-124.81.2.el6uek]
- rebuild bumping release
[4.1.12-124.81.1.el6uek]
- netfilter: xt_sctp: validate the flag_info count (Wander Lairson Costa) [Orabug: 35923500] {CVE-2023-39193}
- USB: ene_usb6250: Allocate enough memory for full object (Kees Cook) [Orabug: 35924058] {CVE-2023-45862}
- netfilter: xt_u32: validate user space input (Wander Lairson Costa) [Orabug: 35923470] {CVE-2023-39192}
- net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-free (valis) [Orabug: 35707466] {CVE-2023-4207}
More information about the Oraclevm-errata
mailing list