[Oraclevm-errata] OVMSA-2024-0002 Important: Oracle VM 3 Extended Lifecycle Support (ELS) Unbreakable Enterprise kernel security update
Errata Announcements for Oracle VM
oraclevm-errata at oss.oracle.com
Mon Mar 4 16:27:43 UTC 2024
Oracle VM Security Advisory OVMSA-2024-0002
The following updated rpms for Oracle VM 3 Extended Lifecycle Support (ELS) have been uploaded to the Unbreakable Linux Network:
x86_64:
kernel-uek-4.1.12-124.82.2.el6uek.x86_64.rpm
kernel-uek-firmware-4.1.12-124.82.2.el6uek.noarch.rpm
Related CVEs:
CVE-2020-26555
CVE-2021-33098
CVE-2023-1077
CVE-2023-42752
CVE-2023-4921
Description of changes:
[4.1.12-124.82.2.el6uek]
- Bluetooth: Reject connection with the device which has same BD_ADDR (Lee, Chun-Yi) [Orabug: 35959598] {CVE-2020-26555}
- sched/rt: pick_next_rt_entity(): check list_entry (Pietro Borrello) [Orabug: 35181560] {CVE-2023-1077}
- sched/debug: Fix SCHED_WARN_ON() to return a value on !CONFIG_SCHED_DEBUG as well (Ingo Molnar) [Orabug: 35181560]
- sched/debug: Add SCHED_WARN_ON() (Peter Zijlstra) [Orabug: 35181560]
[4.1.12-124.82.1.el6uek]
- igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU (Eric Dumazet) [Orabug: 35924002] {CVE-2023-42752}
- net: sched: sch_qfq: Fix UAF in qfq_dequeue() (valis) [Orabug: 35814457] {CVE-2023-4921}
- ixgbe: fix large MTU request from VF (Samasth Norway Ananda) [Orabug: 33752821] {CVE-2021-33098}
More information about the Oraclevm-errata
mailing list