ELSA-2023-12842 -- Oracle kernel-uekID: oval:org.secpod.oval:def:1507042 | Date: (C)2023-10-10 (M)2024-04-29 |
Class: PATCH | Family: unix |
[4.1.12-124.79.2] - net/sched: cls_route: No longer copy tcf_result on update to avoid use-after-free [Orabug: 35814273] {CVE-2023-4206} - net/sched: sch_qfq: account for stab overhead in qfq_enqueue [Orabug: 35636291] {CVE-2023-3611} - rds: Fix lack of reentrancy for connection reset with dst addr zero [Orabug: 35741584] [Orabug: 35818110] {CVE-2023-22024} [4.1.12-124.79.1] - xfrm: add NULL check in xfrm_update_ae_params [Orabug: 35754509] {CVE-2023-3772} - net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup [Orabug: 35732892] {CVE-2023-4459} - net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf [Orabug: 35732764] {CVE-2023-4387} - net/sched: cls_fw: Fix improper refcount update leads to use-after-free [Orabug: 35636313] {CVE-2023-3776} - netfilter: nf_tables: prevent OOB access in nft_byteorder_eval [Orabug: 35609787] {CVE-2023-35001} - ext4: fix use-after-free in ext4_xattr_set_entry [Orabug: 35382025] {CVE-2023-2513} - ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h [Orabug: 35382025] {CVE-2023-2513} - netfilter: nf_tables: stricter validation of element data [Orabug: 34362008] {CVE-2022-34918}