SecPod SCAP Repo, a repository of SCAP Content (CVE, CCE, CPE, CWE, OVAL and XCCDF)

Download | Alert*

OVAL

ELSA-2021-9459 -- Oracle kernel-uek

ID: oval:org.secpod.oval:def:1505597	Date: (C)2022-05-02 (M)2024-04-29
Class: PATCH	Family: unix

[4.1.12-124.54.6.1] - fs/namespace.c: fix mountpoint reference counter race [Orabug: 33369433] {CVE-2020-12114} {CVE-2020-12114} - btrfs: only search for left_info if there is no right_info in try_merge_free_space [Orabug: 33369414] {CVE-2019-19448} {CVE-2019-19448} - cfg80211: wext: avoid copying malformed SSIDs [Orabug: 33369390] {CVE-2019-17133} - vhost_net: fix possible infinite loop [Orabug: 33369374] {CVE-2019-3900} {CVE-2019-3900} - vhost: introduce vhost_exceeds_weight [Orabug: 33369374] {CVE-2019-3900} - vhost_net: introduce vhost_exceeds_weight [Orabug: 33369374] {CVE-2019-3900} - vhost_net: use packet weight for rx handler, too [Orabug: 33369374] {CVE-2019-3900} - vhost-net: set packet weight of tx polling to 2 * vq size [Orabug: 33369374] {CVE-2019-3900} - mac80211: extend protection against mixed key and fragment cache attacks [Orabug: 33369361] {CVE-2020-24586} {CVE-2020-26139} {CVE-2020-24587} {CVE-2020-24588} {CVE-2020-26139} {CVE-2020-26140} {CVE-2020-26141} {CVE-2020-26142} {CVE-2020-26143} {CVE-2020-26144} {CVE-2020-26145} {CVE-2020-26146} {CVE-2020-26147} {CVE-2020-24586} {CVE-2020-24587} - mac80211: do not accept/forward invalid EAPOL frames [Orabug: 33369361] {CVE-2020-24586} {CVE-2020-26139} {CVE-2020-24587} {CVE-2020-24588} {CVE-2020-26139} {CVE-2020-26140} {CVE-2020-26141} {CVE-2020-26142} {CVE-2020-26143} {CVE-2020-26144} {CVE-2020-26145} {CVE-2020-26146} {CVE-2020-26147} - mac80211: prevent attacks on TKIP/WEP as well [Orabug: 33369361] {CVE-2020-24586} {CVE-2020-26139} {CVE-2020-24587} {CVE-2020-24588} {CVE-2020-26139} {CVE-2020-26140} {CVE-2020-26141} {CVE-2020-26142} {CVE-2020-26143} {CVE-2020-26144} {CVE-2020-26145} {CVE-2020-26146} {CVE-2020-26147} - mac80211: check defrag PN against current frame [Orabug: 33369361] {CVE-2020-24586} {CVE-2020-26139} {CVE-2020-24587} {CVE-2020-24588} {CVE-2020-26139} {CVE-2020-26140} {CVE-2020-26141} {CVE-2020-26142} {CVE-2020-26143} {CVE-2020-26144} {CVE-2020-26145} {CVE-2020-26146} {CVE-2020-26147} - mac80211: add fragment cache to sta_info [Orabug: 33369361] {CVE-2020-24586} {CVE-2020-26139} {CVE-2020-24587} {CVE-2020-24588} {CVE-2020-26139} {CVE-2020-26140} {CVE-2020-26141} {CVE-2020-26142} {CVE-2020-26143} {CVE-2020-26144} {CVE-2020-26145} {CVE-2020-26146} {CVE-2020-26147} - mac80211: drop A-MSDUs on old ciphers [Orabug: 33369361] {CVE-2020-24586} {CVE-2020-26139} {CVE-2020-24587} {CVE-2020-24588} {CVE-2020-26139} {CVE-2020-26140} {CVE-2020-26141} {CVE-2020-26142} {CVE-2020-26143} {CVE-2020-26144} {CVE-2020-26145} {CVE-2020-26146} {CVE-2020-26147} {CVE-2020-24588} - cfg80211: mitigate A-MSDU aggregation attacks [Orabug: 33369361] {CVE-2020-24586} {CVE-2020-26139} {CVE-2020-24587} {CVE-2020-24588} {CVE-2020-26139} {CVE-2020-26140} {CVE-2020-26141} {CVE-2020-26142} {CVE-2020-26143} {CVE-2020-26144} {CVE-2020-26145} {CVE-2020-26146} {CVE-2020-26147} {CVE-2020-24588} - mac80211: properly handle A-MSDUs that start with an RFC 1042 header [Orabug: 33369361] {CVE-2020-24586} {CVE-2020-26139} {CVE-2020-24587} {CVE-2020-24588} {CVE-2020-26139} {CVE-2020-26140} {CVE-2020-26141} {CVE-2020-26142} {CVE-2020-26143} {CVE-2020-26144} {CVE-2020-26145} {CVE-2020-26146} {CVE-2020-26147} - mac80211: prevent mixed key and fragment cache attacks [Orabug: 33369361] {CVE-2020-24586} {CVE-2020-26139} {CVE-2020-24587} {CVE-2020-24588} {CVE-2020-26139} {CVE-2020-26140} {CVE-2020-26141} {CVE-2020-26142} {CVE-2020-26143} {CVE-2020-26144} {CVE-2020-26145} {CVE-2020-26146} {CVE-2020-26147} {CVE-2020-24587} {CVE-2020-24586} - mac80211: assure all fragments are encrypted [Orabug: 33369361] {CVE-2020-24586} {CVE-2020-26139} {CVE-2020-24587} {CVE-2020-24588} {CVE-2020-26139} {CVE-2020-26140} {CVE-2020-26141} {CVE-2020-26142} {CVE-2020-26143} {CVE-2020-26144} {CVE-2020-26145} {CVE-2020-26146} {CVE-2020-26147} {CVE-2020-26147} - sctp: validate from_addr_param return [Orabug: 33369303] {CVE-2021-3655} - virtio_console: Assure used length from device is limited [Orabug: 33369276] {CVE-2021-38160} - net_sched: cls_route: remove the right filter from hashtable [Orabug: 33369231] {CVE-2021-3715} - HID: make arrays usage and value to be the same [Orabug: 33369121] {CVE-2021-0512} - ext4: fix race writing to an inline_data file while its xattrs are changing [Orabug: 33369043] {CVE-2021-40490}

Platform:

Oracle Linux 6

Product:

kernel-uek

Reference: