OUTSOURCED CYBERSECURITY SUPPORT AND MANAGED SERVICES

Vulnerability & Exploit Database

Vulnerabilities and exploits collected over reliable resources for security professionals and researchers to review

Oracle Linux: (CVE-2020-25668) (Multiple Advisories): Unbreakable Enterprise kernel security update

Severity:
4
CVSS:
(AV:L/AC:M/Au:N/C:P/I:P/A:P)
Published:
11/14/2020
Created:
12/16/2020
Added:
12/15/2020
Modified:
01/08/2020

Description:

[4.1.12-124.46.3] - mwifiex: fix possible heap overflow in mwifiex_process_country_ie() (Ganapathi Bhat) [Orabug: 30781859] {CVE-2019-14895} {CVE-2019-14895} - ext4: fix ext4_empty_dir() for directories with holes (Jan Kara) [Orabug: 31265320] {CVE-2019-19037} {CVE-2019-19037} - netlabel: cope with NULL catmap (Paolo Abeni) [Orabug: 31350493] {CVE-2020-10711} - scsi: mptfusion: Fix double fetch bug in ioctl (Dan Carpenter) [Orabug: 31350941] {CVE-2020-12652} - scsi: mptfusion: Add bounds check in mptctl_hp_targetinfo() (Dan Carpenter) [Orabug: 31350941] {CVE-2020-12652} - USB: core: Fix free-while-in-use bug in the USB S-Glibrary (Alan Stern) [Orabug: 31350967] {CVE-2020-12464} - drivers: usb: core: Minimize irq disabling in usb_sg_cancel() (David Mosberger) [Orabug: 31350967] {CVE-2020-12464} - drivers: usb: core: Don't disable irqs in usb_sg_wait() during URB submit. (David Mosberger) [Orabug: 31350967] {CVE-2020-12464} - ext4: work around deleting a file with i_nlink == 0 safely (Theodore Ts'o) [Orabug: 31351014] {CVE-2019-19447} - xen/events: avoid removing an event channel while handling it (Juergen Gross) [Orabug: 31984319] - xen: fix GCC warning and remove duplicate EVTCHN_ROW/EVTCHN_COL usage (Josh Abraham) [Orabug: 31984319] - ext4: fix fencepost in s_first_meta_bg validation (Theodore Ts'o) [Orabug: 32197511] - dm crypt: Allow unaligned bio buffer lengths for skcipher devices (Sudhakar Panneerselvam) [Orabug: 32202000] - sched/fair: Don't free p->numa_faults with concurrent readers (Jann Horn) [Orabug: 32212524] {CVE-2019-20934} - netfilter: nf_conntrack_h323: lost .data_len definition for Q.931/ipv6 (Vasily Averin) [Orabug: 32222844] {CVE-2020-14305} - perf/core: Fix race in the perf_mmap_close() function (Jiri Olsa) [Orabug: 32233360] {CVE-2020-14351} - ext4: fix calculation of meta_bg descriptor backups (Andy Leiserson) [Orabug: 32245133] [4.1.12-124.46.2] - ocfs2: initialize ip_next_orphan (Wengang Wang) [Orabug: 31780626] - Fonts: Support FONT_EXTRA_WORDS macros for built-in fonts (Peilin Ye) [Orabug: 32176264] {CVE-2020-28915} - fbdev, newport_con: Move FONT_EXTRA_WORDS macros into linux/font.h (Peilin Ye) [Orabug: 32176264] {CVE-2020-28915} - page_frag: Recover from memory pressure (Dongli Zhang) [Orabug: 32177993] - vt: Disable KD_FONT_OP_COPY (Daniel Vetter) [Orabug: 32187749] {CVE-2020-28974} - block: Fix use-after-free in blkdev_get() (Jason Yan) [Orabug: 32194609] {CVE-2020-15436} - icmp: randomize the global rate limiter (Eric Dumazet) [Orabug: 32227971] {CVE-2020-25705} [4.1.12-124.46.1] - KVM: x86: minor code refactor and comments fixup around dirty logging (Anthony Yznaga) [Orabug: 31722767] - KVM: x86: Manually flush collapsible SPTEs only when toggling flags (Sean Christopherson) [Orabug: 31722767] - KVM: x86: avoid unnecessary rmap walks when creating/moving slots (Anthony Yznaga) [Orabug: 31722767] - KVM: x86: remove unnecessary rmap walk of read-only memslots (Anthony Yznaga) [Orabug: 31722767] - xfs: catch inode allocation state mismatch corruption (Gautham Ananthakrishna) [Orabug: 32071488] - tty: make FONTX ioctl use the tty pointer they were actually passed (Linus Torvalds) [Orabug: 32122731] {CVE-2020-25668} - IB/mlx4: Adjust delayed work when a dup is observed (Hakon Bugge) [Orabug: 32136900] - IB/mlx4: Add support for REJ due to timeout (Hakon Bugge) [Orabug: 32136900] - IB/mlx4: Fix starvation in paravirt mux/demux (Hakon Bugge) [Orabug: 32136900] - IB/mlx4: Separate tunnel and wire bufs parameters (Hakon Bugge) [Orabug: 32136900] - IB/mlx4: Add support for MRA (Hakon Bugge) [Orabug: 32136900] - IB/mlx4: Add and improve logging (Hakon Bugge) [Orabug: 32136900]'

Solution(s)


  • oracle-linux-upgrade-kernel-uek
  • oracle-linux-upgrade-kernel-uek-debug
  • oracle-linux-upgrade-kernel-uek-debug-devel
  • oracle-linux-upgrade-kernel-uek-devel
  • oracle-linux-upgrade-kernel-uek-doc
  • oracle-linux-upgrade-kernel-uek-firmware
  • oracle-linux-upgrade-kernel-uek-headers
  • oracle-linux-upgrade-kernel-uek-tools
  • oracle-linux-upgrade-kernel-uek-tools-libs
  • oracle-linux-upgrade-kernel-uek-tools-libs-devel
  • oracle-linux-upgrade-perf
  • oracle-linux-upgrade-python-perf

Reference(s)

WHAT WE DO

OTHER SERVICES

Consulting Services

We help your team successfully protect your company within your budget.

LEARN MORE

Application Security Services

Achieve more-secure applications, compliant environments, and safer systems development with streamlined and repeatable processes.

LEARN MORE

Data Security Services

Protectyour critical data across multiple environments, meet privacy regulations and simplify operational complexity.

LEARN MORE

Cloud Security Testing Services

Identify cloud vulnerabilities that tools alone cannot find.

LEARN MORE

Security Risk Services

Secure your operations and respond to threats with accuracy and speed.

LEARN MORE

Cloud Security Monitoring Services

Real-time threat detection across your cloud deployments.

LEARN MORE