发布于3月6日3月6日 Members Oracle Linux: CVE-2023-1380: ELSA-2023-12688: Unbreakable Enterprise kernel security update (IMPORTANT) (Multiple Advisories) Severity 6 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:C) Published 03/27/2023 Created 08/02/2023 Added 08/01/2023 Modified 01/23/2025 Description A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel. This issue could occur when assoc_info->req_len data is bigger than the size of the buffer, defined as WL_EXTRA_BUF_MAX, leading to a denial of service. Solution(s) oracle-linux-upgrade-kernel-uek References https://attackerkb.com/topics/cve-2023-1380 CVE - 2023-1380 ELSA-2023-12688
