[Ksplice][Debian 9.0 Updates] New Ksplice updates for Debian 9.0 Stretch (DLA-2494-1)
Oracle Ksplice
ksplice-support_ww at oracle.com
Wed Dec 23 07:04:40 PST 2020
Synopsis: DLA-2494-1 can now be patched using Ksplice
CVEs: CVE-2020-0427 CVE-2020-14351 CVE-2020-25645 CVE-2020-25656 CVE-2020-25668 CVE-2020-25669 CVE-2020-25704 CVE-2020-25705 CVE-2020-27673 CVE-2020-27675 CVE-2020-28974 CVE-2020-8694
Systems running Debian 9.0 Stretch can now use Ksplice to patch
against the latest Debian kernel update, DLA-2494-1.
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack running Debian 9.0
Stretch install these updates.
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.
Alternatively, you can install these updates by running:
# /usr/sbin/uptrack-upgrade -y
DESCRIPTION
* CVE-2020-27675: Race condition when reconfiguring para-virtualized Xen devices.
An event-channel removal when reconfiguring paravirtualized devices may cause a
race condition leading to a null pointer dereference. A local attacker could use
this flaw to cause a denial-of-service on a dom0.
* CVE-2020-14351: Privilege escalation in perf subsystem due to use-after-free.
A flaw in the perf subsystem could lead to a use-after-free memory
error. This flaw could allow a local attacker with permission to monitor
perf events to corrupt memory and possibly escalate privileges.
* CVE-2020-25668: Race condition when sending ioctls to a virtual terminal.
A race condition can possibly occur when sending ioctls to a tty device may
cause a use-after-free. A local attacker may use this to cause memory
corruption or a denial-of-service.
* CVE-2020-25656: Use-after-free in console subsystem.
Specific ioctls sent to the console subsystem could lead to a use-after-free.
A local attacker could use this flaw to read confidential data.
* CVE-2020-25705: ICMP rate-limiter can indirectly leak UDP port information.
The predictability of the rate at which ICMP messages are rate-limited
can be used by attackers to effectively scan for open UDP ports on a
remote system.
* CVE-2020-28974: Invalid memory access when manipulating framebuffer fonts.
A logic error when manipulating framebuffer console fonts may cause an
out-of-bounds memory read. A local attacker could use this flaw to read
privileged information or potentially cause a denial-of-service.
* CVE-2020-8694: Platypus Attack Mitigation.
A side-channel attack utilizing the Intel RAPL subsystem driver may
cause an information leak. This may allow an unprivileged user to
view confidential data.
* CVE-2020-25645: Possible information leak between encrypted geneve endpoints.
A logic error may end up inadvertently transmitting data between two
geneve endpoints unencrypted. This may allow unintended parties to view
confidential network data.
* Note: Oracle will not provide a rebootless update for CVE-2020-27673.
Oracle has determined that patching this vulnerability live on a running system
would not be safe and is recommending to reboot the vulnerable hosts. Only Xen
dom0 hosts running untrusted VMs are affected by this vulnerability.
* Note: Oracle will not provide an update for CVE-2020-0427.
This security issue doesn't impact x86.
* CVE-2020-25704: Denial-of-service in the performance monitoring subsystem.
A possible memory leak when setting performance monitoring filter could lead to
kernel memory exhaustion. A local attacker could use this flaw to cause a
denial-of-service.
* CVE-2020-25669: Use-after-free in Sun Type 4 and Type 5 keyboard driver.
A logic error in Sun Type 4 and Type 5 keyboard driver could lead to a
use-after-free. A local attacker could use this flaw to cause a
denial-of- service.
* Add ftrace safety guard for existing Ksplice updates.
Ftrace is generally incompatible with Ksplice's patching process; it must
be disabled when patches are applied. Prevent crashes in patching due to
functions under active ftrace while patching.
* Clean up ftrace safety guard for existing Ksplice updates.
Ftrace is generally incompatible with Ksplice's patching process; it must
be disabled when patches are applied. Prevent crashes in patching due to
functions under active ftrace while patching.
SUPPORT
Ksplice support is available at ksplice-support_ww at oracle.com.
More information about the Ksplice-Debian-9.0-Updates
mailing list