From quentin.casasnovas at oracle.com Thu Aug 24 19:00:34 2023 From: quentin.casasnovas at oracle.com (Oracle Ksplice) Date: Thu, 24 Aug 2023 19:00:34 +0000 Subject: [Ksplice][EL6-Updates] New Ksplice updates for OL 6, RHEL 6, CentOS 6, and Scientific Linux 6 (ELSA-2023-1822) Message-ID: <5cc4c7e155e0179229c0fb64fecbf1eb.apache@ksplice.com> Synopsis: ELSA-2023-1822 can now be patched using Ksplice CVEs: CVE-2020-0466 CVE-2021-1048 CVE-2022-4378 Systems running RHCK on Oracle Linux 6, Red Hat Enterprise Linux 6, CentOS 6, and Scientific Linux 6 can now use Ksplice to patch against the latest Red Hat kernel update, ELSA-2023-1822. More information about this errata can be found at https://linux.oracle.com/errata/ELSA-2023-1822.html INSTALLING THE UPDATES We recommend that all users of Ksplice Uptrack running OL 6, RHEL 6, CentOS 6, and Scientific Linux 6 install these updates. On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf, these updates will be installed automatically and you do not need to take any action. Alternatively, you can install these updates by running: # /usr/sbin/uptrack-upgrade -y DESCRIPTION * CVE-2022-4378: Privilege escalation in the proc filesystem. Incorrect bounds checking and an integer overflow in the proc filesystem could lead to out-of-bounds memory writes. An unprivileged user could use this flaw to cause a denial-of-service or elevate privileges. * Denial-of-service in InfiniBand driver due to an incorrect locking. An incorrect locking algorithm in InfiniBand driver leads to a deadlock under certain conditions. A local user can use this flaw to cause denial-of-service. * Improved update to CVE-2020-0466, CVE-2021-1048: Use-after-free in epoll subsystem. Improper reference counting in the epoll subsystem could lead to a use-after-free when file descriptors are concurrently removed from an epoll instance. An unprivileged user could use this flaw to cause a denial-of-service or escalate privileges. SUPPORT Ksplice support is available at ksplice-support_ww at oracle.com.