[Ksplice][EL8-Updates] New Ksplice updates for OL 8 and RHEL 8 (ELSA-2022-0825)

Oracle Ksplice quentin.casasnovas at oracle.com
Sat Mar 26 01:12:34 UTC 2022 

Synopsis: ELSA-2022-0825 can now be patched using Ksplice
CVEs: CVE-2021-0920 CVE-2021-4034 CVE-2021-4154 CVE-2022-0435 CVE-2022-0492 CVE-2022-0516 CVE-2022-0847 CVE-2022-22942

Systems running RHCK on Oracle Linux 8 and Red Hat Enterprise Linux 8
can now use Ksplice to patch against the latest Red Hat kernel update,
ELSA-2022-0825.
More information about this errata can be found at
https://linux.oracle.com/errata/ELSA-2022-0825.html

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running OL 8 and RHEL 8
install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* CVE-2021-4034: Privilege escalation in pkexec.

Incorrect input validation in the pkexec program (part of Polkit) allows
any local user to become root.


* Prepare Ksplice options for entry/common.c.




* Provide an interface to freeze tasks.




* CVE-2021-4154: Use-after-free in the cgroup parser.

A logic error in cgroup v1 parser assumes one of the input parameter's type in
fsconfig system call is always string but it could be a file descriptor that
leads to use-after-free. A local attacker could use this flaw to cause a
denial-of-service or escalate privileges.


* CVE-2021-0920: Privilege escalation in BSD Unix domain sockets.

Lack of synchonization in BSD Unix domain sockets module could result
in a use after free error. A local user could use this flaw to cause
denial-of-service or priviledges escalation.


* CVE-2022-22942: Use-after-free in VMware Virtual GPU driver.

Improper error handling flaw in VMware Virtual GPU driver could lead
to a stale entry to be left in the file descriptor table resulting in
use-after-free. Unprivileged, local users could use this flaw in order
to gain access to files opened by other processes on the system through
a dangling file pointer and cause information disclosure or privilege
escalation.


* CVE-2022-0492: Privilege escalation in Control Groups feature.

A missing capabilities check flaw in the Control Groups feature when
setting release_agent in the initial user namespace could result in
bypassing namespace isolation. A local user could use this flaw to
escalate privilege.


* Note: Oracle has determined that CVE-2022-0516 is not applicable.

The kernel is not affected by CVE-2022-0516 since the code under
consideration is not compiled.


* CVE-2022-0435: Denial-of-service in Transparent Inter-Process Communication protocol.

A buffer overflow flaw in The Transparent Inter-Process Communication
protocol could lead to crash in systems that have a TIPC bearer
configured. A remote attacker could use this flaw to cause a denial of
service.


* CVE-2022-0847: Privilege escalation in pipe buffers.

A flaw in the initialization of pipe buffers may allow reading of
stale data from the underlying page cache.  A local user could use
this flaw to write to read-only files or escelate privileges.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.

More information about the Ksplice-EL8-updates mailing list