[Ksplice][EL8-Updates] New Ksplice updates for OL 8 and RHEL 8 (ELSA-2022-0825)
Oracle Ksplice
quentin.casasnovas at oracle.com
Sat Mar 26 01:12:34 UTC 2022
Synopsis: ELSA-2022-0825 can now be patched using Ksplice
CVEs: CVE-2021-0920 CVE-2021-4034 CVE-2021-4154 CVE-2022-0435 CVE-2022-0492 CVE-2022-0516 CVE-2022-0847 CVE-2022-22942
Systems running RHCK on Oracle Linux 8 and Red Hat Enterprise Linux 8
can now use Ksplice to patch against the latest Red Hat kernel update,
ELSA-2022-0825.
More information about this errata can be found at
https://linux.oracle.com/errata/ELSA-2022-0825.html
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack running OL 8 and RHEL 8
install these updates.
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.
Alternatively, you can install these updates by running:
# /usr/sbin/uptrack-upgrade -y
DESCRIPTION
* CVE-2021-4034: Privilege escalation in pkexec.
Incorrect input validation in the pkexec program (part of Polkit) allows
any local user to become root.
* Prepare Ksplice options for entry/common.c.
* Provide an interface to freeze tasks.
* CVE-2021-4154: Use-after-free in the cgroup parser.
A logic error in cgroup v1 parser assumes one of the input parameter's type in
fsconfig system call is always string but it could be a file descriptor that
leads to use-after-free. A local attacker could use this flaw to cause a
denial-of-service or escalate privileges.
* CVE-2021-0920: Privilege escalation in BSD Unix domain sockets.
Lack of synchonization in BSD Unix domain sockets module could result
in a use after free error. A local user could use this flaw to cause
denial-of-service or priviledges escalation.
* CVE-2022-22942: Use-after-free in VMware Virtual GPU driver.
Improper error handling flaw in VMware Virtual GPU driver could lead
to a stale entry to be left in the file descriptor table resulting in
use-after-free. Unprivileged, local users could use this flaw in order
to gain access to files opened by other processes on the system through
a dangling file pointer and cause information disclosure or privilege
escalation.
* CVE-2022-0492: Privilege escalation in Control Groups feature.
A missing capabilities check flaw in the Control Groups feature when
setting release_agent in the initial user namespace could result in
bypassing namespace isolation. A local user could use this flaw to
escalate privilege.
* Note: Oracle has determined that CVE-2022-0516 is not applicable.
The kernel is not affected by CVE-2022-0516 since the code under
consideration is not compiled.
* CVE-2022-0435: Denial-of-service in Transparent Inter-Process Communication protocol.
A buffer overflow flaw in The Transparent Inter-Process Communication
protocol could lead to crash in systems that have a TIPC bearer
configured. A remote attacker could use this flaw to cause a denial of
service.
* CVE-2022-0847: Privilege escalation in pipe buffers.
A flaw in the initialization of pipe buffers may allow reading of
stale data from the underlying page cache. A local user could use
this flaw to write to read-only files or escelate privileges.
SUPPORT
Ksplice support is available at ksplice-support_ww at oracle.com.
More information about the Ksplice-EL8-updates
mailing list