[Ksplice-Fedora-28-updates] New Ksplice updates for Fedora 28 (FEDORA-2018-d92fde52d7)
Oracle Ksplice
ksplice-support_ww at oracle.com
Thu Jul 12 07:51:51 PDT 2018
Synopsis: FEDORA-2018-d92fde52d7 can now be patched using Ksplice
CVEs: CVE-2018-10840 CVE-2018-1118 CVE-2018-11412 CVE-2018-12633
Systems running Fedora 28 can now use Ksplice to patch against the
latest Fedora kernel update, FEDORA-2018-d92fde52d7.
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack running Fedora 28
install these updates.
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.
Alternatively, you can install these updates by running:
# /usr/sbin/uptrack-upgrade -y
DESCRIPTION
* CVE-2018-10840: Denial-of-service when operating on ext4 filesystem.
Failure to sanitize input when creating extended attribute in an ext4
filesystem leads to kernel crash when removing the attribute. An
attacker can mount a maliciously crafted filesystem image and operate on
it to cause a denial-of-service.
* CVE-2018-1118: Information leak when creating a new message in vhost driver.
A missing initialization of a variable passed to user space when
creating a new message in vhost driver could lead to an information
leak. A local attacker could use this flaw to get information about
running kernel and facilitate an attack.
* Denial-of-service when registering a new binary type.
A logic error when registering a new binary type with a too big offset
could lead to an overflow. A local attacker could use this flaw to cause
a denial-of-service.
* Out-of-bounds access in Network Control Model communications driver.
A logic error when reserving space for a packet can result in an out of
bounds memory access, leading to memory corruption or a Kernel crash.
* Out-of-bounds memory access in simple network scheduler action driver.
A logic error when copying a string in the simple action network
scheduler driver can result in an out-of-bounds memory write, leading to
undefined behavior or a Kernel crash.
* Use-after-free in Transport Layer Security packet encryption.
A failure to handle a memory allocation failure during encryption of a
TLS packet can result in a use-after-free. A local user could use this
flaw to escalate privileges.
* CVE-2018-11412: Out-of-bounds memory access from ext4 inode inline data.
A logic error in ext4 can result in incorrectly interpreting inline
inode data as an extended attribute. A local user with the ability to
mount an ext4 filesystem could use this flaw to access Kernel memory.
* Denial-of-service in BTRFS invalid ioctl flag handling.
A failure to correctly manipulate a reference count in an error case can
result in the inability to unmount a BTRFS filesystem. A local user with
access to a BTRFS filesystem could use this flaw to cause a
denial-of-service.
* NULL pointer dereference in ALSA PCM stream attach.
A failure to correctly handle a memory allocation failure can result in
partial initialization of a PCM stream, leading to a subsequent NULL
pointer dereference.
* Use-after-free in Network Block Device unmount.
A logic error when unmounting a Network Block Device can result in the
access of freed memory, leading to a use-after-free. A local user with
the ability to mount or umount filesystems could use this flaw to
potentially escalate privileges.
* Soft lockup during block multiqueue free.
A logic error when freeing a queue in the block multiqueue
implementation can result in a soft lockup.
* Out-of-bounds memory access in iwlwifi firmware load.
A failure to validate a firmware image from userspace can result in an
out-of-bounds read or write of Kernel memory.
* CVE-2018-12633: Information disclosure in VirtualBox guest ioctl.
A failure to correctly validate information from userspace can result in
the out-of-bounds memory access, leading to information disclosure or
a Kernel crash. A local user could use this flaw to facilitate a further
attack.
SUPPORT
Ksplice support is available at ksplice-support_ww at oracle.com.
More information about the Ksplice-Fedora-28-Updates
mailing list