[Ksplice-Fedora-29-updates] New Ksplice updates for Fedora 29 (FEDORA-2019-3dbfaeac73)

[Oracle Ksplice]

Synopsis: FEDORA-2019-3dbfaeac73 can now be patched using Ksplice
CVEs: CVE-2019-13631 CVE-2019-14283 CVE-2019-14284

Systems running Fedora 29 can now use Ksplice to patch against the
latest Fedora kernel update, FEDORA-2019-3dbfaeac73.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running Fedora 29
install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* NULL pointer dereference when using IPSec XFRM cryptography-offload acceleration with non-IPsec hardware.

A missing check when using IPSec XFRM cryptography-offload acceleration
with non-IPsec hardware could lead to a NULL pointer dereference. A
local attacker could use this flaw to cause a denial-of-service.


* Permissions bypass in device firmware loading.

A logic error when filtering firmware load requests through an LSM or
IMA policy could incorrectly allow loading of firmware.  A local
privileged user could use this flaw to load malicious firmware into a
device.


* CVE-2019-14284: Denial-of-service in floppy disk formatting.

A division by zero in the setup_format_params function for the floppy
disk driver could result in a kernel crash.  A local user with access to
the floppy disk device could use this flaw to crash the system.


* CVE-2019-14283: Denial-of-service in floppy disk geometry setting during insertion.

Missing input validation in the floppy disk geometry setting calls could
allow a malicious local user with access to the floppy device to cause
an out-of-bounds access either crashing the system or leaking the
contents of kernel memory.


* XSA-300: Denial-of-service in Xen memory ballooning.

A logic error in the Xen memory balloon device driver could result in
exhaustion of resources or crashes of the backend device drivers
resulting in IO stalls or guest failures.  A local privileged user could
use this flaw to cause a denial of service.


* CVE-2019-13631: Denial-of-service in GTCO CalComp/InterWrite tablet.

Missing range checks could allow an out-of-bounds stack memory write
when parsing USB descriptors.  A physically present user could use a
malicious device to trigger an out-of-bounds access leading to a kernel
crash.


* Denial-of-service in DesignWare 8250 serial port PCI mapping.

Incorrect resource mapping could result in failure to map an IO region
leading to a NULL pointer dereference and kernel crash after removing
and reattaching an 8250 serial port.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.