[Ksplice][Ubuntu-17.10-Updates] New Ksplice updates for Ubuntu 17.10 Artful (USN-3630-1)
Oracle Ksplice
ksplice-support_ww at oracle.com
Mon Apr 23 23:45:48 PDT 2018
Synopsis: USN-3630-1 can now be patched using Ksplice
CVEs: CVE-2017-5715 CVE-2018-8043
Systems running Ubuntu 17.10 Artful can now use Ksplice to patch
against the latest Ubuntu Security Notice, USN-3630-1.
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack running Ubuntu 17.10
Artful install these updates.
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.
Alternatively, you can install these updates by running:
# /usr/sbin/uptrack-upgrade -y
DESCRIPTION
* CVE-2018-8043: NULL pointer dereference when registering Broadcom UniMAC MDIO bus controller.
A missing check when registering Broadcom UniMAC MDIO bus controller
could lead to a NULL pointer dereference. A local attacker could use
this flaw to cause a denial-of-service.
* Improved fix for CVE-2017-5715: Denial-of-service when ptracing a process while AppArmor is running.
A logic error when ptracing a process from another process while
AppArmor is enabled could lead to a deadlock. A local
attacker could use this flaw to cause a denial-of-service.
* Improved fix for Spectre v2: Speculative execution when making indirect calls during emulation.
A missing use of indirect calls protection macro during emulation could
lead to speculative execution. A local attacker could use this flaw to
leak information about running system.
* Wrong TLB state after a CPU hotplug or a platform resume.
A missing initialization of TLB state after a CPU hotplug or a platform
resume could lead to TLB state corruption.
SUPPORT
Ksplice support is available at ksplice-support_ww at oracle.com.
More information about the Ksplice-Ubuntu-17.10-updates
mailing list