[Ksplice][Ubuntu-17.10-Updates] New Ksplice updates for Ubuntu 17.10 Artful (4.13.0-46.51)

Mon Jul 2 11:07:12 PDT 2018

Synopsis: 4.13.0-46.51 can now be patched using Ksplice
CVEs: CVE-2018-1130 CVE-2018-11508 CVE-2018-5750 CVE-2018-5803 CVE-2018-6927 CVE-2018-7755 CVE-2018-7757

Systems running Ubuntu 17.10 Artful can now use Ksplice to patch
against the latest Ubuntu kernel update, 4.13.0-46.51.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running Ubuntu 17.10
Artful install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y

DESCRIPTION

* CVE-2018-5750: Information leak when registering ACPI Smart Battery System driver.

A too verbose printk when registering ACPI Smart Battery System driver
leaks kernel addresses. A local attacker could use this flaw to
leak information about running kernel and facilitate an attack.

* CVE-2018-5803: Denial-of-service when receiving forged packet over SCTP socket.

A missing check when receiving a forged packet with custom properties
over SCTP socket could lead to a kernel assert. A remote attacker could
use this flaw to cause a denial-of-service.

* CVE-2018-6927: Integer overflow when re queuing a futex.

A missing check when calling futex system call with "requeue" option could
lead to an integer overflow. A local attacker could use this flaw to
cause a denial-of-service.

* CVE-2018-7757: Memory leak when reading invalid_dword_count attribute of SAS Domain Transport driver.

A missing free when reading invalid_dword_count attribute of SAS Domain
Transport driver could lead to a memory leak. A local attacker could use
this flaw to exhaust kernel memory and cause a denial-of-service.

* CVE-2018-1130: Denial-of-service in DCCP message send.

A logic error in the dccp code could lead to a NULL pointer dereference
when transmitting messages, leading to a kernel panic.  An attacker could
use this to cause a denial-of-service.

* CVE-2018-11508: Information disclosure in 32-bit timex syscall.

A failure to correctly initialize memory can result in a leak of
sensitive Kernel memory to userspace. A local user could use this flaw
to facilitate a further attack.

* CVE-2018-7755: Information leak through floppy disk driver ioctl.

A logic error when using floppy disk driver ioctl could lead to a kernel
address leak.  A local attacker could use this flaw to get address of
running kernel and facilitate an attack.

* Denial-of-service while reading files using filesystem caching.

A race condition when reading files using filesystem caching could lead
to a kernel assert. A local attacker could use this flaw to cause a
denial-of-service.

* Denial-of-service when registering a new binary type.

A logic error when registering a new binary type with a too big offset
could lead to an overflow. A local attacker could use this flaw to cause
a denial-of-service.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.