[Ksplice][Ubuntu-18.04-Updates] New Ksplice updates for Ubuntu 18.04 Bionic (USN-4578-1)

Thu Oct 29 23:21:19 PDT 2020

Synopsis: USN-4578-1 can now be patched using Ksplice
CVEs: CVE-2018-10322 CVE-2019-19448 CVE-2020-14314 CVE-2020-16119 CVE-2020-16120 CVE-2020-25212

Systems running Ubuntu 18.04 Bionic can now use Ksplice to patch
against the latest Ubuntu Security Notice, USN-4578-1.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running Ubuntu 18.04
Bionic install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y

DESCRIPTION

* CVE-2020-25212: Out-of-bounds writes in RPC operations of Network File System.

Out-of-bounds writes in RPC operations of Network File System
could cause a system crash. This flaw could allow a local user
to crash the system and cause a denial-of-service or potentially
escalating their privileges on the system.

* CVE-2019-19448: Use-after-free in Btrfs filesystem with a crafted btrfs filesystem image.

Mounting a crafted btrfs filesystem image, performing some operations
and making syncfs system call could lead to a use-after-free in Btrfs
filesystem. A local user with physical access to the system and
a malicious device could use this flaw to cause a system crash or
execution of arbitrary code on the system.

* Network traffic leak from i40e Virtual Functions.

Improper hanlding of certain capability flags can allow a trusted i40e
virtual function with unicast promiscuous mode set to listen to traffic
transmitted by other virtual functions.  This could allow sensitive
transmitted data to be examined by the trusted VF.

* CVE-2020-14314: Denial-of-service in ext4 file system due to a broken indexing.

A memory out-of-bounds reads could happen in ext4 file system due to
a broken indexing. This flaw could allow a local user to crash the
system and cause a denial-of-service.

* Memory corruption in key material handling of Marvell WiFi-Ex Driver.

An out-of-bounds write could happen in 802.11 key material handling
of Marvell WiFi-Ex Driver when a badly formatted network packet arrives
on the network interface. A remote attacker could use this flaw to
cause a denial-of-service or code execution.

* CVE-2018-10322: NULL pointer dereference when mounting crafted XFS image.

Untrusted input from an XFS image was not validated properly before being
used, leading to an invalid pointer dereference.  A local, privileged user
with the ability to mount XFS images could use this flaw to cause a
denial-of-service.

* CVE-2020-16120: Read permission bypass with overlay filesystem.

A logic error in the overlay filesystem may cause the kernel to not properly
perform all required permission checks. A local attacker could use this to
bypass intended access restrictions.

* CVE-2020-16119: Use-after-free when reusing a DCCP socket.

A logic error in pointer handling when reusing a DCCP socket could lead
to a use-after-free. A local attacker could use this flaw to cause a
denial-of-service or escalate privileges.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.