[Ksplice][Ubuntu-18.04-Updates] New Ksplice updates for Ubuntu 18.04 Bionic (USN-5136-1)

Wed Dec 1 14:49:25 UTC 2021

Synopsis: USN-5136-1 can now be patched using Ksplice
CVEs: CVE-2019-19449 CVE-2020-36322 CVE-2020-36385 CVE-2021-28950 CVE-2021-3655 CVE-2021-37159 CVE-2021-3743 CVE-2021-3744 CVE-2021-3753 CVE-2021-3759 CVE-2021-3764 CVE-2021-38199 CVE-2021-42252

Systems running Ubuntu 18.04 Bionic can now use Ksplice to patch
against the latest Ubuntu Security Notice, USN-5136-1.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running Ubuntu 18.04
Bionic install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y

DESCRIPTION

* Note: Oracle has determined that CVE-2021-3743 is not applicable.

Oracle has determined that CVE-2021-3743 is not applicable to x86.
Applying the patch has no resulting changes in the generated object
files.

* CVE-2021-38199: Denial-of-service in NFS due to incorrect connection-setup ordering.

Incorrect connection-setup ordering flaw in Network File System could
allow NFS server operator to cause a denial of service by arranging
for the server to be unreachable during trunking detection.

* CVE-2021-3759: Denial-of-service in System V Inter Process Communication.

A memory overflow could happen in System V Inter Process Communication
due to improper account for the memory usage of certain IPC objects
and result in memory exhaustion. A local user could use this flaw to
cause a denial-of-service.

* CVE-2021-3753: information disclosure in virtual terminal device.

A race condition flaw in its ioctl handling of the virtual terminal
device implementation could lead to out-of-bounds reads. A local user
could use this flaw for information disclosure.

* CVE-2019-19449: Information disclosure in F2FS file system.

An out of bounds memory access could happen in F2FS file system when
mounting a specially crafted f2fs filesystem image. A local user could
use this flaw for a denial-of-service or information disclosure.

* CVE-2020-36385: Use-after-free in RDMA communication manager due to a race condition.

A race condition could happen in RDMA communication manager leading
to a use-after-free when closing UCMA file. A local user could use
this flaw for a denial-of-service or code execution.

* Note: Oracle will not provide a zero-downtime update for CVE-2020-36322 and CVE-2021-28950.

CVE-2020-36322 and CVE-2021-28950 are both scored CVSSv3 5.5 and are
present in the fuse driver, which allows userspace drivers for
filesystems. Both CVEs allow an unprivileged user with access to
a mounted fuse filesystem to potentially cause a denial-of-service
through either a crash of the filesystem driver or infinite loop in
kernel.

Hosts without the fuse driver loaded or without any fuse filesystems
mounted are not affected by this issue.

Oracle has determined that patching CVE-2020-36322 and CVE-2021-28950 on
a running system would not be safe and recommends a reboot if fuse is
used on the host and unprivileged users are allowed to access a mounted
fuse filesystem.

* CVE-2021-3655: Information disclosure in SCTP Network subsystem.

Missing input validations in the SCTP networking subsystem may lead to
reading of uninitialized data. This may allow an attacker on the local
area network to cause an information disclosure.

* Note: Oracle has determined that CVE-2021-42252 is not applicable.

Oracle has determined that CVE-2021-42252 is not applicable to
the running kernel. Applying the patch has no resulting changes
in the generated object files.

* CVE-2021-37159: Code execution in Option USB High Speed Mobile device driver.

Improper error handling during device initialization in Option USB High
Speed Mobile device driver could lead to a use-after-free and a double
free. A local user could use this flaw to cause a denial-of-service or
possibly execute arbitrary code.

* CVE-2021-3744, CVE-2021-3764: Denial-of-service in AMD Cryptographic Coprocessor driver.

Error handling flaws in AMD Cryptographic Coprocessor driver could cause
memory leaks due to a failure to free memory allocated to process some
software operations. A local user could use this flaws to cause a denial
of service.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.