[Ksplice][Ubuntu-18.04-Updates] New Ksplice updates for Ubuntu 18.04 Bionic (USN-5209-1)

Wed Jan 12 13:43:01 UTC 2022

Synopsis: USN-5209-1 can now be patched using Ksplice
CVEs: CVE-2018-25020 CVE-2020-26541 CVE-2021-20317 CVE-2021-20321 CVE-2021-3760 CVE-2021-38300 CVE-2021-3896 CVE-2021-4002 CVE-2021-4037 CVE-2021-41864 CVE-2021-43389

Systems running Ubuntu 18.04 Bionic can now use Ksplice to patch
against the latest Ubuntu Security Notice, USN-5209-1.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running Ubuntu 18.04
Bionic install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y

DESCRIPTION

* CVE-2021-43389, CVE-2021-3896: Out-of-bounds access in ISDN CAPI due to a race condition.

A race condition in Kernel CAPI Interface of the ISDN CAPI
implementation could result in an out-of-bounds access. A privileged
local user could use this flaw to cause a denial-of-service or execute
arbitrary code.

* CVE-2021-3760: Use-after-free in NFC subsystem when closing NCI RSP connection.

A use-after-free flaw could happen in NFC Controller Interface (NCI)
implementation of the NFC subsystem when closing NCI RSP connection.
A local attacker could use this to cause a denial-of-service or execute
arbitrary code.

* CVE-2021-41864: Out-of-bounds write access in eBPF during a map operation.

An integer overflow could happen in eBPF during a map operation
resulting in out-of-bounds write access. An unprivileged user
could use this flaw for a denial-of-service or to execute code.

* CVE-2021-20321: Denial-of-service in the OverlayFS subsystem due to a race condition.

A race condition flaw when accessing file objects in the OverlayFS
subsystem could lead to a system crash. A local user could use this flaw
to cause a denial-of-service.

* Note: Oracle will not provide a zero-downtime update for CVE-2021-20317.

Oracle has determined that patching CVE-2021-20317 on a running system
would not be safe. This vulnerability has a medium CVSS score of 4.4.
The impact from this vulnerability could be to system availability only.
It would require local proximity and special user privileges to exploit
this vulnerability. Oracle recommends rebooting into the newest kernel
to mitigate this vulnerability.

* Note: Oracle will not be providing an update for CVE-2020-26541.

This CVE is only applicable at boot time, so by the time Ksplice live updates
are applied, the relevant code has already ran.

* CVE-2021-4002: Information disclosure in the hugetlb due to memory leak.

A memory leak flaw in the hugetlbfs memory usage of the hugetlb
implementation could allow a local attacker to leak or alter data from
other processes that use huge pages and result in sensitive information
disclosure.

* Note: Oracle has determined that CVE-2021-38300 is not applicable.

The kernel is not affected by CVE-2021-38300 since the code under
consideration is not compiled.

* CVE-2018-25020: Privileges escalation in BPF due to buffer overflow.

A buffer overflow flaw could happen in BPF subsystem when users run BPF
with long jump over an instruction sequence where inner instructions
require substantial expansions into multiple BPF instructions. A local
user could use this flaw to cause a denial-of-service or escalate their
privileges.

* Note: Oracle is still investigating potential zero-downtime mitigations for CVE-2021-4037.

Fixes for this CVE are still undergoing analysis and testing.
A zero-downtime update may be provided at a later date.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.