[Ksplice][Ubuntu-18.04-Updates] New Ksplice updates for Ubuntu 18.04 Bionic (USN-5790-1)

Fri Jan 20 19:07:43 UTC 2023

Synopsis: USN-5790-1 can now be patched using Ksplice
CVEs: CVE-2021-4159 CVE-2022-20421 CVE-2022-2663 CVE-2022-3061 CVE-2022-3586 CVE-2022-39188 CVE-2022-40307 CVE-2022-4095

Systems running Ubuntu 18.04 Bionic can now use Ksplice to patch
against the latest Ubuntu Security Notice, USN-5790-1.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running Ubuntu 18.04
Bionic install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y

DESCRIPTION

* CVE-2022-2663: Firewall bypass in IRC connection tracking.

An issue in nf_conntrack_irc in unencrypted IRC protocol message
handling could result in messages being incorrectly matched by the
firewall. A remote user could use this flaw to bypass local firewall
rules.

* CVE-2021-4159: Information disclosure in eBPF verifier.

A flaw in eBPF verifier when handling internal data structures could
result in internal memory disclosure to userspace. A local user with
permissions to insert eBPF code could use this flaw for information
disclosure.

* CVE-2022-39188: Denial-of-service in MMU-based Paged Memory Management Support.

A flaw in MMU-based Paged Memory Management Support when unmapping
a memory region could result in a system crash. A local user could use
this flaw to cause a denial-of-service.

* CVE-2022-3586: Use-after-free in network scheduler.

A race condition in net scheduler when enqueuing a socket buffer into a
queue discipline may lead to a use-after-free. A local user could use
this flaw to cause a denial-of-service or disclose sensitive
information.

* Improved update to CVE-2022-3061: Denial-of-service in Intel740 framebuffer driver.

Improper validation of arguments provided from userspace through ioctl()
in i740fb may lead to a divide-by-zero bug. A local attacker could use
this flaw to cause a denial-of-service.

* CVE-2022-40307: Use-after-free in EFI capsule loader.

A race condition in EFI capsule loader when simultaneously performing a write
and a close operation on the device node may lead to a use-after-free. A local
user could use this flaw to cause a denial-of-service or escalate privileges.

* Memory leak when registering pvrusb2 driver.

A missing free of resources when registering pvrusb2 driver could lead
to a memory leak. A local attacker could use this flaw to cause a
denial-of-service.

* CVE-2022-4095: Use-after-free in rtl8712 USB networking driver.

A flaw in the rtl8712 driver may lead to a use-after-free when
processing the command queue. A local attacker could use this flaw to
cause a denial-of-service or escalate privileges.

* Note: Oracle has determined that CVE-2022-20421 is not applicable.

Oracle has determined that CVE-2022-20421 is not applicable because the
Android Binder config is not enabled on this kernel.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.