[Ksplice][Ubuntu-20.04-Updates] New Ksplice updates for Ubuntu 20.04 Focal (USN-4425-1)

Oracle Ksplice ksplice-support_ww at oracle.com
Thu Aug 27 11:25:24 PDT 2020 

Synopsis: USN-4425-1 can now be patched using Ksplice
CVEs: CVE-2019-16089 CVE-2019-19642 CVE-2020-11935 CVE-2020-15780

Systems running Ubuntu 20.04 Focal can now use Ksplice to patch
against the latest Ubuntu Security Notice, USN-4425-1.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running Ubuntu 20.04
Focal install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* Possible use-after-free of cgroups with INET_INGRESS or INET_EGRESS causes crash.

Disabling net_cls and net_prio cgroups BPF causes it to stop refcounting when
allocating new sockets. Crashes on releasing those sockets when refcount goes
negative.


* CVE-2020-15780: SecureBoot bypass through ACPI table loading.

A missing check that the kernel is not locked down when loading ACPI tables
from userspace can allow the root user to escape SecureBoot or a kernel
lock down.


* CVE-2019-16089: Denial-of-service while checking NBD netlink status.

A failure to check for errors from certain function calls in the NBD
netlink status path can lead to a NULL pointer dereference and
subsequent kernel panic.  A local user could potentially exploit this
flaw to cause a denial-of-service.


* CVE-2019-19642: Denial-of-service in kernel relay file open path.

A failure to properly check the return value of certain calls when
opening a kernel relay file can lead to a NULL pointer dereference, and
subsequent kernel panic.  This flaw could be exploited by a local
unprivileged user to cause a denial-of-service.


* CVE-2020-11935: Denial-of-service attack with aufs inode reference counts.

A logic error in the aufs dentry_open function could result in invalid
reference counts, leading to a kernel BUG().  An attacker could potentially
exploit this to cause a denial-of-service attack.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.

More information about the Ksplice-Ubuntu-20.04-updates mailing list