[Ksplice][Ubuntu-20.04-Updates] New Ksplice updates for Ubuntu 20.04 Focal (USN-5338-1)
Oracle Ksplice
quentin.casasnovas at oracle.com
Thu Mar 24 14:46:45 UTC 2022
Synopsis: USN-5338-1 can now be patched using Ksplice
CVEs: CVE-2021-28711 CVE-2021-28712 CVE-2021-28713 CVE-2021-28714 CVE-2021-28715 CVE-2021-4135 CVE-2021-43976 CVE-2021-44733 CVE-2021-45095 CVE-2021-45469 CVE-2021-45480 CVE-2022-0435 CVE-2022-0492 CVE-2022-0516 CVE-2022-0847
Systems running Ubuntu 20.04 Focal can now use Ksplice to patch
against the latest Ubuntu Security Notice, USN-5338-1.
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack running Ubuntu 20.04
Focal install these updates.
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.
Alternatively, you can install these updates by running:
# /usr/sbin/uptrack-upgrade -y
DESCRIPTION
* CVE-2021-45469: Out-of-bounds memory access in Flash-Friendly File System.
An inadequate error handling flaw in Flash-Friendly File System could
lead to an out-of-bounds memory access when an inode has an invalid last
xattr entry. A local user could use this flaw for code execution or
denial-of-service.
* Note: Oracle will not provide a zero-downtime update for CVE-2021-28714 (XSA-392) and CVE-2021-28715.
CVE-2021-28714 (XSA-392) and CVE-2021-28715 are both scored CVSSv3 6.5
and are present in the Xen backend driver. Both CVEs allow guest to hog
large amounts of kernel memory to potentially cause a denial-of-service.
Hosts without the Xen backend driver loaded are not affected by this
issue.
Oracle has determined that patching CVE-2021-28714 (XSA-392) and
CVE-2021-28715 on a running system would not be safe and recommends
a reboot if the Xen backend driver is used.
* Note: Oracle has determined that CVE-2021-44733 is not applicable.
A race condition flaw could happen in a Trusted Execution Environment
(TEE) during an attempt to free a shared memory object leading to
a use-after-free.
According to our audits most customers are not affected by this
vulnerability because they are not using the TEE kernel module.
The kernel is not affected by CVE-2021-44733 since the code under
consideration is not compiled.
* Note: Oracle will not provide a zero-downtime update for CVE-2021-28711, CVE-2021-28712, CVE-2021-28713 and XSA-391.
CVE-2021-28711, CVE-2021-28712, CVE-2021-28713 and XSA-391 are scored
CVSSv3 6.2 and are present in the Xen hypervisor subsystem. The CVEs
allow guest to call some interrupts with high frequency to potentially
cause a denial-of-service.
Hosts that don't use the Xen hypervisor subsystem are not affected by
this issue.
Oracle has determined that patching CVE-2021-28711, CVE-2021-28712,
CVE-2021-28713 and XSA-391 on a running system would not be safe and
recommends a reboot if the Xen hypervisor subsystem is used.
* CVE-2022-0847: Privilege escalation in pipe buffers.
A flaw in the initialization of pipe buffers may allow reading of
stale data from the underlying page cache. A local user could use
this flaw to write to read-only files or escalate privileges.
* CVE-2021-45095: Denial-of-service in Phone Network protocol due to memory leaks.
A reference counting flaw in the Phone Network protocol functionality
when handling an error condition could lead to memory leaks. A local
user could use this flaw to cause a denial-of-service.
* CVE-2022-0435: Denial-of-service in Transparent Inter-Process Communication protocol.
A buffer overflow flaw in The Transparent Inter-Process Communication
protocol could lead to crash in systems that have a TIPC bearer
configured. A remote attacker could use this flaw to cause a denial of
service.
* CVE-2022-0492: Privilege escalation in Control Groups feature.
A missing capabilities check flaw in the Control Groups feature when
setting release_agent in the initial user namespace could result in
bypassing namespace isolation. A local user could use this flaw to
escalate privilege.
* CVE-2021-43976: Malicious Marvell mwifiex USB device causes DoS.
Incorrect handling of packet buffers received from a Marvell mwifiex USB
device could result in a kernel assertion failure. A malicious device
might exploit this to crash the kernel.
* CVE-2021-4135: Information disclosure in Simulated Networking Device.
Improper memory initialization in the eBPF for the Simulated Networking
Device Driver in certain situations could allow unauthorized access to
sensitive information. A local user could use this flaw for information
disclosure.
* CVE-2021-45480: Denial-of-service in Reliable Datagram Socket.
A memory leak flaw in code cleanup of the Reliable Datagram Socket
protocol implementation in TCP could happen in some error condition
situations due to improper memory deallocation. A local user could
use this flaw to cause a denial-of-service.
* Note: Oracle has determined that CVE-2022-0516 is not applicable.
The kernel is not affected by CVE-2022-0516 since the code under
consideration is not compiled.
SUPPORT
Ksplice support is available at ksplice-support_ww at oracle.com.
More information about the Ksplice-Ubuntu-20.04-updates
mailing list