[Ksplice][Ubuntu-20.04-Updates] New Ksplice updates for Ubuntu 20.04 Focal (USN-6172-1)

Tue Jul 11 03:48:52 UTC 2023

Synopsis: USN-6172-1 can now be patched using Ksplice
CVEs: CVE-2023-1076 CVE-2023-1077 CVE-2023-1079 CVE-2023-1670 CVE-2023-1859 CVE-2023-1998 CVE-2023-25012 CVE-2023-2985

Systems running Ubuntu 20.04 Focal can now use Ksplice to patch
against the latest Ubuntu Security Notice, USN-6172-1.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running Ubuntu 20.04
Focal install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y

DESCRIPTION

* CVE-2023-1670: Use-after free in Xircom PCMCIA ethernet driver.

A race condition when attempting to unload the Xircom ethernet driver
can lead to a use-after-free.  This flaw could be exploited by a local
attacker to cause a denial-of-service or to escalate their privileges.

* CVE-2023-1859: Use-after-free in Plan 9 Resource Sharing Xen Support.

A race condition in 9P Xen Support when removing the driver can lead to
a use-after-free. A local user could use this flaw to cause a denial of
service or elevate privileges on the system.

* CVE-2023-25012: Use-after-free in HID driver for BigBen Interactive Kids' gamepad.

Insufficient locking in the bigben HID driver can allow a malicious USB
device which advertises itself as a BigBen device to trigger a
use-after-free. This may allow a local user to cause memory corruption.

* CVE-2023-2985: Use-after-free in Apple Extended HFS file system support.

A flaw in HFS+ may lead to a use-after-free. A local user could use this
to cause a denial-of-service.

* Use-after-free in wireless LAN (802.11) configuration API.

Improperly reset information from previous connections in cfg80211
during reconnect may lead to a use-after-free. A remote user could
use this flaw to cause a denial-of-service or possibly execute arbitrary
code.

* CVE-2023-1077: Memory Corruption in Real-Time Scheduling Class.

Incorrect error checking logic in the Real-Time Scheduling Class can lead to
memory corruption. This can allow a local user to cause denial-of-service or
escalate privileges.

* CVE-2023-1079: Use-after-free in HID driver for Asus notebook built-in keyboard.

Insufficient locking in the HID driver for Asus notebook built-in keyboard can
allow a malicious USB device which advertises itself as an Asus device to
trigger a use-after-free. This may allow a local user to cause memory
corruption.

* CVE-2023-1076: Permission bypass in tun/tap sockets.

Incorrect initialization in the tun/tap socket code could allow sockets
to be treated incorrectly in filtering and routing decisions. This could
allow bypassing of network filters.

* CVE-2023-1998: Information disclosure due to disabled Single Thread Indirect Branch Predictors.

With legacy Indirect Branch Restricted Speculation (IBRS), Single Thread
Indirect Branch Predictors (STIBP) was incorrectly determined to be not
needed. This could allow cross-thread branch target injection and
information disclosure.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.