[Ksplice][Ubuntu-20.04-Updates] New Ksplice updates for Ubuntu 20.04 Focal (USN-5917-1)
Oracle Ksplice
quentin.casasnovas at oracle.com
Tue Mar 14 00:24:53 UTC 2023
Synopsis: USN-5917-1 can now be patched using Ksplice
CVEs: CVE-2022-2873 CVE-2022-3169 CVE-2022-3424 CVE-2022-3435 CVE-2022-3521 CVE-2022-3545 CVE-2022-3623 CVE-2022-36280 CVE-2022-3643 CVE-2022-41218 CVE-2022-4139 CVE-2022-42328 CVE-2022-42329 CVE-2022-4378 CVE-2022-47520 CVE-2022-47929 CVE-2023-0045 CVE-2023-0266 CVE-2023-0394 CVE-2023-0461 CVE-2023-0615 CVE-2023-20938 CVE-2023-23454 CVE-2023-23455
Systems running Ubuntu 20.04 Focal can now use Ksplice to patch
against the latest Ubuntu Security Notice, USN-5917-1.
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack running Ubuntu 20.04
Focal install these updates.
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.
Alternatively, you can install these updates by running:
# /usr/sbin/uptrack-upgrade -y
DESCRIPTION
* CVE-2022-3545: Use-after-free in Netronome Flow Processor Ethernet driver.
A logic flaw in error handling in Netronome Flow Processor Ethernet
driver could result in a use-after-free. A local attacker could use this
flaw for a denial-of-service or code execution.
* CVE-2022-3521: Denial-of-service in Kernel Connection Multiplexor.
A flaw in the implementation of Kernel Connection Multiplexor sockets
could lead to a race condition when releasing sockets in some situations.
A local attacker could use this flaw to cause a denial-of-service.
* CVE-2022-4139: Information disclosure in Intel HD Graphics Driver.
A flaw in Intel HD Graphics Driver when flushing translation lookaside
buffers could allow access to physical memory which might be already
assigned to a different process. A local user could use this flaw for
denial-of-service or information disclosure.
* CVE-2022-3435: Information disclosure in IPv4.
A flaw in ioctls of IPv4 could result in out-of-bounds read access.
A local user could use this flaw for information disclosure.
* CVE-2022-3169: Denial-of-service in NVM Express block device.
A flaw in ioctls of NVM Express block device could result in PCIe link
disconnect. A local user could use this flaw for a denial-of-service.
* CVE-2022-4378: Out-of-bounds memory access in sysctl.
A flaw parsing character strings in the sysctl subsystem when changing
kernel parameters can lead to a stack overflow. A local user could use
this flaw for a denial-of-service or arbitrary code execution.
* Improved update to CVE-2022-3643: Denial-of-host-service via malicious Xen netfront packet.
The Xen netback handler does not properly handle packets with protocol
headers that span multiple slots. A malicious guest might exploit this
to crash certain varieties of network interface on the host.
* CVE-2022-3623: Information disclosure in HugeTLB file system support.
A flaw in HugeTLB file system support when looking up a hugetlb page in
some situations could lead to a race condition. A local user could use
this flaw to cause a denial-of-service or information disclosure.
* CVE-2022-3424: Denial-of-service in SGI GRU driver.
A logic error when using SGI GRU driver could lead to a use-after-free.
A local attacker could use this flaw to cause a denial-of-service.
* CVE-2022-2873: Out-of-bounds memory access in iSMT.
A missing sanity check for a user controlled value in the Intel's iSMT
SMBus host controller driver when processing an SMBus command may lead
to a memory corruption by writing past the end of a buffer. A local
user could use this flaw for denial-of-service or code execution.
* CVE-2022-41218: Use-after-free in dvb-core device release path.
Improper locking during device release operations can lead to a
use-after-free error in the dvb-core driver. This bug could be
exploited by a malicious local attack to cause a denial-of-service or to
escalate privileges.
* CVE-2022-36280: Out-of-bounds access in vmwgfs driver during cursor snoop.
A failure to validate cursor size data during a snoop operation can
lead to an out-of-bounds memory access. A malicious local user could
exploit this flaw to escalate their privileges, or to cause a
denial-of-service.
* CVE-2023-23455: Denial-of-service in ATM Virtual Circuit queue operation.
A logic error during a queue operation in the sch_atm driver can result
in an invalid pointer access. This flaw could be exploited by a local
attacker to cause a denial-of-service.
* CVE-2023-23454: Denial-of-service in CBQ packet scheduling.
When dropping a packet in Class-Based Queueing (CBQ) packet scheduling
algorithm, invalid data may be read. A local user can use this to cause
denial-of-service.
* CVE-2023-0045: Deficiency in existing speculative attack mitigation.
A missing branch predictor barrier leaves systems vulnerable to certain
speculative attacks. This flaw could be exploited to leak information
from a running system.
* CVE-2022-47929: NULL dereference in traffic control subsystem.
Specially crafted network traffic can cause a NULL pointer dereference
in the network traffic control subsystem. This flaw could be exploited
by a malicious local user to cause a denial-of-service.
* CVE-2023-0461: Use-after-free in Upper Level Protocol (ULP) subsystem.
Improper handling of sockets entering the LISTEN state can lead to
use-after-free. A local attacker could use this to cause denial-of-service or
execute arbitrary code.
* CVE-2023-0266: Use-after-free in ALSA PCM IOCTL processing.
Missing locks around certain operations can lead to a use-after-free
in the ALSA PCM driver. This flaw could by exploited by a local
attacker to escalate their privileges.
* CVE-2023-0394: NULL dereference during IPv6 raw frame processing.
An arithmetic error when processing certain IPv6 header information can
lead to a NULL pointer dereference. A malicious local user could
exploit this flaw to cause a denial-of-service.
* CVE-2022-47520: Out of bounds memory access in WILC1000 wireless driver.
Improper validation of a Robust Security Network element when parsing the
Basic Service Set of a WiFi network could lead to an out-of-bounds memory
access. A rogue attacker in radio range could use this flaw to cause a
denial-of-service or get remote execution.
* CVE-2022-42328, CVE-2022-42329, XSA-424: Denial-of-service in Xen Netback driver.
A logic flaw in Xen Netback driver when trying to free the SKB of
a dropped packet in some situations could result in a deadlock.
A local user could use this flaw for a denial-of-service.
* CVE-2023-0461: Use-after-free in Upper Level Protocol.
A flaw in ULP when handling sockets entering the LISTEN state in certain
protocols may lead to a user-after-free. A local user could use this
flaw to cause a denial-of-service or elevate privileges on the system.
* CVE-2023-0615: Out-of-bounds memory access in the Virtual Video Test Driver.
Lack of boundary checks when adjusting the composing height could lead to
an out-of-bounds memory access. A local user with the ability to send
IOCTL to the V4L2 VIVID driver could use this flaw to cause a
denial-of-service or elevate privileges.
* CVE-2023-20938: Use-after-free in the Android Binder deriver.
Lack of input validation in the Android Binder driver when releasing a
transaction buffer could lead to a user-after-free. A local unprivileged
user could use this flaw to cause a denial-of-service or elevate its
privileges.
SUPPORT
Ksplice support is available at ksplice-support_ww at oracle.com.
More information about the Ksplice-Ubuntu-20.04-updates
mailing list