[Ksplice][Ubuntu-20.04-Updates] New Ksplice updates for Ubuntu 20.04 Focal (USN-6027-1)

Fri May 12 18:19:53 UTC 2023

Synopsis: USN-6027-1 can now be patched using Ksplice
CVEs: CVE-2022-3108 CVE-2022-3903 CVE-2022-4129 CVE-2023-0458 CVE-2023-1073 CVE-2023-1074 CVE-2023-1281 CVE-2023-26545

Systems running Ubuntu 20.04 Focal can now use Ksplice to patch
against the latest Ubuntu Security Notice, USN-6027-1.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running Ubuntu 20.04
Focal install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y

DESCRIPTION

* CVE-2023-0458: Information leak in system calls to get and set resource limits.

A flaw in the do_prlimit() function, which is invoked by a number of system
calls to get and set resource limits, could be used to leak kernel memory
as part of a side-channel attack (such as MDS).

* CVE-2022-3108: NULL pointer dereference in AMD GPU driver.

A failure to check the result of a function call in an AMD GPU driver
can lead to a NULL dereference and subsequent kernel panic.  A malicious
user coud exploit this flaw to cause a denial-of-service.

* CVE-2022-4129: Denial-of-service in Layer 2 Tunneling Protocol (L2TP).

Incorrect locking in the Layer 2 Tunneling Protocol (L2TP) can lead to a race
condition and NULL pointer dereference. A local user could use this to crash the
system leading to denial-of-service.

* CVE-2023-1073: Memory Corruption in HID subsystem.

An error in the human interface device (HID) subsystem during insertion
of a USB device can trigger memory corruption. This can allow a local
user to cause denial-of-service or escalate privileges.

* CVE-2023-1074: Memory Leak in Stream Control Transmission Protocol.

A flaw in the Stream Control Transmission Protocol (sctp) can allow a
local user to start a malicious networking service that leaks kernel
memory. This could allow the user to starve resources leading to a
denial-of-service.

* CVE-2023-1281: Use-after-free in Packet Classifier based on Traffic Control Indices.

The imperfect hash area in the traffic control index filter can be
updated while packets are traversing which can lead to a use-after-free.
A local attacker can use this to escalate privileges.

* CVE-2023-26545: Stale pointer in MultiProtocol Label Switching subsystem.

Incorrect error handling in the MultiProtocol Label Switching subsystem
(MPLS) during the renaming of a device can lead to double free. This could
allow a local user to write to arbitrary memory locations or cause
denial-of-service.

* CVE-2022-3903: Denial-of-service in the MCE Infrared Transceiver USB driver.

A flaw in the MCE Infrared Transceiver USB driver (mceusb) could
allow a local user with physical access to attach a specially
crafted malicious USB device and cause a denial-of-service.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.