[Ksplice][Ubuntu-20.04-Updates] New Ksplice updates for Ubuntu 20.04 Focal (USN-6340-1)
Oracle Ksplice
quentin.casasnovas at oracle.com
Mon Oct 2 09:21:07 UTC 2023
Synopsis: USN-6340-1 can now be patched using Ksplice
CVEs: CVE-2022-39189 CVE-2022-45886 CVE-2022-45887 CVE-2022-45919 CVE-2023-2002 CVE-2023-21255 CVE-2023-2163 CVE-2023-2269 CVE-2023-2513 CVE-2023-31084 CVE-2023-3268 CVE-2023-34256 CVE-2023-35823 CVE-2023-35824 CVE-2023-35828
Systems running Ubuntu 20.04 Focal can now use Ksplice to patch
against the latest Ubuntu Security Notice, USN-6340-1.
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack running Ubuntu 20.04
Focal install these updates.
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.
Alternatively, you can install these updates by running:
# /usr/sbin/uptrack-upgrade -y
DESCRIPTION
* CVE-2023-3268: Out-of-bounds memory access in kernel-userspace relay file support.
An out-of-bounds memory access error exists in the kernel->userspace relay
support. This could allow a local attacker to crash the system or leak
kernel internal information.
* CVE-2023-31084: Potential deadlock during DVB driver event processing.
An incorrect use of a semaphore can potentially cause a deadlock in the
DVB core driver. This flaw could be exploited by an unprivileged local
attacker to cause a denial-of-service.
* CVE-2023-2163: Out-of-bounds memory access in BPF program verifier.
A flaw in the BPF verifier may allow a BPF program path to be
prematurely marked as safe, potentially leading to an out-of-bounds
read or write access. An attacker could use this flaw for
denial-of-service or arbitrary code execution.
* CVE-2023-2002: Insufficient capability check in the Bluetooth HCI sockets subsystem.
An insufficient capability check in the Bluetooth HCI sockets subsystem can
allow an unprivileged program to mark a socket as trusted. This can allow
escalation of privileges, denial-of-service and information leak.
* CVE-2023-35824: Use-after-free during dm1105 device removal.
A race condition in the dm1105 driver's device removal path can result
in a use-after-free. This flaw could be exploited by a local attacker
to cause a denial-of-service or other unexpected behavior.
* CVE-2023-35823: Use-after-free in Philips SAA7134 TV card driver.
Incorrect cleanup logic in the saa7134 driver can cause a use-after-free
when the device is removed. This can allow a user with physical access
to escalate privileges or cause undefined behavior.
* Note: Oracle has determined that CVE-2023-35828 is not applicable.
A race condition in the Linux kernel's Renesas USB3.0 controller when
removing the module before cleanup could lead to a use after free error.
A local privileged attacker could use this flaw to cause denial of
service.
The kernel is not affected by CVE-2023-35828 since the code under
consideration is not compiled.
* CVE-2023-2269: Denial-of-service in Device Mapper-Multipathing subsystem.
A possible recursive locking scenario in Linux Kernel Device Mapper
Multipathing subsystem can lead to a deadlock. A local user can use
this flaw to cause denial of service.
* CVE-2023-34256: Out-of-bounds read in ext4 checksum handling.
An arithmetic error in a checksum generation routine in the ext4 driver
can lead to an out-of-bounds read. This flaw could be exploited by a
malicious local user to leak sensitive information or to aid in another
type of attack.
* CVE-2023-21255: Use-after-free in Android Binder IPC driver.
A possible use-after-free in the binder kernel driver could lead to a
memory corruption. A local attacker could use this flaw to escalate
privileges.
* CVE-2023-2513: Use-after-free during ext4 extended attribute operations.
A logic error when setting certain extended attributes on an ext4
filesystem can result in a use-after-free scenario. This flaw could be
exploited by a malicious local attacker to cause a denial-of-service or
to aid in another type of attack.
* CVE-2022-45887: Memory leak in Technotrend/Hauppauge USB DEC driver.
A memory leak in the Technotrend/Hauppauge USB DEC driver can occur
when a device is disconnected. A local attacker can use this flaw
to cause a denial-of-service.
* CVE-2022-39189: Privilege escalation in Kernel-based Virtual Machine.
A flaw in KVM instruction emulation could allow unprivileged guest
userspace access to guest kernel memory through stale TLB translations.
An unprivileged guest user could use this flaw to cause a
denial-of-service or gain arbitrary code execution in a guest VM.
* CVE-2022-45886: Use-after-free in DVB Core driver.
A race condition in the network component of the DVB Core driver can
lead to a use-after-free when a device is disconnected. A local user
can exploit this flaw to cause a denial-of-service or potentially
escalate their privileges.
* CVE-2022-45919: Use-after-free in DVB EN50221 driver.
A race condition in the network component of the DVB EN50221 driver can
lead to a use-after-free when the device is disconnected. A local user
might exploit this flaw to cause a denial-of-service or potentially
escalate their privileges.
SUPPORT
Ksplice support is available at ksplice-support_ww at oracle.com.
More information about the Ksplice-Ubuntu-20.04-updates
mailing list