[El-errata] New updates available via Ksplice (ELSA-2016-3502)

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Tue Jan 12 02:40:40 PST 2016


Synopsis: ELSA-2016-3502 can now be patched using Ksplice
CVEs: CVE-2013-7421 CVE-2014-7842 CVE-2014-9644 CVE-2015-5307 
CVE-2015-7613 CVE-2015-7872 CVE-2015-8104

Users with Oracle Linux Premier Support can now use Ksplice to patch
against the latest Oracle Security Advisory, ELSA-2016-3502.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack on EL 6 install these
updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* CVE-2015-5307: KVM host denial-of-service in alignment check.

A guest could cause a denial-of-service on a KVM host by triggering an
infinite stream of alignment check exceptions and causing the processor
microcode to enter an infinite loop.  A privileged user in a guest could
use this flaw to crash the host.


* CVE-2015-8104: KVM host denial-of-service in debug exception.

A guest could cause a denial-of-service on a KVM host by triggering a
debug exception to fire during an existing debug exception.  This could
cause the host to get trapped in an infinite loop causing a
denial-of-service.  A privileged user in a guest could use this flaw to
crash the host.


* CVE-2015-7613: Privilege escalation in IPC object initialization.

Incorrect initialization of IPC objects could result in memory
corruption when creating message queues or shared memory.  A local,
unprivileged user could use this flaw to escalate privileges.


* CVE-2014-7842: Denial of service in KVM L1 guest from L2 guest.

A malicious nested L2 KVM guest can cause the L1 guest to crash by
triggering a race condition when accessing MMIO memory. A local attacker
could use this flaw to cause a denial of service.


* CVE-2013-7421, CVE-2014-9644: Arbitrary module loading by users in 
crypto API.

The kernel crypto API does not restrict which kernel modules can be
loaded automatically which allows users to load arbitrary kernel
modules. This allows an unprivileged user to increase the attack surface
of the kernel.


* CVE-2015-7872: Denial-of-service when garbage collecting 
uninstantiated keyring.

A logic error in the security keyring subsystem leads to a kernel crash
when garbage collecting a un-instantiated keyring.  A local, un-privileged
user can use this flaw to cause a denial-of-service.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.





More information about the El-errata mailing list