[El-errata] New Ksplice updates for UEKR4 4.1.12 on OL6 and OL7 (ELSA-2018-4288)

[Errata Announcements for Oracle Linux]

Synopsis: ELSA-2018-4288 can now be patched using Ksplice
CVEs: CVE-2018-1000204 CVE-2018-18710 CVE-2018-3639

Users with Oracle Linux Premier Support can now use Ksplice to patch
against the latest Oracle Linux Security Advisory, ELSA-2018-4288.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running UEKR4 4.1.12 on
OL6 and OL7 install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* CVE-2018-1000204: Kernel information leak when performing SG_IO ioctl.

A vulnerability in the SCSI subsystem allows copying uninitialized
kernel memory to userspace. This could provide an attacker with
sensitive kernel information.

Orabug: 28892656


* CVE-2018-18710: Information leak when checking the CD-ROM slot status.

An incorrect bounds check in the CD-ROM driver could allow an out-of-bounds
access and kernel information leak to an unprivileged user.

Orabug: 28929767


* Denial-of-service in the Xen block backend driver when finding a queue.

Failure to reset the number of rings when handling a low memory condition
in the Xen block backend driver could lead to a kernel panic.

Orabug: 28798861


* Improved fix for CVE-2018-3639: Speculative Store Bypass information leak.

In certain circumstances the mitigation for Speculative Store Bypass can
incorrectly be disabled upon a return to userspace.

Orabug: 28814570


* Guest panic when using the Indirect Branch Predictor Barrier.

Support for writing to the Indirect Branch Predictor Barrier (IBPB) MSR was
missing in KVM, leading to guest crashes when they used the mitigation.

Orabug: 28703712

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.