[El-errata] New Ksplice updates for RHCK 7 (ELSA-2018-0151)
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Thu Feb 1 09:50:21 PST 2018
Synopsis: ELSA-2018-0151 can now be patched using Ksplice
CVEs: CVE-2015-8539 CVE-2017-12192 CVE-2017-12193 CVE-2017-15649 CVE-2017-5715 CVE-2017-7472
Users with Oracle Linux Premier Support can now use Ksplice to patch
against the latest Oracle Linux Security Advisory, ELSA-2018-0151.
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack running RHCK 7 install
these updates.
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.
Alternatively, you can install these updates by running:
# /usr/sbin/uptrack-upgrade -y
DESCRIPTION
* CVE-2017-7472: Denial-of-service when setting default request-key keyring.
A logic error when a user set default request-key keyring multiple
times could lead to a memory leak. A local attacker could use this flaw
to exhaust kernel memory and cause a kernel panic.
* CVE-2015-8539: Denial-of-service when updating a negatively instantiated user cryptographic key.
A lack of checking the key was not negatively instantiated when updating a
user cryptographic key could lead to a BUG assertion to trigger. A local,
unprivileged user could use this flaw to cause a denial-of-service.
* CVE-2017-12193: Denial-of-service in generic associative array implementation.
A logic error when inserting a new entry into an associative array can
result in a NULL pointer dereference, leading to a Kernel crash. A local
user could use this flaw to cause a denial-of-service.
* CVE-2017-12192: Denial-of-service when reading negative key.
Invalid memory access when reading key negative from kernel key management
facility results in a crash. An unprivileged local user can exploit this
to cause denial-of-service.
* CVE-2017-15649: Use-after-free in AF_PACKET socket fanout.
A logic error when enabling fanout on a socket can result in the socket
being added to a list twice, which can lead to a use-after-free. A local
user could use this flaw to cause a denial-of-service or possibly
escalate privileges.
* Improved fix to CVE-2017-5715: Speculative execution branch target injection.
Under specific conditions, speculation restrictions could fail to be
applied on kernel entry allowing a bypass of Spectre protections.
SUPPORT
Ksplice support is available at ksplice-support_ww at oracle.com.
More information about the El-errata
mailing list