[El-errata] New Ksplice updates for RHCK 7 (RHSA-2018:3651)

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Wed Nov 28 05:40:25 PST 2018


Synopsis: ELSA-2018-3651 can now be patched using Ksplice
CVEs: CVE-2018-14633 CVE-2018-14646

Users with Oracle Linux Premier Support can now use Ksplice to patch
against the latest Oracle kernel update, ELSA-2018-3651.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running RHCK 7 install
these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* CVE-2018-14646: Denial-of-service in network namespace netlink capabilities.

A NULL pointer dereference in the netlink code for a network namespaced
process could result in a kernel crash.  A local user in the namespace
could use this flaw to crash the host.


* CVE-2018-14633: Remote privilege escalation in iSCSI CHAP authentication.

A stack buffer overflow in the iSCSI CHAP authentication code could
allow an unauthenticated remote attacker to corrupt stack memory and
crash the system or potentially, execute code on the target system.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.



More information about the El-errata mailing list