[El-errata] New Ksplice updates for UEKR5 4.14.35 on OL7 (ELBA-2018-4212)

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Wed Sep 12 02:36:05 PDT 2018

Synopsis: ELBA-2018-4212 can now be patched using Ksplice
CVEs: CVE-2018-10021 CVE-2018-13405 CVE-2018-15471

Users with Oracle Linux Premier Support can now use Ksplice to patch
against the latest Oracle Linux Bug Fix Advisory, ELBA-2018-4212.


We recommend that all users of Ksplice Uptrack running UEKR5 4.14.35
on OL7 install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


* NULL-pointer dereference in FUSE when failing to create inode.

If inode creation fails for a Filesystem in Userspace file, the
connection teardown to the FUSE service might improperly try to cleanup
the non-existent inode, resulting in a NULL-pointer dereference and

Orabug: 28434194

* Use-after-free in FUSE when failing to create superblock.

If an error occurs while creating a Filesystem in Userspace superblock
after the connection to the FUSE service is made, the connection is not
torn down, resulting in a use-after-free and potential denial-of-service
when the superblock is freed.

Orabug: 28434194

* CVE-2018-13405: Permissions bypass when creating file in SGID directory.

Creating an executable file in an SGID directory can result in the file
having the group ownership of the directory. This can be exploited to
elevate privileges if the file is created in a directory owned by a
privileged group.

Orabug: 28459475

* CVE-2018-10021: Denial-of-service in SAS device abort and failover.

Incorrect error handling when aborting or failing over a SAS device
could result in resource starvation and IO hangs.  A physically present
malicious user could use this flaw to cause a denial of service.

Orabug: 28459683

* NULL pointer dereference in LSI SYM53C8XX SCSI driver.

Missing pointer checks in debug statements could result in a NULL
pointer dereference and kernel crash under specific conditions.

Orabug: 28481892

* CVE-2018-15471: Privilege escalation in Xen network backend.

A validation failure in the Xen network backend driver can result in an
out-of-bounds memory access. A guest operating system could use this
flaw to potentially escalate privileges or cause a denial-of-service.

Orabug: 28460239


Ksplice support is available at ksplice-support_ww at oracle.com.

More information about the El-errata mailing list