[El-errata] New Ksplice updates for UEKR4 4.1.12 on OL6 and OL7 (ELSA-2019-4729)

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Tue Aug 6 00:51:15 PDT 2019

Synopsis: ELSA-2019-4729 can now be patched using Ksplice
CVEs: CVE-2018-20169 CVE-2019-11833 CVE-2019-12378 CVE-2019-12381

Users with Oracle Linux Premier Support can now use Ksplice to patch
against the latest Oracle Linux Security Advisory, ELSA-2019-4729.
More information about this errata can be found at


We recommend that all users of Ksplice Uptrack running UEKR4 4.1.12 on
OL6 and OL7 install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


* CVE-2019-11833: Information leak in ext4 extent tree block.

A missing zeroing of uninitialized memory in ext4 extent tree block
could lead to an information leak. A local attacker could use this flaw
to leak information about running kernel and facilitate an attack.

Orabug: 29925523

* NULL pointer dereference in RDS connect completion.

Missing NULL pointer checks could result in a kernel crash when
completing an Infiniband RDS connection completion.

Orabug: 29924849

* Memory leak in the RDS Infiniband receive path when fragment size changes.

A missing release of ressources in the RDS Infiniband receive path when the
fragment size is updated leads to a memory leak.

Orabug: 30034815

* CVE-2019-12381, CVE-2019-12378: NULL pointer dereferences in the IP to socket glue.

Failures to check that a kmalloc succeeded when allocating a new router
alert in the IPv4 and IPv6 to socket glue code could lead to a NULL pointer
dereference.  A remote user on the same network could use this flaw to
cause a denial-of-service.

Orabug: 29926005, 29926057

* Denial-of-service in the Hyper-V Virtual SCSI driver on invalid Logic Unit Number.

A failure to properly mark an SCSI I/O as being invalid in the Hyper-V
Virtual SCSI driver could lead to a deadlock or infinite loop in the

Orabug: 30052805

* CVE-2018-20169: Missing bound check when reading extra USB descriptors.

A failure to properly check the minimum and maximum size of an extra USB
descriptor in the USB sub-system could lead to reading or writing past
memory bounds.  An attacker with the ability to send specially crafted
extra descriptors from a USB device could use this flaw to escalate
privileges or cause a denial-of-service.

Orabug: 29755247

* Denial-of-service when KVM guest writes into the Spec MSR when not supported.

A logic error when rescanning the features after a late microcode upgrade
could lead to KVM allowing guests to write to the Spec MSR when it is not
supported on the host CPU.  This could lead to a guest crash or host crash
if the MSR writing is emulated.

Orabug: 29941248


Ksplice support is available at ksplice-support_ww at oracle.com.

More information about the El-errata mailing list