[El-errata] New Ksplice updates for UEKR4 4.1.12 on OL6 and OL7 (ELSA-2019-4739)

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Wed Aug 14 08:25:13 PDT 2019

Synopsis: ELSA-2019-4739 can now be patched using Ksplice
CVEs: CVE-2019-13631

Users with Oracle Linux Premier Support can now use Ksplice to patch
against the latest Oracle Linux Security Advisory, ELSA-2019-4739.
More information about this errata can be found at


We recommend that all users of Ksplice Uptrack running UEKR4 4.1.12 on
OL6 and OL7 install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


* XSA-300: Denial-of-service in Xen memory ballooning.

A logic error in the Xen memory balloon device driver could result in
exhaustion of resources or crashes of the backend device drivers
resulting in IO stalls or guest failures.  A local privileged user could
use this flaw to cause a denial of service.

Orabug: 30073695

* CVE-2019-13631: Denial-of-service in GTCO CalComp/InterWrite tablet.

Missing range checks could allow an out-of-bounds stack memory write
when parsing USB descriptors.  A physically present user could use a
malicious device to trigger an out-of-bounds access leading to a kernel

Orabug: 30074413


Ksplice support is available at ksplice-support_ww at oracle.com.

More information about the El-errata mailing list