[El-errata] New Ksplice updates for UEKR5 4.14.35 on OL7 (ELSA-2019-4509)

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Thu Jan 17 11:37:38 PST 2019 

Synopsis: ELSA-2019-4509 can now be patched using Ksplice
CVEs: CVE-2018-19407 CVE-2018-19824 CVE-2018-5848 CVE-2018-7755 CVE-2018-8043

Users with Oracle Linux Premier Support can now use Ksplice to patch
against the latest Oracle Linux Security Advisory, ELSA-2019-4509.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running UEKR5 4.14.35
on OL7 install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* CVE-2018-7755: Information leak through floppy disk driver ioctl.

A logic error when using floppy disk driver ioctl could lead to a kernel
address leak.  A local attacker could use this flaw to get address of
running kernel and facilitate an attack.

Orabug: 28956514


* CVE-2018-5848: Privilege escalation in the Wilocity Atheros driver.

Improper length validation could lead to integer overflow and undefined
behaviour.  A local user could use this flaw to cause a memory corruption
and potentially escalate privileges.

Orabug: 28951264


* CVE-2018-8043: NULL pointer dereference when registering Broadcom UniMAC MDIO bus controller.

A missing check when registering Broadcom UniMAC MDIO bus controller
could lead to a NULL pointer dereference. A local attacker could use
this flaw to cause a denial-of-service.

Orabug: 27677743


* CVE-2018-19824: Use-after-free when registering a malicious USB audio device.

A wrong error handling when registering a malicious USB audio device
exposing 0 interface could lead to a use-after-free. A local attacker
could use this flaw to cause a denial-of-service.

Orabug: 29042979


* CVE-2018-19407: Denial-of-service in KVM IOAPIC scan.

A missing safety check in KVM's IOAPIC scan path can cause the kernel
to attempt access certain objects that have not been initialized.  This
can cause unexpected behavior, including a potential system crash.

Orabug: 29026132


* Incorrect usage of atomic values in Infiniband sockets causes memory starvation.

Incorrect usage of lockless atomic operations when allocating memory for
Infiniband Reliable Datagram Sockets causes the driver to overallocate
memory, potentially resulting in resource starvation for the rest of the
system.

Orabug: 29003422

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.

More information about the El-errata mailing list