[El-errata] New Ksplice updates for UEKR4 4.1.12 on OL6 and OL7 (ELSA-2019-4510)

[Errata Announcements for Oracle Linux]

Synopsis: ELSA-2019-4510 can now be patched using Ksplice
CVEs: CVE-2018-1094 CVE-2018-19824

Users with Oracle Linux Premier Support can now use Ksplice to patch
against the latest Oracle Linux Security Advisory, ELSA-2019-4510.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running UEKR4 4.1.12 on
OL6 and OL7 install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* Incorrect usage of atomic values in Infiniband sockets causes memory starvation.

Incorrect usage of lockless atomic operations when allocating memory for
Infiniband Reliable Datagram Sockets causes the driver to overallocate
memory, potentially resulting in resource starvation for the rest of the
system.

Orabug: 28947481


* Denial-of-service in OCFS2 when mounting image with unrecovered alloc.

When mounting an OCFS2 filesystem inage with an unrecovered local alloc
in its journal, an invalid kernel assertion casuses a panic when the
image should actually be recoverable with an ocfs2.fsck run.

Orabug: 28924775


* Data corruption in OCFS2 when unmounting with dirty journal.

In rare cases, umounting an OCFS2 filesystem while operations with
uncommitted metadata could cause journal corruption, resulting in data
corruption or a later kernel panic.

Orabug: 28924775


* Kernel crash due to race condition when reading blocks in OCFS2.

Unnecessary synchronization of buffers when reading blocks in OCFS2
could in fact result in a race condition and kernel assertion failure,
causing a system crash.

Orabug: 28762940


* Denial-of-service when receiving IB packets with nonmatching partition key.

When receiving IB packets with a nonmatching partition key, the subnet
manager can become flooded with P_Key Violation traps, potentially
resulting in a denial-of-service for the IB connection.

Orabug: 27693633


* CVE-2018-1094: NULL pointer dereference when filling extended attributes on ext4 filesystem.

A missing initialization of crypto driver used to fill extended
attributes on ext4 filesystem could lead to a NULL pointer dereference.
A local attacker could use this flaw to cause a denial-of-service.

Orabug: 29114440


* CVE-2018-19824: Use-after-free when connecting ALSA USB sound device.

A use-after-free when connecting an ALSA USB sound device could result
in memory corruption, potentially allowing a malicious user to corrupt
memory or escalate privileges.

Orabug: 29042981


* Filesystem corruption in EXT4 direct write implementation.

A race condition during direct writes to an EXT4 filesystem can result in
filesystem corruption.

Orabug: 28940828

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.