[El-errata] New Ksplice updates for UEKR3 3.8.13 on OL6 and OL7 (ELSA-2019-4576)

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Wed Mar 13 09:50:20 PDT 2019


Synopsis: ELSA-2019-4576 can now be patched using Ksplice
CVEs: CVE-2017-17807 CVE-2018-10876 CVE-2018-10878 CVE-2018-13053 CVE-2018-9568

Users with Oracle Linux Premier Support can now use Ksplice to patch
against the latest Oracle Linux Security Advisory, ELSA-2019-4576.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running UEKR3 3.8.13 on
OL6 and OL7 install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* CVE-2018-10878: Out-of-bounds access when initializing ext4 block bitmap.

A logic error when initializing ext4 block bitmap could lead to an
out-of-bounds access. A local attacker could use this flaw with a
crafted ext4 image to cause a denial-of-service.

Orabug: 29428608


* CVE-2018-9568: Privilege escalation in IPv6 to IPv4 socket cloning.

A logic error when transforming an IPv6 socket to an IPv4 socket can
result in releasing memory into the wrong cache. This flaw can result in
memory corruption and potential privilege escalation.

Orabug: 29422740


* CVE-2018-10876: Use-after-free when removing space in ext4 filesystem.

A logic error when removing space in ext4 filesystem could lead to a
use-after-free. A local attacker could use this flaw with a crafted ext4
image to cause a denial-of-service.

Orabug: 29409425


* CVE-2017-17807: Permissions bypass when requesting key on default keyring.

When calling request_key() with no keyring specified, the requested key
is generated and added to the keyring even if the user does not have
write permissions.

Orabug: 29304552


* CVE-2018-13053: Integer overflow in alarm_timer_nsleep.

The alarm_timer_nsleep function in the kernel timekeeping code does not
check for overflow when adding two time values together, potentially
causing undefined behavior in the kernel.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.






More information about the El-errata mailing list