[El-errata] New Ksplice updates for UEKR5 4.14.35 on OL7 (ELSA-2019-4570)

[Errata Announcements for Oracle Linux]

Synopsis: ELSA-2019-4570 can now be patched using Ksplice
CVEs: CVE-2018-1000026 CVE-2018-14609 CVE-2018-14612 CVE-2018-16862

Users with Oracle Linux Premier Support can now use Ksplice to patch
against the latest Oracle Linux Security Advisory, ELSA-2019-4570.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running UEKR5 4.14.35
on OL7 install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* CVE-2018-1000026: Denial-of-service when receiving invalid packet on bnx2x network card.

A missing input validation when receiving invalid packet on bnx2x
network card could lead to network outage. A remote attacker could use
this flaw to cause a denial-of-service.

Orabug: 29125104


* Data corruption when terminating VM attached to IOMMU.

When terminating a virtual machine using an IOMMU device, the device's
memory page entries are not properly marked as invalid, potentially
resulting in corruption.

Orabug: 29297191


* CVE-2018-14609: Denial-of-service in BTRFS relocation cleanup.

A missing NULL pointer check could result in a kernel crash when
mounting a corrupted filesystem.  A user with the ability to mount
filesystems could use this flaw to crash the system with a maliciously
crafted image.

Orabug: 29301101


* CVE-2018-14612: Denial-of-service when using btrfs image with missing group items.

A missing check when using a crafted btrfs image with an unbalanced
number of chunks and groups could lead to a NULL pointer dereference. A
local attacker could use this flaw to cause a denial-of-service.

Orabug: 29355254


* Denial-of-service during netfilter rule replacement.

A reference count manipulation error when replacing a netfilter table rule can
result in an assertion failure, leading to a kernel crash. A local user with
the ability to add netfilter rules could use this flaw to cause a
denial-of-service.

Orabug: 29355502


* Packet loss on ingress on an unmanaged L2TP over IP tunnel interface.

A missing check when receiving packets on an unmanaged L2TP over IP
tunnel interface could lead to packet loss.

Orabug: 29368046


* CVE-2018-16862: Potential memory corruption in inode truncation path.

A logic error in the memory manager's inode truncation path can lead to
an inode not being properly cleaned up.  If another file is created with
the same inode, it is possible to read old leftover data, instead of
the expected data, when attempting to read the new file.  This could
cause a system to exhibit unexpected behavior.

Orabug: 29364665

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.