[El-errata] New Ksplice updates for UEKR4 4.1.12 on OL6 and OL7 (ELSA-2019-4596)

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Thu May 2 06:07:14 PDT 2019


Synopsis: ELSA-2019-4596 can now be patched using Ksplice
CVEs: CVE-2018-1066 CVE-2018-10881 CVE-2018-10882 CVE-2019-3701

Users with Oracle Linux Premier Support can now use Ksplice to patch
against the latest Oracle Linux Security Advisory, ELSA-2019-4596.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running UEKR4 4.1.12 on
OL6 and OL7 install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* CVE-2018-10882: Out-of-bounds access when unmounting a crafted ext4 filesystem.

A logic error when unmounting a crafted ext4 filesystem could lead to an
out-of-bounds access. A local attacker could use this flaw to cause a
denial-of-service.

Orabug: 29545566


* CVE-2018-10881: Data corruption when using indirect blocks with ext4 filesystem.

A missing data zeroing when using indirect blocks with ext4 filesystem
could lead to data corruption or a kernel assert. A local attacker could
use this flaw to cause a denial-of-service.

Orabug: 29540709


* CVE-2018-1066: Denial-of-service in CIFS session negotiation.

A logic error in the CIFS session negotiation implementation can result
in a NULL pointer dereference leading to a Kernel crash. A remote CIFS
server could use this flaw to cause a denial-of-service.

Orabug: 29338239


* CVE-2019-3701: Denial-of-service in CAN controller.

Missing sanity checking in the Controller Area Network driver can allow
a malicious user to write arbitrary bits into the CAN device's I/O
memory, resulting in a system crash and denial-of-service.

Orabug: 29215299


* Denial-of-service in the Infiniband core driver when allocating protection domains.

A missing initialization of the shared protection domain when allocating
protection domains leads to use of uninitialized memory.

Orabug: 29384815


* Correctly enable CPU bugs mitigations with late microcode loading.

Some logic errors caused the L1TF, Spectre V2 (IBRS) and Spectre V4
(Speculative Store Bypass) mitigation capabilities not to be used on
non-boot CPUs or they were not properly exposed to guests when the host
used late microcode loading, preventing the mitigation from being fully
effective.  This could allow other guests or users on the same system to
leak information from a guest or other processes that would otherwise
enable the mitigations.

Orabug: 29336760

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.




More information about the El-errata mailing list