[El-errata] New Ksplice updates for RHCK 7 (ELSA-2019-3055)

[Errata Announcements for Oracle Linux]

Synopsis: ELSA-2019-3055 can now be patched using Ksplice
CVEs: CVE-2018-20856 CVE-2019-10126 CVE-2019-3846 CVE-2019-9506

Users with Oracle Linux Premier Support can now use Ksplice to patch
against the latest Oracle Linux Security Advisory, ELSA-2019-3055.
More information about this errata can be found at
https://linux.oracle.com/errata/ELSA-2019-3055.html

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running RHCK 7 install
these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* CVE-2019-10126, CVE-2019-3846: Heap overflow when parsing fields in Marvell WiFi-Ex driver.

A missing check on user input when parsing BSS and IE in Marvell
WiFi-Ex driver could let a local attacker cause a heap overflow and a
denial-of-service.


* CVE-2018-20856: Use-after-free in block device core.

A failure to initialize part of a structure in the block device allocation
path can lead to a use-after-free of certain kernel structures, which can
result in a kernel panic.  This could be used to cause a denial of service.


* CVE-2019-9506: Information disclosure when transmitting over bluetooth.

The Bluetooth BR/EDR specification permits sufficiently low encryption key
length and does not prevent an attacker from influencing the key length
negotiation. This allows practical brute-force attacks (aka "KNOB") that can
decrypt traffic and inject arbitrary ciphertext without the victim noticing.

This is the fix in kernel to disallow arbitrarily short encryption key.
However, the actual bug is in the protocol so we encourage customers to
also upgrade the firmware on their bluetooth device.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.