[El-errata] New Ksplice updates for UEKR6 5.4.17 on OL7 and OL8 (ELSA-2020-5663)
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Thu Apr 30 10:29:02 PDT 2020
Synopsis: ELSA-2020-5663 can now be patched using Ksplice CVEs:
CVE-2019-19768 CVE-2020-10942 CVE-2020-11494 CVE-2020-2732 CVE-2020-8835
CVE-2020-8992 CVE-2020-9383
Users with Oracle Linux Premier Support can now use Ksplice to patch
against the latest Oracle Linux Security Advisory, ELSA-2020-5663.
More information about this errata can be found at
https://linux.oracle.com/errata/ELSA-2020-5663.html
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack running UEKR6 5.4.17 on OL7
and OL8 install these updates.
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.
Alternatively, you can install these updates by running:
# /usr/sbin/uptrack-upgrade -y
DESCRIPTION
* CVE-2020-11494: Information leak when using Serial / USB serial CAN Adaptors.
A missing zeroing of on stack data when sending data over Serial / USB
serial CAN Adaptors could lead to an information leak. A local attacker
could use this flaw to leak information about running kernel and
facilitate an attack.
Orabug: 31136750
* CVE-2020-9383: Information leak in floppy disk driver.
A flaw in floppy driver could lead to an out-of-bounds read causing
the information leak when assigning the floppy disk controller.
Orabug: 31067510
* CVE-2020-8992: Deadlock with too big journal size on ext4 filesystem.
Using a too big journal size on ext4 filesystem could lead to a
deadlock. A local attacker could use a specially crafted ext4 filesystem
to cause a denial-of-service.
Orabug: 31067112
* CVE-2020-8835: Privileges escalation in BPF verifier code.
A logic error in the BPF verifier code could lead to incorrect bounds
calculation. A local attacker could use this flaw to leak information
about running kernel or escalate privileges.
Orabug: 31127385
* CVE-2020-10942: Out-of-bounds memory access in the Virtual host driver.
Invalid input validation could lead to type confusion and out-of-bounds
memory accesses. A local unprivileged user could use this to cause a
denial-of-service or potentially escalate privileges.
Orabug: 31085989
* Improved fix for CVE-2020-2732: Privilege escalation in Intel KVM nested emulation.
The original fix for CVE-2020-2732 prevented a windows guest with Hyper-V
enabled from booting.
Orabug: 31118688
* Use-after-free when using NFS with page cache.
A logic error when using NFS with page cache could lead to a
use-after-free. A local attacker could use this flaw to cause a denial-
of-service.
Orabug: 31044292
* CVE-2019-19768: Use-after-free when reporting an IO trace.
Lack of correct synchronization between releasing a structure used to store
a trace and filling that structure coud lead to a use-after-free. A local
user with the ability to enable tracing on the block IO sub-system could
use this flaw to cause a denial-of-service or potentially escalate
privileges.
Orabug: 31123573
* CVE-2020-8835: Privileges escalation in BPF verifier code.
A logic error in the BPF verifier code could lead to incorrect bounds
calculation. A local attacker could use this flaw to leak information
about running kernel or escalate privileges.
Orabug: 31127385
* Out-of-bounds memory write when reading EFI variables from sysfs.
Lack of proper synchronization when reading EFI variables from sysfs could
lead to an out-of-bounds memory write. A local user with the ability to
read those files could use this flaw to cause a denial-of-service or
potentially escalate privileges.
Orabug: 31020408
SUPPORT
Ksplice support is available at ksplice-support_ww at oracle.com.
More information about the El-errata
mailing list