[El-errata] New Ksplice updates for UEKR6 5.4.17 on OL7 and OL8 (ELSA-2021-9621)
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Tue Dec 21 16:44:03 UTC 2021
Synopsis: ELSA-2021-9621 can now be patched using Ksplice
CVEs: CVE-2021-34556 CVE-2021-35477 CVE-2021-3753 CVE-2021-41864 CVE-2021-42252
Users with Oracle Linux Premier Support can now use Ksplice to patch
against the latest Oracle Linux Security Advisory, ELSA-2021-9621.
More information about this errata can be found at
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack running UEKR6 5.4.17 on
OL7 and OL8 install these updates.
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.
Alternatively, you can install these updates by running:
# /usr/sbin/uptrack-upgrade -y
* CVE-2021-3753: information disclosure in virtual terminal device.
A race condition flaw in its ioctl handling of the virtual terminal
device implementation could lead to out-of-bounds reads. A local user
could use this flaw for information disclosure.
* Note: Oracle has determined that CVE-2021-42252 is not applicable.
Oracle has determined that CVE-2021-42252 is not applicable to
the running kernel. Applying the patch has no resulting changes
in the generated object files.
* Note: Oracle will not provide a zero-downtime update for CVE-2021-34556, CVE-2021-35477.
An unprivileged BPF program can obtain sensitive information from kernel memory
via a Speculative Store Bypass side-channel attack by leveraging certain flaws
in the BPF implementation if unprivileged BPF is enabled.
Oracle has determined that patching CVE-2021-34556 and CVE-2021-35477 on
a running system would not be safe. These vulnerabilities have a medium
CVSS score of 5.5. In addition, disabling unprivileged BPF can be used
as a runtime mitigation.
Oracle recommends disabling unprivileged BPF or rebooting into the newest
kernel to mitigate these vulnerabilities.
* CVE-2021-41864: Code execution in BPF due to out-of-bounds writes.
An integer overflow flaw Berkeley Packet Filter when preallocating
objects for stack maps could result in out-of-bounds writes.
A privileged local user could use this to cause a denial of service or
possibly execute arbitrary code.
* Denial-of-service in NFSv4 client code losing connection.
Multiple logic errors in the Netfilter Connection Tracking sub-system
could lead NFSv4 client connections to drop and cause hangs on
the client side.
* Denial-of-service in AMD SVM support with Hyper-V role and Credential Guard enabled.
Logic error in AMD SVM support could result in a system crash at VM
boot when booting a VM with Hyper-V role and Credential Guard enabled
on AMD Zen2 or Zen3 machine.
Ksplice support is available at ksplice-support_ww at oracle.com.
More information about the El-errata