[El-errata] New Ksplice updates for UEKR4 4.1.12 on OL6 and OL7 (ELSA-2021-9534)

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Thu Nov 4 10:29:08 PDT 2021 

Synopsis: ELSA-2021-9534 can now be patched using Ksplice
CVEs: CVE-2018-1000026 CVE-2019-10207 CVE-2019-19813 CVE-2021-3564

Users with Oracle Linux Premier Support can now use Ksplice to patch
against the latest Oracle Linux Security Advisory, ELSA-2021-9534.
More information about this errata can be found at
https://linux.oracle.com/errata/ELSA-2021-9534.html

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running UEKR4 4.1.12 on
OL6 and OL7 install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* CVE-2018-1000026: Denial-of-service when receiving invalid packet on 
bnx2x network card.

A missing input validation when receiving invalid packet on bnx2x
network card could lead to network outage. A remote attacker could use
this flaw to cause a denial-of-service.

Orabug: 28094432


* CVE-2021-3564: Use-after-free when initializing bluetooth HCI device.

A flaw in the bluetooth Host Controller Interface handling could result
in a use-after-free if a device fails initialization. A malicious local
device or user might exploit this to cause a denial-of-service.

Orabug: 33014035


* CVE-2019-19813: Invalid memory accesses during btrfs filesystem sync.

A failure to properly validate certain metadata in a btrfs filesystem
image can lead to out-of-bounds writes and use-after-free issues.  Using
a specially crafted btrfs image, a local attacker could potentially
exploit these flaws to escalate privilege or cause other unexpected
behavior, including a denial-of-service.

Orabug: 31864610


* CVE-2019-10207: NULL pointer dereference in Bluetooth TTY operations.

A missing check in some Bluetooth drivers could lead to a NULL
pointer dereference triggered by an unprivileged user while executing
certain tty operations.  This could be exploited to cause a denial of
service attack.

Orabug: 30244627

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.

More information about the El-errata mailing list