[El-errata] New Ksplice updates for UEKR4 4.1.12 on OL6 and OL7 (ELSA-2022-9348)
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Wed May 18 15:40:26 UTC 2022
Synopsis: ELSA-2022-9348 can now be patched using Ksplice
CVEs: CVE-2021-0920 CVE-2021-3573 CVE-2021-4002 CVE-2021-4083
CVE-2021-4149 CVE-2021-4157 CVE-2021-4203 CVE-2021-45095 CVE-2021-45868
CVE-2022-0617 CVE-2022-1016
Users with Oracle Linux Premier Support can now use Ksplice to patch
against the latest Oracle Linux Security Advisory, ELSA-2022-9348.
More information about this errata can be found at
https://linux.oracle.com/errata/ELSA-2022-9348.html
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack running UEKR4 4.1.12 on
OL6 and OL7 install these updates.
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.
Alternatively, you can install these updates by running:
# /usr/sbin/uptrack-upgrade -y
DESCRIPTION
* CVE-2021-0920, CVE-2021-4083: Privilege escalation in BSD Unix domain
sockets.
Lack of synchronization in BSD Unix domain sockets module could result
in a use
after free error. A local user could use this flaw to cause
denial-of-service
or privileges escalation.
Orabug: 33679806
* CVE-2022-0617: NULL-pointer dereference when processing UDF metadata.
When converting a UDF filesystem control block to its expanded form, an
invalid block could result in a NULL callback being invoked, resulting
in a system crash. A malicious user or filesystem image might exploit
this to cause a denial-of-service.
Orabug: 33870269
* CVE-2022-1016: Information leak in the netfilter subsystem.
A flaw in the netfilter subsystem result in a use-after-free. This may
allow a local unprivileged user to cause an information leak,
resulting in loss of system confidentiality.
Orabug: 34012926
* CVE-2021-3573: Code execution in the bluetooth subsystem due to
use-after-free.
Improper handling of HCI device detach events in the bluetooth subsystem
could leading to a use-after-free. A local user could use this flaw to
cause a denial of service or possibly execute arbitrary code.
Orabug: 33014054
* CVE-2021-4002: Information disclosure in HugeTLB due to a missing TLB
flush.
A missing TLB flush in the HugeTLB implementation could allow a local
attacker
to leak or alter data from other processes that use huge pages.
Orabug: 33617221
* CVE-2021-4149: Denial-of-service in BTRFS file system.
An improper locking flaw in BTRFS file system during error handling
could lead to a deadlock condition. A local user could use this flaw
to cause a denial-of-service.
Orabug: 33997139
* CVE-2021-45095: Denial-of-service in Phone Network protocol due to
memory leaks.
A reference counting flaw in the Phone Network protocol functionality
when handling an error condition could lead to memory leaks. A local
user could use this flaw to cause a denial-of-service.
Orabug: 33962762
* CVE-2021-45868: Use-after-free in disk quota subsystem.
Insufficient validation of the block number in the quota tree on disk
can lead
to use-after-free when handling a corrupted quota file. A local user can use
this flaw to cause denial-of-service.
Orabug: 33997256
* CVE-2021-4157: Out-of-bounds write in the Network File System.
An out-of-memory bounds write flaw in the NFS subsystem when handling
mirroring
of files can lead to invalid memory access. A user having access to the NFS
mount could potentially use this flaw to cause denial-of-service or
privilege
escalation.
Orabug: 34020970
* CVE-2021-4203: Use-after-free in the sockets subsystem.
A user-after-free read flaw in getsockopt() system call can lead to a race
condition. This could allow an attacker with user privileges to cause
denial-of-service or leak internal kernel information.
Orabug: 34006847
SUPPORT
Ksplice support is available at ksplice-support_ww at oracle.com.
More information about the El-errata
mailing list