[El-errata] New Ksplice updates for UEKR7 5.15.0 on OL8 and OL9 (ELSA-2023-12226)
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Tue Apr 18 14:43:54 UTC 2023
Synopsis: ELSA-2023-12226 can now be patched using Ksplice
CVEs: CVE-2022-2196 CVE-2022-27672 CVE-2022-3707 CVE-2023-1281
CVE-2023-1513 CVE-2023-20938 CVE-2023-26545
Users with Oracle Linux Premier Support can now use Ksplice to patch
against the latest Oracle Linux Security Advisory, ELSA-2023-12226.
More information about this errata can be found at
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack running UEKR7 5.15.0 on
OL8 and OL9 install these updates.
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.
Alternatively, you can install these updates by running:
# /usr/sbin/uptrack-upgrade -y
* CVE-2022-2196: Information leak in Kernel-based Virtual Machine.
A flaw in KVM due to a missing flush of indirect branch predictors
at VM-exit time may result in a leak of information.
A nested guest VM (L2) may use this flaw to perform Spectre v2 attacks
on L1 guest VMs.
* Note: Oracle will not provide a zero-downtime update for CVE-2023-20938.
Oracle has determined that the vulnerability does not affect a
Lack of input validation in the Android Binder driver when releasing a
transaction buffer could lead to a user-after-free. A local unprivileged
user could use this flaw to cause a denial-of-service or elevate its
* CVE-2022-3707: Double-free in Intel GVT-g graphics driver.
Incorrect error handling in the Intel GVT-g graphics driver can lead to a
double free. This can allow a local user to cause denial-of-service.
* CVE-2023-1513: Information leak in KVM ioctl.
Incomplete initialization of structure returned to user during KVM's
KVM_GET_DEBUGREGS ioctl can lead to information leak. This can allow a local
user to access to privileged data.
* CVE-2023-26545: Stale pointer in MultiProtocol Label Switching subsystem.
Incorrect error handling in the MultiProtocol Label Switching subsystem
(MPLS) during the renaming of a device can lead to double free. This could
allow a local user to write to arbitrary memory locations or cause
* CVE-2023-1281: Use-after-free in Packet Classifier based on Traffic
The imperfect hash area in the traffic control index filter can be
updated while packets are traversing which can lead to a use-after-free.
A local attacker can use this to escalate privileges.
* Incorrect initialization in BTRFS's zlib compression.
Incorrect initialization in BTRFS zlib compression implementation can
lead to use of uninitialized memory. This can lead to leak of
privileged information or denial-of-service.
* CVE-2022-27672: Information disclosure due to Cross-Thread Return
When SMT (simultaneous multithreading) is enabled, certain AMD processors
may speculative execute instructions using a target from the sibling thread.
This can potentially lead to information disclosure.
Ksplice support is available at ksplice-support_ww at oracle.com.
More information about the El-errata