[El-errata] New Ksplice updates for UEKR6 5.4.17 on OL7 and OL8 (ELSA-2023-12008)

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Thu Jan 19 13:15:09 UTC 2023

Synopsis: ELSA-2023-12008 can now be patched using Ksplice
CVEs: CVE-2021-26932 CVE-2021-3759 CVE-2022-3524 CVE-2022-3542 
CVE-2022-3564 CVE-2022-3594 CVE-2022-3628 CVE-2022-3640 CVE-2022-42719 
CVE-2022-42895 CVE-2022-4378

Users with Oracle Linux Premier Support can now use Ksplice to patch
against the latest Oracle Linux Security Advisory, ELSA-2023-12008.
More information about this errata can be found at


We recommend that all users of Ksplice Uptrack running UEKR6 5.4.17 on
OL7 and OL8 install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


* CVE-2021-3759: Denial-of-service in System V Inter Process Communication.

A memory overflow could happen in System V Inter Process Communication
due to improper account for the memory usage of certain IPC objects
and result in memory exhaustion. A local user could use this flaw to
cause a denial-of-service.

* CVE-2022-42719: Privilege escalation in mac80211 subsystem.

An improper resources management in mac80211 subsystem can lead to
a use after free error. A local attacker able to inject WLAN frames
could use this flaw to cause denial of service or escalate privileges.

* CVE-2022-3564: Use-after-free in Bluetooth L2CAP.

A race condition in Bluetooth L2CAP when a socket buffer is queued and
dequeued by two flows running in parallel can lead to a use-after-free.
A remote attacker could use this flaw for a denial-of-service or
for privilege escalation.

* CVE-2022-3594: Denial-of-service in r8152 USB network driver.

Improper management of logging in the r8152 driver when handling
interrupts can lead to logging of excessive data. A remote attacker
could use this flaw to flood the system logs and hinder the ability to
detect anomalous conditions.

* CVE-2022-3524: Memory-leak in IPv6 networking.

A race condition in IPv6 networking when converting an IPv6 socket into
IPv4 could lead to a memory-leak. A local user could use this flaw to
exhaust the system's memory and cause denial-of-service.

* CVE-2022-3628: Code execution in Broadcom FullMAC USB WiFi driver.

A missing sanity check when setting up the Broadcom FullMAC USB WiFi
driver could result in out-of-bounds access. A physically proximate
user could use this flaw to craft a malicious USB device and cause
a denial-of-service or execute arbitrary code.

* CVE-2022-3640: Use-after-free in Bluetooth subsystem.

A logic flaw in receive data path of the Bluetooth subsystem could
result in a use-after-free. A local user could use this flaw to cause
a denial-of-service or execute arbitrary code.

* CVE-2022-42895: Information disclosure in Bluetooth subsystem.

A missing sanity check when parsing a configuration request in Bluetooth
L2CAP implementation could result in out-of-bounds memory access.
A physically proximate attacker could use this flaw for information

* Improved update to CVE-2021-26932, XSA-361: Denial-of-host-service by 
malicious Xen frontend.

Batched mapping operations can be potentially mishandled by the Linux
Xen backend, resulting in incorrectly reported success or failure of the
operation. Running a malicious or buggy frontend could result in a
denial-of-service on the host.

* Note: Oracle has determined that CVE-2022-3542 is not applicable.

The kernel is not affected by CVE-2022-3542 since the code under
consideration is not compiled.


Ksplice support is available at ksplice-support_ww at oracle.com.

More information about the El-errata mailing list