[El-errata] New Ksplice updates for UEKR4 4.1.12 on OL6 and OL7 (ELSA-2023-12375)

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Tue Jun 13 07:58:30 UTC 2023 

Synopsis: ELSA-2023-12375 can now be patched using Ksplice
CVEs: CVE-2022-3169 CVE-2023-0458 CVE-2023-1670 CVE-2023-2162 CVE-2023-2248 CVE-2023-23454 CVE-2023-28328

Users with Oracle Linux Premier Support can now use Ksplice to patch
against the latest Oracle Linux Security Advisory, ELSA-2023-12375.
More information about this errata can be found at
https://linux.oracle.com/errata/ELSA-2023-12375.html

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running UEKR4 4.1.12 on
OL6 and OL7 install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* CVE-2023-2162: Use-after-free during iSCSI login.

A logic error in the iSCSI login path can result in a use-after-free
error.  This flaw could be exploited by a local attacker to cause
a denial-of-service or to aid in another type of attack.

Orabug: 35312683


* CVE-2023-28328: Denial-of-service in Azurewave AZ6027 driver during ioctl processing.

A missing length check on a buffer passed in from userspace via an ioctl
can result in a NULL pointer dereference.  This flaw could be exploited
by a remote attacker to cause a denial-of-service.

Orabug: 35312830


* CVE-2023-23454: Denial-of-service in CBQ packet scheduling.

When dropping a packet in Class-Based Queueing (CBQ) packet scheduling
algorithm, invalid data may be read. A local user can use this to cause
denial-of-service.

Orabug: 34983586


* CVE-2023-1670: Use-after free in Xircom PCMCIA ethernet driver.

A race condition when attempting to unload the Xircom ethernet driver
can lead to a use-after-free.  This flaw could be exploited by a local
attacker to cause a denial-of-service or to escalate their privileges.

Orabug: 35250898


* CVE-2023-0458: Information leak in system calls to get and set resource limits.

A flaw in the do_prlimit() function, which is invoked by a number of system
calls to get and set resource limits, could be used to leak kernel memory
as part of a side-channel attack (such as MDS).

Orabug: 35354303


* CVE-2023-2248: Out-of-bounds memory access in sch_qfq driver.

An arithmetic error in the sch_qfq driver can lead to an out-of-bounds
memory access.  A local attacker could exploit this flaw to leak
sensitive information or to cause other undefined behavior.

Orabug: 35354791


* CVE-2022-3169: Denial-of-service in NVM Express block device.

A flaw in ioctls of NVM Express block device could result in PCIe link
disconnect. A local user could use this flaw for a denial-of-service.

Orabug: 34619368

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.

More information about the El-errata mailing list