[El-errata] New Ksplice updates for RHCK 8 (ELSA-2024-8856)

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Fri Dec 20 07:33:31 UTC 2024 

Synopsis: ELSA-2024-8856 can now be patched using Ksplice
CVEs: CVE-2022-48773 CVE-2024-26851 CVE-2024-26924 CVE-2024-35939 CVE-2024-38540 CVE-2024-38586 CVE-2024-39503 CVE-2024-40961 CVE-2024-40983 CVE-2024-41009 CVE-2024-41042 CVE-2024-41092 CVE-2024-41093 CVE-2024-42070 CVE-2024-42079 CVE-2024-42284 CVE-2024-42292 CVE-2024-43854 CVE-2024-43880 CVE-2024-44989 CVE-2024-44990 CVE-2024-45018 CVE-2024-46679 CVE-2024-46770 CVE-2024-46826 CVE-2024-47668 CVE-2024-49891

Users with Oracle Linux Premier Support can now use Ksplice to patch
against the latest Oracle Linux Security Advisory, ELSA-2024-8856.
More information about this errata can be found at
https://linux.oracle.com/errata/ELSA-2024-8856.html

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running RHCK 8 install
these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* CVE-2022-48773: Denial-of-service in RPC-over-RDMA transport driver.

A missing variable initialization when using the RPC-over-RDMA transport
driver could lead to a NULL pointer dereference. A local attacker could
use this flaw to cause a denial-of-service.


* CVE-2024-26851: Denial-of-service in Network packet filtering framework.

A missing check when using Network packet filtering framework
(Netfilter) could lead to an out-of-bounds access. A local attacker
could use this flaw to cause a denial-of-service or facilitate an
attack.


* CVE-2024-26924: Denial-of-service in Netfilter PIPAPO.

A logic error when using Network packet filtering framework (Netfilter)
Pile Packet Policies could lead to a kernel crash. A local attacker
could use this flaw to cause a denial-of-service.


* CVE-2024-35939: Information leak in kernel DMA facilities.

A logic error when using kernel DMA with Intel TDX could lead to memory
pages being mishandled. A local attacker could use this flaw to extract
sensitive information.


* CVE-2024-38540: Data corruption in Broadcom Netxtreme HCA driver.

A logic error when using the Broadcom Netxtreme HCA driver could lead
to an integer overflow. A local attacker could use this flaw to cause
data corruption.


* CVE-2024-38586: Memory corruption in Realtek 8169/8168/8101/8125 ethernet driver.

A logic error when using Realtek 8169/8168/8101/8125 ethernet driver
could possibly lead to ring buffer corruption and NULL pointer
dereference. A local attacker could use this flaw to cause
denial-of-service.


* CVE-2024-39503: Privilege escalation in netfilter (IP set) subsystem.

A race condition when using netfilter (IP set) subsystem could lead to a
use-after-free. A local attacker could use this flaw to escalate
privileges.


* CVE-2024-40961: Denial-of-service in IPv6 networking stack.

A missing check when using the IPv6 networking stack could lead to a
NULL pointer dereference. A local attacker could use this flaw to cause
a denial-of-service.


* CVE-2024-40983: Denial-of-service in TIPC Protocol driver.

Incorrect reference counting when using the TIPC Protocol driver could
lead to a kernel crash. A local attacker could use this flaw to cause a
denial-of-service.


* CVE-2024-41009: Denial-of-service in BPF ringbuf subsystem.

A logic error when using the BPF ringbuf subsystem could lead to a
kernel crash. A local attacker could use this flaw to cause a denial-of-
service.


* CVE-2024-41042: Denial-of-service in netfilter subsystem.

A logic error when using the netfilter subsystem could lead to an
infinite loop / recursion. A local attacker could use this flaw to cause
a denial-of-service.


* CVE-2024-41092: Denial-of-service in Intel 8xx/9xx/G3x/G4x/HD Graphics driver.

A logic error when using the Intel 8xx/9xx/G3x/G4x/HD Graphics driver
could lead to a use-after-free. A local attacker could use this flaw to
cause a denial-of-service.


* CVE-2024-41093: Denial-of-service in AMD GPU driver.

A missing check when using the AMD GPU driver could lead to a NULL
pointer dereference. A local attacker could use this flaw to cause a
denial-of-service.


* CVE-2024-42070: Privilege escalation in netfilter subsystem.

A logic error when using the netfilter subsystem could lead to a memory
leak. A local attacker could use this flaw to escalate privileges.


* CVE-2024-42079: Denial-of-service in GFS2 file system driver.

A race condition when unmounting the GFS2 file system driver could lead
to a NULL pointer dereference. A local attacker could use this flaw to
cause a denial-of-service.


* CVE-2024-42284: Privilege escalation in TIPC driver.

Incorrect return status when using the TIPC driver could lead to a
buffer overflow. A local attacker could use this flaw to escalate
privileges.


* CVE-2024-42292: Information leak in kernel userspace event delivery library.

A logic error when using the kernel userspace event delivery library
could lead to an out-of-bounds memory access. A local attacker could use
this flaw to extract sensitive information.


* CVE-2024-43854: Information leak in Block layer data integrity driver.

A missing variable initialization when using the Block layer data
integrity driver could lead to uninitialised kernel memory being written
to disk. A local attacker could use this flaw to extract sensitive
information.


* CVE-2024-43880: Denial-of-service in Mellanox Switch ASIC driver.

A logic error when using the Mellanox Switch ASIC driver could lead to
the device becoming unresponsive. A local attacker could use this flaw
to cause a denial-of-service.


* CVE-2024-44989, CVE-2024-44990: Denial-of-service in Bonding driver.

A missing check when using the Bonding driver could lead to a NULL
pointer dereference. A local attacker could use this flaw to cause a
denial-of-service.


* CVE-2024-45018: Information leak in Network packet filtering framework.

A missing variable initialization in the Network packet
filtering framework (Netfilter) driver could lead to use of
uninitialized memory. A local attacker could use this flaw to
extract sensitive information.


* CVE-2024-46679: Denial-of-service in netlink interface for ethtool.

A missing check when using the netlink interface for ethtool could lead
to a kernel panic. A local attacker could use this flaw to cause a
denial-of-service.


* CVE-2024-46770: Denial-of-service in Intel Ethernet Connection E800 Series driver.

A race condition when resetting the Intel Ethernet Connection E800 Series
device could lead to a NULL pointer dereference. A local attacker could
use this flaw to cause a denial-of-service.


* CVE-2024-46826: Undefined behavior in kernel ELF parsing subsystem.

A logic error when using the kernel ELF parsing subsystem. could lead to
an inconsistently loaded binary. The resulting loaded binary might exhibit
undefined behavior.


* CVE-2024-47668: Privilege escalation in core kernel radix tree library.

A race condition when using the core kernel radix tree library could
lead to a use-after-free. A local attacker could use this flaw to
escalate privileges.


* CVE-2024-49891: Denial-of-service in Emulex LightPulse Fibre Channel driver.

A race condition when using the Emulex LightPulse Fibre Channel driver
could lead to a use-after-free. A local attacker could use this flaw to
cause a denial-of-service.


* Note: Oracle has determined some CVEs are not applicable.

The kernel is not affected by the following CVEs
since the code under consideration is not compiled.

CVE-2024-38541

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.

More information about the El-errata mailing list