[El-errata] New Ksplice updates for UEKR7 5.15.0 on OL8 and OL9 (ELBA-2024-12477)
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Thu Jul 11 19:05:14 UTC 2024
Synopsis: ELBA-2024-12477 can now be patched using Ksplice
CVEs: CVE-2024-26924 CVE-2024-26993 CVE-2024-27016 CVE-2024-27398
CVE-2024-35849 CVE-2024-36883 CVE-2024-36886 CVE-2024-36904
CVE-2024-36919 CVE-2024-36933 CVE-2024-36934 CVE-2024-36941 CVE-2024-36964
Users with Oracle Linux Premier Support can now use Ksplice to patch
against the latest Oracle Linux Bug Fix Advisory, ELBA-2024-12477.
More information about this errata can be found at
https://linux.oracle.com/errata/ELBA-2024-12477.html
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack running UEKR7 5.15.0 on
OL8 and OL9 install these updates.
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.
Alternatively, you can install these updates by running:
# /usr/sbin/uptrack-upgrade -y
DESCRIPTION
* CVE-2024-26924: Denial-of-service in Netfilter PIPAPO.
A logic error when using Network packet filtering framework (Netfilter) Pile
Packet Policies could lead to a kernel crash. A local attacker could use
this
flaw to cause a denial-of-service.
* CVE-2024-26993: Resource leak in SysFS filesystem.
A logic error in the SysFS filesystem can lead to a resource leak.
An attacker can exploit this flaw to cause a denial-of-service or
aid in other types of attacks.
* CVE-2024-27016: Denial-of-service in Network packet filtering
framework (Netfilter).
A missing check when handling Point-to-Point Protocol over Ethernet
(PPPoE) headers in Network packet filtering framework (Netfilter) could lead
to use of uninitialized memory. A local attacker could use this flaw to
cause a denial-of-service.
* CVE-2024-27398: Denial-of-service in Bluetooth Classic (BR/EDR) features.
A missing check when using Bluetooth Classic (BR/EDR) features could
lead to a use-after-free. A local attacker could use this flaw to cause
a denial-of-service.
* CVE-2024-35849: Information leak in BTRFS filesystem.
A missing variable initialization when using the BTRFS filesystem could
lead to a memory leak. A local attacker could use this flaw to extract
sensitive information.
* CVE-2024-36883: Denial-of-service in Networking namespace support.
A race condition when using Networking namespace support could lead to
an out-of-bounds memory access. A local attacker could use this flaw to
cause a denial-of-service.
* CVE-2024-36886: Remote code execution in TIPC networking stack.
A logic error when using the TIPC networking stack could lead to a
use-after-free. A remote attacker could use this flaw to execute
arbitrary code in kernel mode, escalate privileges, cause a
denial-of-service, or aid in other types of attacks.
* CVE-2024-36904: Remote code execution in TCP/IP networking stack.
A race condition in TCP/IP networking stack can cause a data race
with a refcount value, leading to an underflow, which can cause a
use-after-free elsewhere in the kernel depending on the refcount.
A remote attacker could use this flaw to execute arbitrary code in
kernel mode, escalate privileges, cause a denial-of-service, or aid
in other types of attacks.
* CVE-2024-36919: Denial-of-service in QLogic
Fiber-Channel-over-Ethernet offload driver.
Unnecessary locking when using the QLogic FCoE offload driver could
lead to a kernel panic. A local attacker could use this flaw to cause
a denial-of-service.
* CVE-2024-36933: Information leak in Network Service Header protocol stack.
A logic error when using the Network Service Header protocol stack could
lead to an out-of-bounds memory access. A local attacker could use this
flaw to extract sensitive information.
* CVE-2024-36934: Information leak in QLogic BR-series Ethernet driver.
A logic error when using QLogic BR-series Ethernet driver could lead to
an out-of-bounds memory read. A local attacker could use this flaw to
extract sensitive information.
* CVE-2024-36941: Denial-of-service in core WiFi subsystem.
A missing check when using the core WiFi subsystem could lead to a NULL
pointer dereference. A local attacker could use this flaw to cause a
denial-of-service.
* CVE-2024-36964: Privilege escalation in Plan 9 Resource Sharing
filesystem stack.
A logic error when using Plan 9 Resource Sharing filesystem stack could
lead to garbage 9P mode bits setting the underlying Unix perm bits,
including the suid bit. A local attacker could use this flaw to escalate
privileges.
SUPPORT
Ksplice support is available at ksplice-support_ww at oracle.com.
More information about the El-errata
mailing list