[El-errata] New Ksplice updates for UEKR7 5.15.0 on OL8 and OL9 (ELSA-2024-12272)
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Wed May 29 17:01:13 UTC 2024
Synopsis: ELSA-2024-12272 can now be patched using Ksplice
CVEs: CVE-2023-46838 CVE-2023-52435 CVE-2023-52436 CVE-2023-52437
CVE-2023-52438 CVE-2023-52439 CVE-2023-52443 CVE-2023-52444
CVE-2023-52445 CVE-2023-52448 CVE-2023-52449 CVE-2023-52451
CVE-2023-52454 CVE-2023-52456 CVE-2023-52457 CVE-2023-52458
CVE-2023-52462 CVE-2023-52467 CVE-2023-52486 CVE-2023-52491
CVE-2023-52492 CVE-2023-52493 CVE-2023-52494 CVE-2023-52588
CVE-2023-52592 CVE-2023-52594 CVE-2023-52595 CVE-2023-52597
CVE-2023-52598 CVE-2023-52599 CVE-2023-52600 CVE-2023-52602
CVE-2023-52603 CVE-2023-52604 CVE-2023-52606 CVE-2023-52607
CVE-2023-52608 CVE-2023-52609 CVE-2023-52612 CVE-2023-52614
CVE-2023-52615 CVE-2023-52616 CVE-2023-52617 CVE-2023-52618
CVE-2023-52622 CVE-2023-52623 CVE-2023-52627 CVE-2023-52630
CVE-2023-52631 CVE-2023-52633 CVE-2023-52642 CVE-2023-52666
CVE-2023-52667 CVE-2023-52669 CVE-2023-52670 CVE-2023-52672
CVE-2023-52674 CVE-2023-52675 CVE-2023-52677 CVE-2023-52686
CVE-2023-52690 CVE-2023-52691 CVE-2023-52694 CVE-2023-52696
CVE-2023-52698 CVE-2023-6356 CVE-2023-6535 CVE-2023-6536 CVE-2023-6915
CVE-2024-1151 CVE-2024-2201 CVE-2024-23849 CVE-2024-23850 CVE-2024-23851
CVE-2024-24860 CVE-2024-26586 CVE-2024-26592 CVE-2024-26593
CVE-2024-26594 CVE-2024-26597 CVE-2024-26600 CVE-2024-26602
CVE-2024-26606 CVE-2024-26608 CVE-2024-26610 CVE-2024-26614
CVE-2024-26615 CVE-2024-26625 CVE-2024-26628 CVE-2024-26631
CVE-2024-26633 CVE-2024-26635 CVE-2024-26636 CVE-2024-26640
CVE-2024-26663 CVE-2024-26664 CVE-2024-26665 CVE-2024-26671
CVE-2024-26673 CVE-2024-26675 CVE-2024-26676 CVE-2024-26685
CVE-2024-26689 CVE-2024-26695 CVE-2024-26696 CVE-2024-26697
CVE-2024-26702 CVE-2024-26704 CVE-2024-26707 CVE-2024-26712
CVE-2024-26715 CVE-2024-26717 CVE-2024-26720 CVE-2024-26722
CVE-2024-26808 CVE-2024-26825 CVE-2024-26829 CVE-2024-26848
CVE-2024-26972 CVE-2024-35833 CVE-2024-35835 CVE-2024-35840
Users with Oracle Linux Premier Support can now use Ksplice to patch
against the latest Oracle Linux Security Advisory, ELSA-2024-12272.
More information about this errata can be found at
https://linux.oracle.com/errata/ELSA-2024-12272.html
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack running UEKR7 5.15.0 on
OL8 and OL9 install these updates.
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.
Alternatively, you can install these updates by running:
# /usr/sbin/uptrack-upgrade -y
DESCRIPTION
* CVE-2023-52435: Denial-of-service in net subsystem.
The core net subsystem is responsible for segmenting socket buffers for
various protocols. A missing bound check while doing that can lead to a
null-pointer dereference. A local attacker can exploit this flaw to
cause denial-of-service.
* CVE-2023-52439: Use-after-free and double-free in Userspace IO.
A race between open and unregister functions will lead to a
use-after-free and a double-free. A local attacker can exploit this
flaw to cause denial-of-service or aid in other type of attacks.
* CVE-2023-52445: Use-after-free in Hauppauge WinTV-PVR USB2 driver.
Disconnecting a context in pvrusb2 driver can lead to a use-after-free
error. A local attacker can exploit this flaw to cause a privilege
escalation or denial-of-service.
* CVE-2023-52448: Denial-of-service in GFS2 filesystem.
Printing a resource group from the GFS2 filesystem can lead to a
null-pointer dereference. A local attacker can exploit this flaw
to cause denial-of-service.
* CVE-2023-52449: Denial-of-service in Memory Technology Device layer.
Incorrect handling of unsorted block images after creating
a partition in the memory technology device layer can lead
to a null-pointer dereference. A local attacker can exploit
this flaw to cause denial-of-service.
* CVE-2023-52458: Denial-of-service in the block layer.
Incorrect error checking in the kernel's block layer support when adding or
resizing a partition can lead to an IO error or null-pointer
dereference. This
can lead to a denial-of-service.
* CVE-2023-52462: Privilege escalation in the BPF subsystem.
Incorrect logic in the BPF verifier can allow corruption of a spilled
pointer
on the stack. A user can use this to escalate privileges.
* CVE-2023-52467: NULL pointer dereference in System Control Driver.
Insufficient error checks when using dynamically allocated memory in
Multi-Function Devices (MFD) System Control driver can lead to a NULL
pointer dereference. A local user can use this to cause
denial-of-service.
* CVE-2023-52486: Multi-free in Direct Rendering Manager subsystem.
When replacing the scanned-out framebuffer with a new one, a deadlock
is possible, leading to a multi-free instead of a simple double-free.
A local attacker can exploit this flaw to cause denial-of-service or
aid in other types of attacks.
* CVE-2023-52492: NULL-pointer dereference in DMA subsystem.
Insufficient error handling in the DMA subsystem during channel
unregistering can lead to NULL pointer dereference. Any user that can
trigger a device unregistration can cause a denial-of-service.
* CVE-2023-52493: Denial-of-service in the Modem Host Interface (MHI)
protocol.
Incorrect synchronization logic Modem Host Interface (MHI) protocol
subsystem
when processing events from a client device can lead to a soft lockup. A
user
with permissions on the client devices can use this flaw to cause
denial-of-service.
* CVE-2023-52494: Denial-of-service when using Modem Host Interface
(MHI) bus.
A logic error when checking a user pointer when using Modem Host
Interface (MHI) bus could lead to an out-of-bounds access. A local
attacker could use this flaw to cause a denial-of-service or cause
memory corruption.
* CVE-2023-52594: Out-of-bounds read in Atheros HTC-based WiFi driver.
A missing bound-check in the transmit status operation after a config
request by an Atheros HTC-based WiFi card can lead to an out-of-bounds
read. A local attacker can exploit this flaw to extract sensitive
information from the kernel memory or cause denial-of-service.
* CVE-2023-52595: Deadlock in Ralink WiFi driver.
Hardware reset stops beacon transmission in hardware, but the Ralink
WiFi driver doesn't stop it in the mac80211 software stack, leading to
a deadlock resulting in non-transmission. A local attacker can exploit
this flaw to cause denial-of-service.
* CVE-2023-52612: Out-of-bounds write when performing cryptographic
compression.
A logic error when using cryptographic synchronous compression
operations could lead to a buffer overflow. A local attacker could use
this flaw to cause a denial-of-service or escalate privileges.
* CVE-2023-52614: Denial-of-service in DVFS Framework.
A flaw in Generic Dynamic Voltage and Frequency Scaling (DVFS) Framework
for Non-CPU Devices could lead to a buffer overflow. An attacker could
use this to cause denial-of-service.
* CVE-2023-52615: Deadlock in Hardware Random Number Generator.
A read from /dev/hwrng into a memory mapped by another read can
lead to a deadlock. A local attacker can exploit this flaw to
cause denial-of-service.
* CVE-2023-52616: Denial-of-service in multiprecision maths library.
A flaw in multiprecision maths library could lead to use of
uninitialized memory. An attacker could use this to cause
a denial-of-service.
* CVE-2023-52622: Denial-of-service in ext4 filesystem.
Missing checks for block group size provided by a user to resize an
ext4 filesystem online can lead to an attempt to allocate an oversized
array, which would fail and thus the resize fails. A local attacker can
exploit this flaw to cause denial-of-service.
* CVE-2023-52642: Permission bypass when attaching eBPF programs to lirc
devices
A missing check when attaching eBPF programs to lirc devices could lead
to a permission bypass. A local attacker could use this flaw to leak
information about running kernel and facilitate an attack.
* CVE-2023-52667: Double free in Mellanox ConnectX Ethernet support.
Incorrect error handling in Mellanox 5th generation network adapters
(ConnectX
series) Ethernet support can lead to a double free. A local attacker
could use
this flaw to cause a denial-of-service.
* CVE-2023-52672: Denial-of-service when using pipes.
A logic error when resizing pipes while reading it could lead to a
deadlock. A local attacker could use this flaw to cause a
denial-of-service.
* CVE-2023-52674: Privilege escalation in Focusrite Scarlett Gen 2/3
Driver for ALSA.
A missing check on user input when using Focusrite Scarlett Gen 2/3
Driver for ALSA can lead to an out-of-bounds access. A local attacker
could use this flaw to escalate privileges or facilitate an attack.
* CVE-2023-52698: Memory leak in CALIPSO packet labeling protocol support.
When IPv6 support is disabled at boot (ipv6.disable=1), incorrect logic in
NetLabel CALIPSO/IPv6 Support can lead to a memory leak. A local
attacker can
use this to cause denial-of-service.
* CVE-2023-6356, CVE-2023-6535, CVE-2023-6536, CVE-2023-52454:
Denial-of-service when using NVMe over TCP.
Incorrect handling of lengths and offsets in fields of TCP packets
by the NVMe driver could lead to a NULL pointer dereference. A remote
attacker could exploit this flaw to cause a denial-of-service by
sending specially-crafted malicious packets.
* CVE-2023-6915: Denial-of-service in kernel ID allocator.
During the freeing operation, if there are no nearby IDs allocated,
a NULL pointer is stored which is not checked for and thus is later
dereferenced. A local attacker can exploit this flaw to cause a
denial-of-service.
* CVE-2024-1151: Denial-of-service in Open vSwitch.
Due to a lack of input validation in Open vSwitch, an attacker could
cause denial-of-service.
* CVE-2024-2201: Information leak using Branch History Injection.
New software techniques was developed to identify and potentially
exploit disclosure gadgets using Branch History Injection. A malicious
attacker could use this to leak information about sibling guest VMs or
about the running kernel.
* CVE-2024-23849: Out-of-bounds read in RDS networking stack.
An incorrect bound-check when receiving path latency can lead to an
out-of-bounds read. A local attacker can exploit this flaw to extract
sensitive information from kernel memory or cause a denial-of-service.
* CVE-2024-23850: Denial-of-service in Btrfs filesystem support.
A flaw in Btrfs filesystem support could lead to a kernel crash. A local
attacker could use this flaw to cause a denial-of-service.
* CVE-2024-23851: Denial-of-service in kernel software RAID and LVM drivers.
Due to a lack of input validation in kernel software RAID and LVM
drivers. A local attacker could use this flaw to cause a denial-of-
service.
* CVE-2024-24860: Race condition in the Bluetooth device driver.
Incorrect locking in the Bluetooth device driver interface to change the
maximum and minimum encryption key size can lead to inconsistent key size
restrictions. This race condition can potentially be used to leak
information.
* CVE-2024-26593: Data corruption in Intel 82801 (ICH/PCH) I2C driver.
The i2c-i801 driver has a flawed implementation of the block-write
block-read process call transactions, leading to reading wrong data
and leaving residual data in the device FIFO buffer. An attacker can
exploit this flaw to cause data corruption, denial-of-service, or aid
in other types of attacks.
* CVE-2024-26602: Denial-of-service due to membarrier system call.
membarrier syscall can slowdown some systems entirely to saturation.
A local attacker can exploit this flaw to cause denial-of-service.
* CVE-2024-26610: Memory corruption in Intel WiFi Link Next-Gen AGN driver.
A flaw in Intel Wireless WiFi Link Next-Gen AGN driver could lead to an
out-of-bounds memory write. An attacker could use this to cause memory
corruption.
* CVE-2024-26614: Denial-of-service during TCP handshake.
A locking error during TCP handshake could lead to a race condition. A
local attacker could use this flaw to cause a denial-of-service.
* CVE-2024-26631: Race condition in IPv6 Multicast subsystem.
Insufficient locking when destroying a device in the Multicast support
for IPv6 can lead to a data race. This can be used by a local user to
cause a denial-of-service or other undefined behavior.
* CVE-2024-26633: Denial-of-service when using IP-in-IPv6 tunnel driver.
A logic error when using IP-in-IPv6 tunnel driver could lead to an
uninitialized memory access. A local attacker could use this flaw to
cause a denial-of-service.
* CVE-2024-26640: Denial-of-service in TCP/IP networking.
A flaw in TCP/IP networking could lead to a kernel panic. An attacker
could use this to cause a denial-of-service.
* CVE-2024-26663: Denial-of-service in TIPC networking stack.
Missing bearer type check while adding IP addresses in TIPC bearer can
lead to a null-pointer dereference. A local attacker can exploit this
flaw to cause denial-of-service.
* CVE-2024-26664: Out-of-bounds write in Intel CPU temperature sensor
driver.
An out-of-bounds write can happen before an out-of-bounds check in the
Intel CPU temperature sensor driver. A local attacker can exploit this
flaw to cause privilege escalation or denial-of-service.
* CVE-2024-26665: Memory corruption in TCP/IP networking.
A flaw in TCP/IP networking could lead to an out-of-bounds memory
access. An attacker could use this to cause a memory corruption.
* CVE-2024-26671: Denial-of-service in block subsystem.
Lack of a CPU barrier in block multiqueue core code can lead to
re-ordering of some calls which leads to IO hang due to a race.
A local attacker can exploit this flaw to cause denial-of-service.
* CVE-2024-26673: Missing validation in netfilter subsystem.
Custom expectations handling in the netfilter subsystem did not verify
or sanitize the given protocol. A local attacker can exploit this flaw
to facilitate an attack.
* CVE-2024-26675: Denial-of-service in PPP async serial channel driver.
Lack of maximum size check when setting Maximum Receive Unit using the
ppp_async ioctl can lead to an attempt to allocate an oversized sockets,
which would fail and thus the ioctl operation fails. A local attacker
can exploit this flaw to cause denial-of-service.
* CVE-2024-26676: Denial-of-service in Garbage Collector For AF_UNIX
sockets.
A flaw in the Garbage Collector For AF_UNIX sockets could lead to a memory
leak. An attacker could use this to cause denial-of-service.
Orabug: 36375407
* CVE-2024-26689: Privilege escalation in capabilities handling of Ceph
distributed file system.
A reference count error in capabilities handling of Ceph distributed
file system could lead to a use-after-free. A local attacker could use
this flaw to escalate privileges.
* CVE-2024-26695: Denial-of-service in AMD Platform Security Processor
driver.
A flaw in AMD Platform Security Processor driver could lead to a null
pointer dereference. An attacker could use this to cause a
denial-of-service.
* CVE-2024-26704: Denial-of-service in ext4 filesystem.
When moving extents in ext4 filesystem, a failure to cope for an
unsuccessful loop exit when calculating the moved length can lead
to a double-free and divide-by-zero error. A local attacker can
exploit this flaw to cause denial-of-service or aid in other types
of attacks.
* CVE-2024-26720: Denial-of-service in kernel memory manager.
Incorrect cast of a divisor while setting dirty page writeback limits
can lead to a divide-by-zero error. A local privileged attacker can
exploit this flaw to cause denial-of-service.
* CVE-2024-26808: Stale reference in Netfilter nf_tables subsystem.
Incorrect cleanup in the Netfilter nftables subsystem during an
NETDEV_UNREGISTER event can leave a stale reference to netdevice. A
local user can use this to cause denial-of-service.
* CVE-2024-26972: Denial-of-service when encrypting UBIFS filesystem.
A missing free of resources in error path when encrypting UBIFS
filesystem could lead to a memory leak. A local attacker could use this
flaw to cause a denial-of-service.
* CVE-2024-35835: Double free in Mellanox MLX5 ARFS support.
Incorrect error handling in Mellanox MLX5 ethernet accelerated receive flow
steering (ARFS) support can lead to a double free. A local attacker
could use
this flaw to cause a denial-of-service.
* CVE-2024-35840: Denial-of-service when receiving data over Multipath
TCP socket.
A missing check when receiving data over Multipath TCP socket could lead
to accessing stale data. A local attacker could use this flaw to cause a
denial-of-service.
* XSA-448, CVE-2023-46838: Denial-of-service in Xen virtual networking
stack.
Zero-length transmission requests can lead to NULL pointer dereference
in the Xen hypervisor's virtual networking stack. A remote attacker
can exploit this flaw to cause denial-of-service.
* Note: Oracle has determined that CVE-2023-52436 is not applicable.
In F2FS filesystem, the xattr list was not null-terminated explicitly,
leading to a possible out-of-bounds access A local attacker can exploit
this flaw to extract sensitive information from the kernel memory, or
cause denial-of-service.
The kernel is not affected by CVE-2023-52436 since the code under
consideration is not compiled (entire filesystem is not compiled).
* Note: Oracle has determined that CVE-2023-52438 is not applicable.
A race in the binder module present in the Android IPC subsystem
could lead to a use-after-free error. A local attacker can exploit
this flaw to cause denial-of-service or privilege escalation.
The kernel is not affected by CVE-2023-52438 since the code under
consideration is not compiled.
* Note: Oracle has determined that CVE-2023-52443 is not applicable.
An empty profile name for an AppArmor profile leads to a null-pointer
dereference. A local attacker may exploit this flaw to cause
denial-of-service.
The kernel is not affected by CVE-2023-52443 since the code under
consideration is not compiled (AppArmor is disabled).
* Note: Oracle has determined that CVE-2023-52444 is not applicable.
The f2fs filesystem rename code contains a flaw in its handling of
inodes. A malicious user might exploit this to corrupt a filesystem or
cause other misbehavior.
The kernel is not affected by CVE-2023-52444 since the code under
consideration is not compiled.
* Note: Oracle has determined that CVE-2023-52451 is not applicable.
While doing a memory lookup for the powerpc pseries platform, an
out-of-bounds access is possible. A local attacker could exploit
this flaw to extract sensitive information from the kernel memory
or cause denial-of-service.
The kernel is not affected by CVE-2023-52451 since the code under
consideration is not compiled.
* Note: Oracle has determined that CVE-2023-52456 is not applicable.
Oracle has determined that the vulnerability does not affect a
running system.
* Note: Oracle has determined that CVE-2023-52457 is not applicable.
Removal of an 8250 UART device will cause a memory leak and a potential
use-after-free. A local attack can exploit this flaw to access
sensitive information from kernel memory or cause denial-of-service.
The kernel is not affected by CVE-2023-52457 since the code under
consideration is not compiled.
* Note: Oracle has determined that CVE-2023-52491 is not applicable.
This CVE addresses an issue in Mediatek JPEG Codec driver which is not
included
in this kernel.
* Note: Oracle has determined that CVE-2023-52588 is not applicable.
This CVE addresses an issue in F2FS compression feature which is not
included
in this kernel.
* Note: Oracle has determined that CVE-2023-52592 is not applicable.
This CVE addresses an issue in libbpf which is not included in this kernel.
Furthermore, the CVE has been rejected by the CNA.
* Note: Oracle has determined that CVE-2023-52597 is not applicable.
Racing of an IRQ and handling of floating point control register for a
KVM can lead to the corruption of said register on System/390 machines.
A local attacker can exploit this flaw to cause denial-of-service, data
corruption, or aid in other types of attacks.
The kernel is not affected by CVE-2023-52597 since the code under
consideration is not compiled (kernel is not built for System/390).
* Note: Oracle has determined that CVE-2023-52598 is not applicable.
Racing of an IRQ and handling of floating point control register on a
System/390 machine can lead to corruption of the register. A local
attacker can exploit this flaw to cause denial-of-service, data
corruption, or aid in other types of attacks.
The kernel is not affected by CVE-2023-52598 since the code under
consideration is not compiled (kernel is not built for System/390).
* Note: Oracle has determined that CVE-2023-52599 is not applicable.
An invalid value of allocation group number in JFS filesystem can lead
to an out-of-bounds access (both read and write). A local attacker can
exploit this flaw to extract sensitive information from kernel memory,
cause privilege escalation, denial-of-service, or aid in other types
of attacks.
The kernel is not affected by CVE-2023-52599 since the code under
consideration is not compiled (entire filesystem is not compiled).
* Note: Oracle has determined that CVE-2023-52600 is not applicable.
After an unsuccessful mount in JFS filesystem, the memory can be freed
asynchronously which can lead to a use-after-free error. A local
attacker can exploit this flaw to cause denial-of-service or aid in
other types of attacks.
The kernel is not affected by CVE-2023-52600 since the code under
consideration is not compiled (entire filesystem is not compiled).
* Note: Oracle has determined that CVE-2023-52602 is not applicable.
An invalid value in the internal entry table of JFS filesystem can lead
to out-of-bounds access (both read and write). A local attacker can
exploit this flaw to extract sensitive information from kernel memory,
cause privilege escalation, denial-of-service, or aid in other types of
attacks.
The kernel is not affected by CVE-2023-52602 since the code under
consideration is not compiled (entire filesystem is not compiled).
* Note: Oracle has determined that CVE-2023-52603 is not applicable.
An inadequate check while splitting an internal data structure in JFS
filesystem can lead to an out-of-bounds access (both read and write).
A local attacker can exploit this flaw to extract sensitive information
from kernel memory, cause privilege escalation, denial-of-service, or
aid in other types of attacks.
The kernel is not affected by CVE-2023-52603 since the code under
consideration is not compiled (entire filesystem is not compiled).
* Note: Oracle has determined that CVE-2023-52604 is not applicable.
Updating an internal data structure in JFS filesystem can lead to
out-of-bounds access (both read and write). A local attacker can
exploit this flaw to extract sensitive information from kernel memory,
cause privilege escalation, denial-of-service, or aid in other types of
attacks.
The kernel is not affected by CVE-2023-52604 since the code under
consideration is not compiled (entire filesystem is not compiled).
* Note: Oracle has determined that CVE-2023-52606 is not applicable.
Invalid maximum size assumption for emulation of vector instructions by
the PowerPC architecture core can lead to kernel stack corruption. A
local attacker can exploit this flaw to cause privilege escalation or
denial-of-service.
The kernel is not affected by CVE-2023-52606 since the code under
consideration is not compiled (kernel is not built for PowerPC).
* Note: Oracle has determined that CVE-2023-52607 is not applicable.
Failure to check memory allocation success can lead to a null-pointer
dereference in the PowerPC architecture's memory management code.
The kernel is not affected by CVE-2023-52607 since the code under
consideration is not compiled (kernel is not built for PowerPC).
* Note: Oracle has determined that CVE-2023-52608 is not applicable.
This CVE addresses an issue in SCMI transport based on Mailbox support
which is
not included in this kernel.
* Note: Oracle has determined that CVE-2023-52609 is not applicable.
A logic error when using Android binder could lead to a deadlock. A
local attacker could use this flaw to cause a denial-of-service.
The kernel is not affected by CVE-2023-52609 since the code under
consideration is not compiled.
* Note: Oracle has determined that CVE-2023-52617 is not applicable.
Removing a PCI device can cause a race in MicroSemi Switchtec PCIe
switch management driver, leading to a use-after-free. A physical
attacker can exploit this flaw to cause privilege escalation or
denial-of-service.
The kernel is not affected by CVE-2023-52617 since the code under
consideration is not compiled (driver not present).
* Note: Oracle has determined that CVE-2023-52618 is not applicable.
This CVE addresses an issue in RDMA Network Block Driver which is not
included
in this kernel.
* Note: Oracle has determined that CVE-2023-52627 is not applicable.
This CVE addresses an issue in Analog Devices AD7091R5 ADC Driver which
is not
included in this kernel.
* Note: Oracle has determined that CVE-2023-52630 is not applicable.
This CVE addresses an issue in the cost model based cgroup IO controller
which
is not included in this kernel.
* Note: Oracle has determined that CVE-2023-52631 is not applicable.
This CVE addresses an issue in NTFS file system support which is not
included
in this kernel.
* Note: Oracle has determined that CVE-2023-52633 is not applicable.
This CVE addresses an issue in code which is not built in this kernel.
* Note: Oracle has determined that CVE-2024-26586 is not applicable.
Oracle has determined that the vulnerability does not affect a
running system.
* Note: Oracle has determined that CVE-2024-26592 is not applicable.
This CVE addresses an issue in SMB3 server support which is not included in
this kernel.
* Note: Oracle has determined that CVE-2024-26594 is not applicable.
This CVE addresses an issue in SMB3 server support which is not included in
this kernel.
* Note: Oracle has determined that CVE-2024-26597 is not applicable.
A bigger-than-expect value for maxtype when configuring the Qualcomm
RmNet MAP driver can lead to an out-of-bounds read. A local attacker
can exploit this flaw to read sensitive information from kernel memory
or cause denial-of-service.
The kernel is not affected by CVE-2024-26597 since the code under
consideration is not compiled.
* Note: Oracle has determined that CVE-2024-26600 is not applicable.
This CVE addresses an issue in the OMAP USB2 PHY Driver which is not
included
in this kernel.
* Note: Oracle has determined that CVE-2024-26606 is not applicable.
Incorrect signaling of queued work for consumption in the (e)poll mode
in the binder driver (present in the Android IPC subsystem) can lead to
an indefinite wait for an event. A local attacker can exploit this flaw
to cause denial-of-service.
The kernel is not affected by CVE-2024-26606 since the code under
consideration is not compiled (driver not present).
* Note: Oracle has determined that CVE-2024-26608 is not applicable.
This CVE addresses an issue in SMB3 server support which is not included in
this kernel.
* Note: Oracle has determined that CVE-2024-26615 is not applicable.
Dumping of SMC diagnostic connections when the connection itself is
being established can lead to a null-pointer dereference. A local
attacker can exploit this flaw to cause a denial of service.
The kernel is not affected by CVE-2024-26615 since the code under
consideration is not compiled (SMC support itself is not enabled).
* Note: Oracle has determined that CVE-2024-26625 is not applicable.
Improper cleanup of Logical Link Layer type 2 sockets can lead to a
use-after-free error later. An attacker, possibly remote, can exploit
this flaw to cause denial-of-service or aid in other types of attacks.
The kernel is not affected by CVE-2024-26625 since the code under
consideration is not compiled (LLC2 support is not enabled).
* Note: Oracle has determined that CVE-2024-26635 is not applicable.
Improper removal of token ring support in 2012 from the net subsystem
can lead to dereferencing of uninitialised pointers when receiving
token ring packets in the Logical Link Layer type 2 subsystem. A
remote attacker can exploit this flaw to cause denial-of-service,
privilege escalation, or aid in other types of attacks.
The kernel is not affected by CVE-2024-26635 since the code under
consideration is not compiled (LLC2 support is not enabled).
* Note: Oracle has determined that CVE-2024-26636 is not applicable.
Transmission in Logical Link Layer type 2 subsystem involving
zero-length headroom socket can lead to out-of-bounds write. A
local attacker can exploit this flaw to cause denial-of-service
or privilege escalation.
The kernel is not affected by CVE-2024-26636 since the code under
consideration is not compiled (LLC2 support is not enabled).
* Note: Oracle has determined that CVE-2024-26685 is not applicable.
Faulty manipulation of flags during async write in NILFS2 filesystem
can lead to a kernel BUG. A local attacker can exploit this flaw to
cause denial-of-service.
The kernel is not affected by CVE-2024-26685 since the code under
consideration is not compiled (entire filesystem is not compiled).
* Note: Oracle has determined that CVE-2024-26696 is not applicable.
Conditional waiting for writeback to complete in NILFS2 filesystem can
lead to a deadlock. A local attacker can exploit this flaw to cause
denial-of-service.
The kernel is not affected by CVE-2024-26696 since the code under
consideration is not compiled (entire filesystem is not compiled).
* Note: Oracle has determined that CVE-2024-26697 is not applicable.
Incorrect offset calculation during block recovery in NILFS2 filesystem
can allow a local attacker to cause data corruption or leak sensitive
information from the kernel memory.
The kernel is not affected by CVE-2024-26697 since the code under
consideration is not compiled (entire filesystem is not compiled).
* Note: Oracle has determined that CVE-2024-26702 is not applicable.
Missing bound check in PNI RM3100 3-Axis Magnetometer driver can lead
to an out-of-bounds read due to underlying hardware failures. A local
or physical attacker can exploit this flaw to cause denial-of-service.
The kernel is not affected by CVE-2024-26702 since the code under
consideration is not compiled (driver not present).
* Note: Oracle has determined that CVE-2024-26712 is not applicable.
This CVE addresses an issue in PowerPC KASAN support. PowerPC is not
supported
which is not included in this kernel.
* Note: Oracle has determined that CVE-2024-26715 is not applicable.
This CVE addresses an issue in DesignWare USB3 DRD Core support which is not
included in this kernel.
* Note: Oracle has determined that CVE-2024-26717 is not applicable.
This CVE addresses an issue in the HID over I2C transport layer Open
Firmware
driver which is not included in this kernel.
* Note: Oracle has determined that CVE-2024-26825 is not applicable.
A device may get deallocated while receiving packets in NFC subsystem,
leading to socket buffers being leaked. A local attacker can exploit
this flaw to exhaust kernel memory and cause a denial-of-service.
The kernel is not affected by CVE-2024-26825 since the code under
consideration is not compiled (NFC support is not enabled).
* Note: Oracle has determined that CVE-2024-26829 is not applicable.
This CVE addresses an issue in Infrared Toy and IR Droid driver which is not
included in this kernel.
* Note: Oracle has determined that CVE-2024-26848 is not applicable.
After a change which hides silly-renames in AFS filesystem, an infinite
loop is possible. A local attacker can exploit this flaw to cause a
denial-of-service.
The kernel is not affected by CVE-2024-26848 since the code under
consideration is not compiled (entire filesystem is not present and
also the problematic change does not exist).
* Note: Oracle will not provide a zero-downtime update for CVE-2023-52437.
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
* Note: Oracle will not provide a zero-downtime update for CVE-2023-52623.
Oracle has determined that the vulnerability does not affect a
running system.
* Note: Oracle will not provide a zero-downtime update for CVE-2024-26628.
This CVE has been rejected by its CNA.
* Note: Oracle will not provide a zero-downtime update for CVE-2024-26707.
Oracle has determined that the CVE has low impact.
A warning in the High-availability Seamless Redundancy (HSR) driver was
changed to warn per device.
* Note: Oracle will not provide a zero-downtime update for CVE-2024-26722.
Oracle has determined that the vulnerability does not affect a running
system.
This CVE-2024-26722 fixes a change introduced earlier in this release
that is
not present on earlier kernels.
* Note: Oracle has determined that CVE-2023-52666 is not applicable.
The kernel is not affected by CVE-2023-52666
since the code under consideration is not compiled.
* Note: Oracle has determined that CVE-2023-52669 is not applicable.
The kernel is not affected by CVE-2023-52669
since the code under consideration is not compiled.
* Note: Oracle has determined that CVE-2023-52670 is not applicable.
The kernel is not affected by CVE-2023-52670
since the code under consideration is not compiled.
* Note: Oracle has determined that CVE-2023-52675 is not applicable.
The kernel is not affected by CVE-2023-52675
since the code under consideration is not compiled.
* Note: Oracle has determined that CVE-2023-52677 is not applicable.
The kernel is not affected by CVE-2023-52677
since the code under consideration is not compiled.
* Note: Oracle has determined that CVE-2023-52686 is not applicable.
The kernel is not affected by CVE-2023-52686
since the code under consideration is not compiled.
* Note: Oracle has determined that CVE-2023-52690 is not applicable.
The kernel is not affected by CVE-2023-52690
since the code under consideration is not compiled.
* Note: Oracle has determined that CVE-2023-52691 is not applicable.
The kernel is not affected by CVE-2023-52691
since the code under consideration is not compiled.
* Note: Oracle has determined that CVE-2023-52694 is not applicable.
The kernel is not affected by CVE-2023-52694
since the code under consideration is not compiled.
* Note: Oracle has determined that CVE-2023-52696 is not applicable.
The kernel is not affected by CVE-2023-52696
since the code under consideration is not compiled.
* Note: Oracle has determined that CVE-2024-35833 is not applicable.
The kernel is not affected by CVE-2024-35833
since the code under consideration is not compiled.
SUPPORT
Ksplice support is available at ksplice-support_ww at oracle.com.
More information about the El-errata
mailing list