[El-errata] New Ksplice updates for RHCK 9 (ELSA-2024-6997)

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Thu Oct 17 15:22:10 UTC 2024 

Synopsis: ELSA-2024-6997 can now be patched using Ksplice
CVEs: CVE-2023-52439 CVE-2024-26611 CVE-2024-26739 CVE-2024-26822 CVE-2024-26930 CVE-2024-26991 CVE-2024-27022 CVE-2024-35834 CVE-2024-36016 CVE-2024-36899 CVE-2024-38562 CVE-2024-41071 CVE-2024-42225 CVE-2024-46770

Users with Oracle Linux Premier Support can now use Ksplice to patch
against the latest Oracle Linux Security Advisory, ELSA-2024-6997.
More information about this errata can be found at
https://linux.oracle.com/errata/ELSA-2024-6997.html

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running RHCK 9 install
these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* CVE-2023-52439: Use-after-free and double-free in Userspace IO.

A race between open and unregister functions will lead to a
use-after-free and a double-free. A local attacker can exploit this
flaw to cause denial-of-service or aid in other type of attacks.


* CVE-2024-26611: Denial-of-service in XDP sockets driver.

A logic error when using BPF filters with the XDP sockets driver could
lead to a NULL pointer dereference. A local attacker could use this
flaw to cause a denial-of-service.


* CVE-2024-26739: Memory corruption in Redirecting and Mirroring driver.

Incorrect return status of an internal function of the Redirecting and
Mirroring driver could lead to a use-after-free. A local attacker could
use this flaw to cause memory corruption.


* CVE-2024-26822: Privilege escalation in SMB3 and CIFS driver.

A missing check when automounting the SMB3 and CIFS filesystem could
lead to reuse the values from the parent mount. A local attacker could
use this flaw to escalate privileges.


* CVE-2024-26930: Memory corruption in QLogic QLA2XXX Fibre Channel driver.

A logic error when using the QLogic QLA2XXX Fibre Channel driver could
lead to a double free error. A local attacker could use this flaw to
cause memory corruption.


* CVE-2024-26991: Denial-of-service in KVM driver.

A missing check when checking attributes of a hugepage in the KVM driver
could lead to an out-of-bounds memory access. A local attacker could use
this flaw to cause a denial-of-service.


* CVE-2024-27022: Denial-of-service in process management subsystem.

A logic error when duplicating memory of a process in the Linux kernel
could raise a warning. A local attacker could use this flaw to cause
a denial-of-service when panic_on_warn=1.


* CVE-2024-35834: Denial-of-service in XDP sockets driver.

A logic error when using the XDP sockets driver could lead to a memory
leak. An attacker could use this flaw to cause a denial-of-service.


* CVE-2024-36016: Privilege escalation in GSM MUX line discipline driver.

A missing check when using GSM MUX line discipline driver could lead to
an out-of-bounds memory access. A local attacker could use this flaw to
escalate privileges.


* CVE-2024-36899: Denial-of-service in a character device driver.

A logic error when using a character device driver could lead to a
use-after-free. A local attacker could use this flaw to cause a
denial-of-service.


* CVE-2024-38562: Information leak in core WiFi subsystem.

A missing check in the core WiFi subsystem could lead to an
out-of-bounds memory read. An attacker could use this flaw
to cause an information leak.


* CVE-2024-41071: Remote privilege escalation in Generic IEEE 802.11 Networking Stack (mac80211) driver.

A logic error when scanning networks in the Generic IEEE 802.11
Networking Stack (mac80211) driver could lead to an out-of-bounds memory
access. A remote attacker could use this flaw to escalate privileges.


* CVE-2024-42225: Information leak in MediaTek MT7915E driver.

A missing variable initialization when using the MediaTek MT7915E driver
could lead to use of uninitialized memory. A local attacker could use
this flaw to extract sensitive information.


* CVE-2024-46770: Denial-of-service in Intel Ethernet Connection E800 Series driver.

A race condition when resetting the Intel Ethernet Connection E800 Series
device could lead to a NULL pointer dereference. A local attacker could
use this flaw to cause a denial-of-service.


* Note: Oracle has determined some CVEs are not applicable.

The kernel is not affected by the following CVEs
since the code under consideration is not compiled.

CVE-2024-26745, CVE-2024-26947

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.

More information about the El-errata mailing list