[El-errata] New Ksplice updates for UEKR6 5.4.17 on OL7 and OL8 (ELSA-2024-12780)
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Wed Oct 23 06:04:28 UTC 2024
Synopsis: ELSA-2024-12780 can now be patched using Ksplice
CVEs: CVE-2022-3903 CVE-2024-27397 CVE-2024-41012 CVE-2024-41015 CVE-2024-41020 CVE-2024-41042 CVE-2024-41072 CVE-2024-41090 CVE-2024-41091 CVE-2024-42259 CVE-2024-42265 CVE-2024-42280 CVE-2024-42281 CVE-2024-42283 CVE-2024-42284 CVE-2024-42285 CVE-2024-42286 CVE-2024-42287 CVE-2024-42288 CVE-2024-42289 CVE-2024-42292 CVE-2024-42304 CVE-2024-42305 CVE-2024-42306 CVE-2024-43856 CVE-2024-43861 CVE-2024-43882 CVE-2024-43883 CVE-2024-43893 CVE-2024-44944 CVE-2024-44948 CVE-2024-46738
Users with Oracle Linux Premier Support can now use Ksplice to patch
against the latest Oracle Linux Security Advisory, ELSA-2024-12780.
More information about this errata can be found at
https://linux.oracle.com/errata/ELSA-2024-12780.html
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack running UEKR6 5.4.17 on
OL7 and OL8 install these updates.
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.
Alternatively, you can install these updates by running:
# /usr/sbin/uptrack-upgrade -y
DESCRIPTION
* CVE-2022-3903: Denial-of-service in the MCE Infrared Transceiver USB driver.
A flaw in the MCE Infrared Transceiver USB driver (mceusb) could
allow a local user with physical access to attach a specially
crafted malicious USB device and cause a denial-of-service.
* CVE-2024-27397: Privilege escalation in netfilter subsystem.
A logic error when using the netfilter subsystem could lead to a use-
after-free. A local attacker could use this flaw to escalate privileges.
* CVE-2024-41012, CVE-2024-41020: Information leak in core filesystem layer.
A race condition when using the core filesystem layer could lead to a
use-after-free. A local attacker could use this flaw to extract
sensitive information.
* CVE-2024-41015: Disk corruption in OCFS2 filesystem.
A missing check when using the OCFS2 filesystem could lead to an out-of-
bounds memory access. A local attacker could use this flaw to cause disk
corruption.
* CVE-2024-41042: Denial-of-service in netfilter subsystem.
A logic error when using the netfilter subsystem could lead to an
infinite loop / recursion. A local attacker could use this flaw to cause
a denial-of-service.
* CVE-2024-41072: Privilege escalation in core WiFi subsystem.
A missing check when using the core WiFi subsystem could lead to an out-
of-bounds memory access. A local attacker could use this flaw to cause a
denial-of-service or potentially escalate privileges.
* CVE-2024-41090, CVE-2024-41091: Information leak in Universal TUN/TAP device driver.
A missing check when using the Universal TUN/TAP device driver could
lead to an out-of-bounds memory access. A local attacker could use this
flaw to cause information leak.
* CVE-2024-42259: Privilege escalation in Intel GFX driver.
A logic error when using the Intel GFX driver could lead to a use-after-
free. A local attacker could use this flaw to escalate privileges.
* CVE-2024-42265: Information leak in core filesystem layer.
Missing barrier check when using the core filesystem layer could lead to
speculatively executing a branch with out-of-bounds access. A local
attacker could use this flaw to extract sensitive information.
* CVE-2024-42280: Information leak in HFC-4S/8S/E1 ISDN controller driver.
A logic error when using the HFC-4S/8S/E1 ISDN controller driver could
lead to a use-after-free. A local attacker could use this flaw to
extract sensitive information.
* CVE-2024-42281: Denial-of-service in core net subsystem.
A logic error when using the BPF functionality could lead to a kernel
oops. A local attacker could use this flaw to cause a denial-of-service.
* CVE-2024-42283: Remote information leak in TCP/IP networking stack.
A missing variable initialization when using the TCP/IP networking stack
could lead to an out-of-bounds memory access. A remote attacker could
use this flaw to extract sensitive information.
* CVE-2024-42284: Privilege escalation in TIPC driver.
Incorrect return status when using the TIPC driver could lead to a
buffer overflow. A local attacker could use this flaw to escalate
privileges.
* CVE-2024-42285: Privilege escalation in InfiniBand driver.
A missing check when using the InfiniBand driver could lead to a use-
after-free. A local attacker could use this flaw to escalate privileges.
* CVE-2024-42286: Denial-of-service in QLogic QLA2XXX Fibre Channel driver.
A logic error when using the QLogic QLA2XXX Fibre Channel driver could
lead to a NULL pointer dereference. A local attacker could use this flaw
to cause a denial-of-service.
* CVE-2024-42287: Denial-of-service in QLogic QLA2XXX Fibre Channel driver.
A logic error when using the QLogic QLA2XXX Fibre Channel driver could
lead to a NULL pointer dereference. A local attacker could use this flaw
to cause a denial-of-service.
* CVE-2024-42288: Memory corruption in QLogic QLA2XXX Fibre Channel driver.
There is an incorrect dereference in the firmware handling code of the
QLogic QLA2XXX Fibre Channel driver. A local attacker could use this
flaw to cause memory corruption.
* CVE-2024-42289: Denial-of-service in QLogic QLA2XXX Fibre Channel driver.
A logic error when using the QLogic QLA2XXX Fibre Channel driver could
lead to a NULL pointer dereference. A local attacker could use this flaw
to cause a denial-of-service.
* CVE-2024-42292: Information leak in kernel userspace event delivery library.
A logic error when using the kernel userspace event delivery library
could lead to an out-of-bounds memory access. A local attacker could use
this flaw to extract sensitive information.
* CVE-2024-42304, CVE-2024-42305: Denial-of-service in ext4 filesystem.
Missing checks when using the ext4 filesystem could lead to a kernel
oops. A local attacker could use this flaw to cause a denial-of-service.
* CVE-2024-42306: Denial-of-service in UDF filesystem.
A logic error in data corruption handling when using the UDF filesystem
could lead to a kernel oops. A local attacker could use this flaw to
cause a denial-of-service.
* CVE-2024-43856: Denial-of-service in core kernel DMA code.
A logic error when using direct memory access could lead to freeing
unintended things. A local attacker could use this flaw to cause a
denial-of-service.
* CVE-2024-43861: Remote denial-of-service in QMI WWAN driver.
A missing free in the QMI WWAN driver could lead to a memory leak.
A remote attacker could use this flaw to cause a denial-of-service.
* CVE-2024-43882: Privilege escalation in core filesystem layer.
A missing check when executing an open file could race with changing
its permissions to remove privileges. A local attacker could use this
flaw to escalate privileges.
* CVE-2024-43883: Privilege escalation in USB/IP virtual host controller driver.
Locking errors when handling reset event by the USB/IP VHCI driver
could lead to a use-after-free. A physical attacker could use this
flaw to escalate privileges.
* CVE-2024-43893: Denial-of-service in core serial tty driver.
A missing check when using the core serial tty driver could lead to
divide-by-zero error. A local attacker could use this flaw to cause a
denial-of-service.
* CVE-2024-44944: Information leak in netfilter subsystem.
A logic error when using the netfilter subsystem could lead to partial
address leak to userspace. A local attacker could use this flaw to
extract sensitive information.
* CVE-2024-44948: Denial-of-service in x86 Memory Type Range Register driver.
A missing check when using the x86 MTRR driver could lead to a NULL
pointer dereference. A local attacker could use this flaw to cause a
denial-of-service.
* CVE-2024-46738: Privilege escalation in VMware VMCI.
A missing check when removing a resource in the VMware VMCI driver could
lead to a use-after-free. A local attacker could use this flaw to gain
root privileges.
Orabug: 37037205
* Denial-of-service in netfilter (IP set) subsystem.
A race condition when using the netfilter (IP set) subsystem could lead
to incorrect behaviour. A local attacker could use this flaw to cause a
denial-of-service.
* Note: Oracle has determined some CVEs are not applicable.
The kernel is not affected by the following CVEs
since the code under consideration is not compiled.
CVE-2023-52889, CVE-2024-41017, CVE-2024-41059, CVE-2024-41064,
CVE-2024-41065, CVE-2024-41068, CVE-2024-41070, CVE-2024-41081,
CVE-2024-42271, CVE-2024-42290, CVE-2024-42295, CVE-2024-42297,
CVE-2024-42311, CVE-2024-42313, CVE-2024-43841, CVE-2024-43846,
CVE-2024-43858, CVE-2024-43860, CVE-2024-43880, CVE-2024-44960,
CVE-2024-44969
SUPPORT
Ksplice support is available at ksplice-support_ww at oracle.com.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part
URL: <http://oss.oracle.com/pipermail/el-errata/attachments/20241023/30dda4b0/attachment.sig>
More information about the El-errata
mailing list