[El-errata] New Ksplice updates for UEKR6 5.4.17 on OL7 and OL8 (ELSA-2025-20100)

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Sat Mar 1 12:22:53 UTC 2025 

Synopsis: ELSA-2025-20100 can now be patched using Ksplice
CVEs: CVE-2024-38538 CVE-2024-49996 CVE-2024-50264 CVE-2024-50265 CVE-2024-50273 CVE-2024-50278 CVE-2024-50279 CVE-2024-50301 CVE-2024-53103 CVE-2024-53104 CVE-2024-53112 CVE-2024-53140 CVE-2024-53141 CVE-2024-53146 CVE-2024-53155 CVE-2024-53173 CVE-2024-53174 CVE-2024-53680 CVE-2024-56558 CVE-2024-56600 CVE-2024-56601 CVE-2024-56602 CVE-2024-56603 CVE-2024-56605 CVE-2024-56606 CVE-2024-56637 CVE-2024-56650 CVE-2024-56739 CVE-2024-56770 CVE-2024-57850 CVE-2024-57901 CVE-2024-57902

Users with Oracle Linux Premier Support can now use Ksplice to patch
against the latest Oracle Linux Security Advisory, ELSA-2025-20100.
More information about this errata can be found at
https://linux.oracle.com/errata/ELSA-2025-20100.html

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running UEKR6 5.4.17 on
OL7 and OL8 install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* CVE-2024-38538: Data corruption in 802.1d Ethernet Bridging.

A missing check when sending a short skb in the 802.1d Ethernet
Bridging driver could lead to use of uninitialized memory. An
attacker could use this flaw to cause data corruption.


* CVE-2024-49996: Privilege escalation in SMB3 and CIFS driver.

A missing check when parsing NFS reparse points in the SMB3 and CIFS
driver could lead to an out-of-bounds memory access. A remote attacker
could use this flaw to escalate privileges.


* CVE-2024-50264: Privilege escalation in Virtual Socket protocol driver.

A missing variable initialization during loopback communication in the
Virtual Socket protocol driver could lead to a use-after-free. A local
attacker could use this flaw to escalate privileges.


* CVE-2024-50265: Denial-of-service in OCFS2 filesystem.

A logic error when setting extended attributes in the OCFS2 filesystem
could lead to a NULL pointer dereference. A local attacker could use
this flaw to cause a denial-of-service.


* CVE-2024-50273: Denial-of-service in Btrfs filesystem driver.

A logic error when handling delayed reference counting in the Btrfs
filesystem driver could lead to a use-after-free. A local attacker could
use this flaw to cause a denial-of-service.


* CVE-2024-50278, CVE-2024-50279: Privilege escalation in Cache target driver.

Logic errors when manipulating cache in the Cache target driver could
lead to an out-of-bounds memory access. A local attacker could use this
flaw to escalate privileges.


* CVE-2024-50301: Privilege escalation in Keyring subsystem.

A missing check when checking if a key can be used in the Keyring
subsystem could lead to an out-of-bounds memory access. A local attacker
could use this flaw to escalate privileges.


* CVE-2024-53103: Privilege escalation in Virtual Socket protocol driver.

A missing variable initialization when destroying socket in the Virtual
Socket protocol driver could lead to a use-after-free. A local attacker
could use this flaw to escalate privileges.


* CVE-2024-53104: Privilege escalation in USB Video Class driver.

A missing check when using the UVC driver could lead to an out-of-bounds
memory write. A local attacker could use this flaw to escalate
privileges.


* CVE-2024-53112: Denial-of-service in OCFS2 filesystem.

A missing check when using OCFS2_IOC_GROUP_ADD ioctl in the OCFS2
filesystem could lead to a kernel assertion failure. A local
attacker could use this flaw to cause a denial-of-service.


* CVE-2024-53140: Privilege escalation in netlink driver.

A logic error when using the netlink driver could lead to a
use-after-free. A local attacker could use this flaw to escalate
privileges.


* CVE-2024-53141: Privilege escalation in netfilter (IP set) subsystem.

A missing check when updating the bitmap for IP addresses in the
netfilter subsystem could lead to an out-of-bounds memory access.
A local attacker could use this flaw to escalate privileges.


* CVE-2024-53146: Information leak in NFS server driver.

A logic error when using the NFS server driver could lead to an
out-of-bounds memory access. A local attacker could use this flaw to
extract sensitive information.


* CVE-2024-53155: Information leak in OCFS2 filesystem.

A missing variable initialization when using the OCFS2 filesystem could
lead to use of uninitialized memory. A local attacker could use this
flaw to extract sensitive information.


* CVE-2024-53173: Privilege escalation in NFS client driver.

A logic error when opening multiple files concurrently in the NFS client
driver could lead to a use-after-free. A local attacker could use this
flaw to escalate privileges.


* CVE-2024-53174: Privilege escalation in SUNRPC networking stack.

A missing check when using the SUNRPC networking stack could lead to a
use-after-free. A local attacker could use this flaw to escalate
privileges.


* CVE-2024-53680: Denial-of-service in IP virtual server driver.

Undefined behaviour in the IP virtual server driver could lead to a
kernel panic. A local attacker could use this flaw to cause a
denial-of-service.


* CVE-2024-56558: Privilege escalation in NFS server driver.

A missing check when using the NFS server driver could lead to a
use-after-free. A local attacker could use this flaw to escalate
privileges.


* CVE-2024-56600: Privilege escalation in IPv6 networking stack.

A missing variable initialization when creating a socket fails in the
IPv6 networking stack could lead to a use-after-free. A local attacker
could use this flaw to escalate privileges.


* CVE-2024-56601: Privilege escalation in IPv4 networking stack.

A missing variable initialization when creating a socket fails in the
IPv4 networking stack could lead to a use-after-free. A local attacker
could use this flaw to escalate privileges.


* CVE-2024-56602: Privilege escalation in IEEE Std 802.15.4 Low-Rate Wireless Personal Area Networks driver.

A missing variable initialization when creating a socket fails in the
IEEE Std 802.15.4 Low-Rate Wireless Personal Area Networks driver could
lead to a use-after-free. A local attacker could use this flaw to
escalate privileges.


* CVE-2024-56603: Privilege escalation in CAN bus subsystem driver.

A missing variable initialization when creating a CAN socket fails in
the CAN bus subsystem driver could lead to a use-after-free. A local
attacker could use this flaw to escalate privileges.


* CVE-2024-56605: Privilege escalation in Bluetooth subsystem driver.

A missing variable initialization when creating a l2cap socket fails in
the Bluetooth subsystem driver could lead to a use-after-free. A local
attacker could use this flaw to escalate privileges.


* CVE-2024-56606: Privilege escalation in packet protocol networking stack.

A logic error when using the packet protocol networking stack could lead
to a use-after-free. A local attacker could use this flaw to escalate
privileges.


* CVE-2024-56637: Denial-of-service in netfilter (IP set) subsystem.

A logic error when using the netfilter (IP set) subsystem could lead to
a kernel crash. A local attacker could use this flaw to cause a
denial-of-service.


* CVE-2024-56650: Privilege escalation in netfilter subsystem.

A missing check when using the netfilter subsystem could lead to an
out-of-bounds memory access. A local attacker could use this flaw to
escalate privileges.


* CVE-2024-56739: Denial-of-service in RTC subsystem.

A locking error when using the RTC subsystem could lead to kernel
soft-lockup. A local attacker could use this flaw to cause a
denial-of-service.


* CVE-2024-56770: Privilege escalation in network emulator.

A logic error when using the network emulator could lead to an integer
overflow. A local attacker could use this flaw to escalate privileges.


* CVE-2024-57850: Memory corruption in JFFS2 filesystem.

A missing check when using the JFFS2 filesystem could lead to an
out-of-bounds memory write. A local attacker could use this flaw to
cause memory corruption.


* CVE-2024-57901, CVE-2024-57902: Remote denial-of-service in packet protocol networking stack.

A logic error when receiving a message using the packet protocol
networking stack could lead to a kernel panic. A remote attacker
could use this flaw to cause a denial-of-service.


* Denial-of-service in Mellanox network adapter driver.

A logic error in the Mellanox network adapter driver code causes
truncation of the user access region (UAR) page index when using
the dynamic UAR feature if there are more than 35,000 completion
queues, leading to severe performance degradation and eventually
a denial-of-service.

Orabug: 37029739


* Note: Oracle has determined some CVEs are not applicable.

The kernel is not affected by the following CVEs
since the code under consideration is not compiled.

CVE-2022-49034, CVE-2024-43098, CVE-2024-50051, CVE-2024-50269,
CVE-2024-50287, CVE-2024-50296, CVE-2024-53130, CVE-2024-53131,
CVE-2024-53145, CVE-2024-53148, CVE-2024-53158, CVE-2024-53161,
CVE-2024-53165, CVE-2024-53181, CVE-2024-53183, CVE-2024-53184,
CVE-2024-56548, CVE-2024-56562, CVE-2024-56567, CVE-2024-56572,
CVE-2024-56581, CVE-2024-56586, CVE-2024-56595, CVE-2024-56596,
CVE-2024-56597, CVE-2024-56598, CVE-2024-56619, CVE-2024-56634,
CVE-2024-56643, CVE-2024-56645, CVE-2024-56659, CVE-2024-56691,
CVE-2024-56700, CVE-2024-56704, CVE-2024-56723, CVE-2024-56724,
CVE-2024-56746, CVE-2024-56766, CVE-2024-56781, CVE-2024-57849

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.

More information about the El-errata mailing list