[Ksplice][EL7-Updates] New Ksplice updates for OL 7, RHEL 7, CentOS 7, and Scientific Linux 7 (RHSA-2018:2748)

[Oracle Ksplice]

Synopsis: RHSA-2018:2748 can now be patched using Ksplice
CVEs: CVE-2018-14634

Systems running RHCK on Oracle Linux 7, Red Hat Enterprise Linux 7,
CentOS 7, and Scientific Linux 7 can now use Ksplice to patch against
the latest Red Hat Security Advisory, RHSA-2018:2748.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running OL 7, RHEL 7,
CentOS 7, and Scientific Linux 7 install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* CVE-2018-14634: Privilege escalation in ELF executables.

An integer overflow in the argument setup for a new ELF executable could
result in attacker controlled corruption of the user stack when
executing a SUID binary.  A local, unprivileged user could use this flaw
to gain superuser privileges.


* Microcode update failure with SMT disabled.

Runtime disable of SMT would disable late microcode updates, preventing
load of new microcode which may include security fixes.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.