[Ksplice][EL7-Updates] New Ksplice updates for OL 7, RHEL 7, CentOS 7, and Scientific Linux 7 (RHSA-2020-5437:01)

Mon Dec 21 00:08:39 PST 2020

Synopsis: RHSA-2020-5437:01 can now be patched using Ksplice
CVEs: CVE-2019-18282 CVE-2020-10769 CVE-2020-14314 CVE-2020-14385 CVE-2020-24394 CVE-2020-25212 CVE-2020-25643

Systems running RHCK on Oracle Linux 7, Red Hat Enterprise Linux 7,
CentOS 7, and Scientific Linux 7 can now use Ksplice to patch against
the latest Red Hat Security Advisory, RHSA-2020-5437:01.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running OL 7, RHEL 7,
CentOS 7, and Scientific Linux 7 install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y

DESCRIPTION

* CVE-2020-25212: Out-of-bounds writes in RPC operations of Network File System.

Out-of-bounds writes in RPC operations of Network File System
could cause a system crash. This flaw could allow a local user
to crash the system and cause a denial-of-service or potentially
escalating their privileges on the system.

Orabug: 31872895

* Note: Oracle is still investigating potential zero-downtime mitigations for CVE-2019-18282.

Fixes for this CVE are still undergoing analysis and testing.
A zero-downtime update may be provided at a later date.

* CVE-2020-14385: Denial of service in XFS filesystem.

A flaw in XFS filesystem could cause an inode with a valid extended
attribute to be wrongly flagged as corrupted leading to the XFS
filesystem shutdown. A local, unprivileged user could use this flaw for
a denial-of-service.

Orabug: 31895365

* CVE-2020-25643: Memory corruption in WAN HDLC-PPP due to missing error checking.

A missing error handling code in WAN HDLC-PPP implementation could lead
to a memory corruption. A local user could use this flaw to cause
a denial-of-service or an arbitrary code execution.

* CVE-2020-14314: Denial-of-service in ext4 file system due to a broken indexing.

A memory out-of-bounds reads could happen in ext4 file system due to
a broken indexing. This flaw could allow a local user to crash the
system and cause a denial-of-service.

Orabug: 31895332

* CVE-2020-10769: Out-of-bounds memory access in authenticated encryption key parsing.

A logic error when reading unaligned keys for authenticated encryption can lead
to an integer underflow and result in a out-of-bounds memory access, leading to
a kernel crash. A local user could use this flaw to cause a denial-of-service.

* CVE-2020-24394: Information leak when exporting a filesystem over NFS.

A logic error when exporting a filesystem without ACL support over NFS
could lead to wrong permissions being used for newly created files. An
attacker could use this flaw to leak information stored in this
filesystem.

* Add ftrace safety guard for existing Ksplice updates.

Ftrace is generally incompatible with Ksplice's patching process; it must
be disabled when patches are applied. Prevent crashes in patching due to
functions under active ftrace while patching.

* Clean up ftrace safety guard for existing Ksplice updates.

Ftrace is generally incompatible with Ksplice's patching process; it must
be disabled when patches are applied. Prevent crashes in patching due to
functions under active ftrace while patching.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.