[Ksplice-Fedora-27-updates] New Ksplice updates for Fedora 27 ( FEDORA-2018-6dacc4732c)

Oracle Ksplice ksplice-support_ww at oracle.com
Mon May 14 11:59:26 PDT 2018 

Synopsis:  FEDORA-2018-6dacc4732c can now be patched using Ksplice

Systems running Fedora 27 can now use Ksplice to patch against the
latest Fedora kernel update,  FEDORA-2018-6dacc4732c.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running Fedora 27
install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* NULL pointer dereference when using IPv6 Segment Routing Header encapsulation with IPv4 traffic.

A logic error when using IPv6 Segment Routing Header encapsulation with
IPv4 traffic could lead to a NULL pointer dereference. A local attacker
could use this flaw to cause a denial-of-service.


* Denial-of-service when setting a long option name to dns_resolver key.

A missing check on user input when setting a long option name to
dns_resolver key could lead to a flood of kernel log. A local attacker
could use this flaw to cause a denial-of-service.


* Invalid memory access when connecting PPP over L2TP socket.

A missing check when connecting PPP over L2TP socket could lead to an
invalid memory access. A local attacker could use this flaw to cause a
denial-of-service.


* Invalid memory access when releasing ANSI/IEEE 802.2 LLC type 2 socket.

A missing stop of deferred work when releasing ANSI/IEEE 802.2 LLC type
2 socket could lead to an invalid memory access. A local attacker could
use this flaw to cause a denial-of-service.


* Uninitialized memory access when setting packet ring in raw packet socket.

A locking error when setting packet ring in raw packet socket could lead
to an uninitialized memory access. A local attacker could use this flaw to
cause a denial-of-service.


* Invalid memory access when connecting PPP over Ethernet socket.

A missing check on user input when connecting PPP over Ethernet socket
could lead to an invalid memory access. A local attacker could use this
flaw to cause a denial-of-service.


* NULL pointer dereference when closing a TCP connection.

A missing zeroing of resources when closing a TCP connection could lead
to a NULL pointer dereference. A local attacker could use this flaw to
cause a denial-of-service.


* Out-of-bounds access when parsing TCP MD5 Signature.

A missing check when parsing TCP MD5 Signature could lead to an
out-of-bounds access. A local attacker could use this flaw to cause a
denial-of-service.


* Invalid memory access when setting TCP MD5 signature socket option.

A missing check when setting TCP MD5 signature socket option could lead
to an invalid memory access. A local attacker could use this flaw to
cause a denial-of-service.


* Kernel assert when setting options in Ethernet team driver.

A logic error when setting 2 times the same option in Ethernet team
driver could lead to a kernel assert if kernel list debug is activated.
A local attacker could use this flaw to cause a denial-of-service.


* Out-of-bounds access when using VLAN tagged packets.

A missing check when using VLAN tagged packets could lead to an
out-of-bounds access. A local attacker could use this flaw to cause a
denial-of-service.


* Out-of-bounds access when using Inter-FE based on IETF ForCES InterFE LFB socket.

Missing checks when using Inter-FE based on IETF ForCES InterFE LFB
socket could lead to out-of-bounds accesses. A remote attacker could use
this flaw to cause a denial-of-service.


* Use-after-free in L2TP tunnel debug files.

Missing references holding in L2TP tunnel debug files could lead to
multiple use-after-free. A local attacker could use this flaw to cause a
denial-of-service.


* Out-of-bounds access when dumping network neighbor table.

A missing check when dumping network neighbour table could lead to an
out-of-bounds access. A local attacker could use this flaw to cause a
denial-of-service.


* Out-of-bounds access when initializing Broadcom NetXtreme-C/E driver.

An logic error when retrieving data for firmware images during
initialization of Broadcom NetXtreme-C/E driver could lead to an
out-of-bounds access. A local attacker could use this flaw to cause a
denial-of-service.


* NULL pointer dereference when shutting down an already closed aQuantia device.

A missing check when shutting down an already closed aQuantia device
could lead to a NULL pointer dereference. A local attacker could use
this flaw to cause a denial-of-service.


* NULL pointer dereference when getting security xattr.

A logic error when getting security xattr of an inode could lead to a
NULL pointer dereference. A local attacker could use this flaw to cause
a denial-of-service.


* Information leak when checking if CD-ROM media changed.

A missing check when user checks if CD-ROM media changed using an IOCTL
could lead to an information leak. A local attacker could use this flaw
to leak information about running kernel and facilitate an attack.


* Invalid memory access when adding IPv6 route.

A logic error when adding IPv6 route could lead to an invalid memory
access. A local attacker could use this flaw to cause a
denial-of-service.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.

More information about the Ksplice-Fedora-27-Updates mailing list