[Ksplice][Ubuntu-14.04-Updates] New Ksplice updates for Ubuntu 14.04 Trusty (USN-3360-1)
Oracle Ksplice
ksplice-support_ww at oracle.com
Fri Jul 21 01:29:31 PDT 2017
Synopsis: USN-3360-1 can now be patched using Ksplice
CVEs: CVE-2014-9900 CVE-2015-8944 CVE-2015-8962 CVE-2015-8963 CVE-2015-8964 CVE-2016-10088 CVE-2017-1000380 CVE-2017-7346 CVE-2017-7895 CVE-2017-8924 CVE-2017-8925 CVE-2017-9074 CVE-2017-9605
Systems running Ubuntu 14.04 Trusty can now use Ksplice to patch
against the latest Ubuntu Security Notice, USN-3360-1.
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack running Ubuntu 14.04
Trusty install these updates.
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.
Alternatively, you can install these updates by running:
# /usr/sbin/uptrack-upgrade -y
DESCRIPTION
* CVE-2014-9900: Information disclosure in Wake-On-LAN driver.
Due to a failure to correctly clear memory, sensitive kernel information
can be disclosed to userspace when information about Wake-On-LAN support
is requested. A local attacker could use this flaw to facilitate a
further attack on the kernel.
* CVE-2017-9074: Denial-of-service when using Generic Segmentation Offload on IPV6 socket.
A missing check when using Generic Segmentation Offload on IPV6 socket
could lead to a memory leak. A local attacker could use this flaw to cause
a denial-of-service.
* CVE-2015-8963: Privilege escalation in the perf sub-system on CPU unplug.
A race condition when hashing a software event in the perf sub-system could
lead to a use-after-free and kernel panic. A local user with the ability
to cause CPU unplug could potentially use this flaw to elevate its
privileges.
* CVE-2015-8962: Privilege escalation when detaching SCSI drives.
A double free flaw when detaching an SCSI drive on concurrent DMA
operations could lead to memory corruptions and kernel panic. A local user
with the ability to detach an SCSI drive could potentially use this flaw to
elevate its privileges.
* CVE-2015-8964: Use-after-free in tty line discipline configuration.
Incorrect initialization in the tty subsystem can cause a tty driver to
access previously freed memory. A local attacker could use this to
obtain sensitive information from the kernel.
* CVE-2017-8924: Information leak in Digi Edgeport TI callback completion.
An integer underflow in the Digi Edgeport TI USB driver can allow a malicious
USB device to leak the contents of kernel memory to userspace.
* CVE-2017-7346: Denial-of-service when user defines surface in VMware Virtual GPU driver.
A missing check on user input could lead to an infinite loop. A local
attacker could use this flaw to cause a denial-of-service.
* CVE-2016-10088: Privilege escalation in SCSI device interface.
Incorrect validation when writing to an sg device can result in the
ability to read and write to kernel memory. A local attacker with access
to /dev/sg* devices could use this flaw to escalate privileges.
* CVE-2017-1000380: Information leak when reading timer information from ALSA devices.
A missing data initialization and a race condition when reading timer
information of ALSA devices from user space could lead to an information
leak. A local attacker could use this flaw to get information about
running kernel and facilitate an attack.
* CVE-2017-9605: Information leak when user defines surface in VMware Virtual GPU driver.
A missing initialization of local variable when user defines surface in
VMXGFX driver could leak stack information. A local attacker could use
this flaw to gain information about the running kernel and facilitate an
attack.
* CVE-2017-7895: Remote information leak in kernel NFS server.
Missing bounds checks could result in an out-of-bounds memory access,
allowing a remote attacker to leak the contents of kernel memory.
* CVE-2015-8944: Information disclosure via /proc/iomem.
A failure to correctly check permissions can lead to sensitive addresses
being disclosed from /proc/iomem. A local attacker could use this flaw
to facilitate a further attack on the kernel.
* CVE-2017-8925: Memory leak when opening an Omninet serial driver.
An extra reference on the TTY was taken in the Omninet serial driver on
open, leading to a memory leak. A local, unprivileged user could use this
flaw to exhaust the memory on the system and cause a denial-of-service.
SUPPORT
Ksplice support is available at ksplice-support_ww at oracle.com.
More information about the Ksplice-Ubuntu-14.04-updates
mailing list