[Ksplice][Ubuntu-14.04-Updates] New Ksplice updates for Ubuntu 14.04 Trusty (USN-3620-1)

Thu Apr 5 03:46:48 PDT 2018

Synopsis: USN-3620-1 can now be patched using Ksplice
CVEs: CVE-2017-11089 CVE-2017-12762 CVE-2017-17448 CVE-2017-17741 CVE-2017-17805 CVE-2017-17807 CVE-2018-1000026 CVE-2018-5332

Systems running Ubuntu 14.04 Trusty can now use Ksplice to patch
against the latest Ubuntu Security Notice, USN-3620-1.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running Ubuntu 14.04
Trusty install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y

DESCRIPTION

* CVE-2017-11089: Out-of-bounds access when setting a specific wireless attribute.

A missing check on input from userspace when setting wireless local mesh
power mode attribute could lead to an out-of-bounds access. A local
attacker could use this flaw to cause a denial-of-service.

* CVE-2017-12762: Buffer overflow when using Integrated Services Digital Network driver.

A missing check when using Integrated Services Digital Network driver
could lead to a buffer overflow. A local attacker could use this flaw to
cause a denial-of-service.

* CVE-2017-17741: Denial-of-service in kvm_mmio tracepoint.

An out-of-bounds access in the kvm_mmio tracepoint could result in a
kernel crash.  A malicious guest could use this flaw to crash the
virtualization host.

* Denial-of-service when shutting down iSCSI transport interface.

Logic errors when shutting down iSCSI transport interface without logging
out could cause a deadlock. A local attacker could use this flaw to
cause a denial-of-service.

* CVE-2017-17805: Denial-of-service in SALSA20 block cipher.

Incorrect handling of zero length buffers could result in an invalid
pointer dereference and kernel crash.  A local, unprivileged user could
use this flaw to crash the system, or potentially, escalate privileges.

* CVE-2018-5332: Out-of-bounds write when sending messages through Reliable Datagram Sockets.

A missing check when sending messages through Reliable Datagram Sockets
could lead to an out-of-bounds write in the heap. A local attacker could
use this flaw to cause a denial-of-service.

* CVE-2017-17448: Unprivileged access to netlink namespace creation.

net/netfilter/nfnetlink_cthelper.c in the Linux kernel through 4.14.4
does not require the CAP_NET_ADMIN capability for new, get, and del
operations, which allows local users to bypass intended access
restrictions because the nfnl_cthelper_list data structure is shared
across all net namespaces.

* CVE-2017-17807: Permissions bypass when requesting key on default keyring.

When calling request_key() with no keyring specified, the requested key
is generated and added to the keyring even if the user does not have
write permissions.

* Data corruption when using Microsoft Hyper-V virtual storage driver.

A logic error when queueing command in Microsoft Hyper-V virtual storage
driver could lead to on-disk data corruption. This could cause a
denial-of-service or corruption of important logs.

* CVE-2018-1000026: Denial-of-service when receiving invalid packet on bnx2x network card.

A missing input validation when receiving invalid packet on bnx2x
network card could lead to network outage. A remote attacker could use
this flaw to cause a denial-of-service.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.