[Ksplice][Ubuntu-14.04-Updates] New Ksplice updates for Ubuntu 14.04 Trusty (3.13.0-160.210)

Tue Dec 18 07:12:42 PST 2018

Synopsis: 3.13.0-160.210 can now be patched using Ksplice
CVEs: CVE-2018-1093 CVE-2018-14633 CVE-2018-14634 CVE-2018-15572 CVE-2018-3620 CVE-2018-3646 CVE-2018-6554 CVE-2018-6555

Systems running Ubuntu 14.04 Trusty can now use Ksplice to patch
against the latest Ubuntu kernel update, 3.13.0-160.210.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running Ubuntu 14.04
Trusty install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y

DESCRIPTION

* Information disclosure in AIX partition parsing.

A lack of correct string termination can result in uninitialised memory
being disclosed from the kernel. A local user with the ability to mount
a disk image could use this flaw to facilitate a further attack.

* CVE-2018-6554: Denial-of-service in IRDA socket binding.

Repeated calls to bind() on an IRDA socket could cause a memory leak
resulting in a denial of service by a local, unprivileged user.

* CVE-2018-6555: Privilege escalation in IRDA setsockopt().

Missing liveness checks could result in a use-after-free when performing
setsockopt() on an IRDA socket.  A local, unprivileged user could use
this flaw to corrupt kernel memory and potentially escalate privileges.

* Improved fix to CVE-2018-1093: Denial-of-service in ext4 bitmap block validity check.

Incorrect bitmap range checks could result in bitmap corruption and lost
space on an ext4 filesystem.

* CVE-2018-14634: Privilege escalation in ELF executables.

An integer overflow in the argument setup for a new ELF executable could
result in attacker controlled corruption of the user stack when
executing a SUID binary.  A local, unprivileged user could use this flaw
to gain superuser privileges.

* CVE-2018-14633: Information leak in iSCSI CHAP authentication.

A stack overflow in the iSCSI CHAP authentication MD5 computation could
result in an out of bounds access and denial of service or potentially
leaking sensitive data by an unauthenticated remote user.

* Improved fix for CVE-2018-3620, CVE-2018-3646 Information leak in Intel CPUs under terminal fault.

A missing change in the original fix for CVE-2018-3620 and CVE-2018-3646
can result in a kernel crash when huge pages are used.

* CVE-2018-15572: Information leak in context switches (SpectreRSB).

Missing RSB fills on some CPU families during context switch could allow
leaking of information between processes with a Spectre v2 attack.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.