[Ksplice][Ubuntu-14.04-Updates] New Ksplice updates for Ubuntu 14.04 Trusty (USN-3933-1)

Wed Apr 3 06:22:37 PDT 2019

Synopsis: USN-3933-1 can now be patched using Ksplice
CVEs: CVE-2017-1000410 CVE-2017-18360 CVE-2018-19824 CVE-2019-3459 CVE-2019-3460 CVE-2019-6974 CVE-2019-7222 CVE-2019-9213

Systems running Ubuntu 14.04 Trusty can now use Ksplice to patch
against the latest Ubuntu Security Notice, USN-3933-1.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running Ubuntu 14.04
Trusty install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y

DESCRIPTION

* CVE-2019-6974: Use-after-free in KVM device creation.

A reference count manipulation error when creating a KVM device can result in
an early free, leading to a use-after-free. A local user with access to KVM
could use this flaw to cause a kernel crash or potentially escalate privileges.

* CVE-2019-7222: Information disclosure in KVM VMX emulation.

Incorrectly handling a page fault exception while emulating VMX instructions
can result in leaking host stack information to a guest. A guest VM could use
this flaw to facilitate a further attack on the host.

* CVE-2018-19824: Use-after-free when connecting ALSA USB sound device.

A use-after-free when connecting an ALSA USB sound device could result
in memory corruption, potentially allowing a malicious user to corrupt
memory or escalate privileges.

* CVE-2017-1000410: Information leak in Bluetooth L2CAP messages.

Incorrect handling of short EFS elements in an L2CAP message could allow
an attacker to leak the contents of kernel memory.

* CVE-2019-9213: Bypass of mmap_min_addr restriction.

An incorrect capability check in the mmap memory expansion implementation can
result in applications being able to bypass the minimum mmap address
restriction. A local user on a system without SMAP enabled could use this flaw
to exploit kernel NULL pointer dereferences.

* CVE-2019-3459: Information leak when processing L2CAP options controlled by an attacker.

Missing checks on options lengths when processing L2CAP options could lead
to an information leak. A local attacker could use this flaw to leak
information about running kernel and facilitate an attack.

* CVE-2019-3460: Information leak when parsing L2CAP options received from userspace.

Missing checks when parsing L2CAP option received from userspace could
lead to an information leak. A local attacker could use this flaw to
leak information about running kernel and facilitate an attack.

* CVE-2017-18360: Divide-by-zero error when setting port option of USB Inside Out Edgeport Serial Driver.

A missing check when setting port option of USB Inside Out Edgeport
Serial Driver could lead to a divide-by-zero error. A local attacker
could use this flaw to cause a denial-of-service.

* NULL pointer dereference when using Intel(R) 10GbE PCI Express adapters.

A missing check when using Intel(R) 10GbE PCI Express adapters could
lead to a NULL pointer dereference. A local attacker could use this flaw
to cause a denial-of-service.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.