[Ksplice][Ubuntu-16.04-Updates] New Ksplice updates for Ubuntu 16.04 Xenial (USN-4145-1)

Mon Oct 14 02:44:09 PDT 2019

Synopsis: USN-4145-1 can now be patched using Ksplice
CVEs: CVE-2016-10905 CVE-2017-18509 CVE-2018-20961 CVE-2018-20976 CVE-2019-0136 CVE-2019-10207 CVE-2019-11487 CVE-2019-13631 CVE-2019-15211 CVE-2019-15215 CVE-2019-15926

Systems running Ubuntu 16.04 Xenial can now use Ksplice to patch
against the latest Ubuntu Security Notice, USN-4145-1.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running Ubuntu 16.04
Xenial install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y

DESCRIPTION

* CVE-2017-18509: Memory corruption in IPv6 via setting socket options.

A missing check in the IPv6 ip6mr code could allow a privileged attacker
to control a pointer in kernel land, potentially causing a general
protection fault or being able to execute arbitrary code.

* CVE-2019-15215: Denial-of-service when disconnecting CPiA2 USB camera.

A use-after-free vulnerability in the V4L2 interface for CPiA2 USB
camera allows a malicious USB device to crash the kernel. An attacker
could exploit this to cause a denial-of-service.

* CVE-2019-10207: NULL pointer dereference in Bluetooth TTY operations.

A missing check in some Bluetooth drivers could lead to a NULL
pointer dereference triggered by an unprivileged user while executing
certain tty operations.  This could be exploited to cause a denial of
service attack.

* CVE-2019-15926: Out-of-bounds access in Atheros mobile chipsets driver.

A missing check on received network packet in Atheros mobile chipsets
driver could lead to an out-of-bounds access. A local attacker could use
this flaw to cause a denial-of-service.

* CVE-2019-0136: Denial-of-service in Intel(R) wifi driver.

Insufficient access control in the Intel(R) PROSet/Wireless WiFi driver
may allow an unauthenticated user in the same network to cause a
denial-of-service.

* CVE-2018-20976: Use-after-free when mounting XFS filesystem.

A logic error when mounting XFS filesystem fails during super block
creation, could lead to a use-after-free. A local attacker could use
this flaw to cause a denial-of-service.

* CVE-2018-20961: Use-after-free when using USB f_midi gadget.

A logic error when reconfiguring interface in USB f_midi gadget driver
could lead to a use-after-free. A local attacker could use this flaw to
cause a denial-of-service.

* CVE-2019-11487: Invalid memory access when overflowing pages refcount.

A reference count issue could let an attacker overflow pages reference
count and leads to invalid memory accesses. A local attacker could use
this flaw to cause a denial-of-service.

* CVE-2016-10905: Use-after-free in GFS2 file system.

A logic error when using resource group to keep track of block
allocation in GFS2 filesystem could lead to a use-after-free. A local
attacker could use this flaw to cause a denial-of-service.

* CVE-2019-13631: Denial-of-service in GTCO CalComp/InterWrite tablet.

Missing range checks could allow an out-of-bounds stack memory write
when parsing USB descriptors.  A physically present user could use a
malicious device to trigger an out-of-bounds access leading to a kernel
crash.

* Note: Oracle will not provide a zero-downtime update for CVE-2019-15211.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.