[Ksplice][Ubuntu-16.10-Updates] New Ksplice updates for Ubuntu 16.10 Yakkety (4.8.0-59.64)

Tue Jul 18 03:55:40 PDT 2017

Synopsis: 4.8.0-59.64 can now be patched using Ksplice
CVEs: CVE-2014-9900 CVE-2016-9755 CVE-2017-1000380 CVE-2017-5551 CVE-2017-7346 CVE-2017-7895 CVE-2017-8924 CVE-2017-8925 CVE-2017-9074 CVE-2017-9150

Systems running Ubuntu 16.10 Yakkety can now use Ksplice to patch
against the latest Ubuntu kernel update, 4.8.0-59.64.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running Ubuntu 16.10
Yakkety install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y

DESCRIPTION

* Improved fix for CVE-2017-9074: Denial-of-service when parsing IPv6 header options.

The original fix for CVE-2017-9074 was incomplete and introduced logic
errors where a failure to parse IPv6 header options would be silently
missed.  A remote attacker could use this flaw to cause memory leaks or a
denial-of-service.

* CVE-2014-9900: Information disclosure in Wake-On-LAN driver.

Due to a failure to correctly clear memory, sensitive kernel information
can be disclosed to userspace when information about Wake-On-LAN support
is requested. A local attacker could use this flaw to facilitate a
further attack on the kernel.

* CVE-2016-9755: General protection fault in IPv6 netfilter defragmenter.

A bug in IPv6 packet reassembly logic allowed malformed packets to pass
through the filter and cause general protection fault. A remote attacker
can use this to cause denial-of-service.

* CVE-2017-5551: Permission bypass in Overlay filesystem when setting POSIX ACLs.

The initial fix for CVE-2016-7097 did not handle overlay filesystems on
tmpfs mounts which could allow local, unprivileged users to escalate
privileges.

* CVE-2017-7346: Denial-of-service when user defines surface in VMware Virtual GPU driver.

A missing check on user input could lead to an infinite loop. A local
attacker could use this flaw to cause a denial-of-service.

* CVE-2017-7895: Remote information leak in kernel NFS server.

Missing bounds checks could result in an out-of-bounds memory access,
allowing a remote attacker to leak the contents of kernel memory.

* CVE-2017-8924: Information leak in Digi Edgeport TI callback completion.

An integer underflow in the Digi Edgeport TI USB driver can allow a malicious
USB device to leak the contents of kernel memory to userspace.

* CVE-2017-8925: Memory leak when opening an Omninet serial driver.

An extra reference on the TTY was taken in the Omninet serial driver on
open, leading to a memory leak.  A local, unprivileged user could use this
flaw to exhaust the memory on the system and cause a denial-of-service.

* CVE-2017-9150: Information disclosure via use of unprivileged eBPF programs.

A failure to enforce kptr_restrict for eBPF programs can result in the
leak of sensitive information to userspace. A local attacker could use
this flaw to facilitate a further attack.

* CVE-2017:9605: Information leak when user defines surface in VMware Virtual GPU driver.

A missing initialization of local variable when user defines surface in
VMXGFX driver could leak stack information. A local attacker could use this
flaw to gain information about the running kernel and facilitate an attack.

* CVE-2017-1000380: Information leak when reading timer information from ALSA devices.

A missing data initialization and a race condition when reading timer
information of ALSA devices from user space could lead to an information
leak. A local attacker could use this flaw to get information about
running kernel and facilitate an attack.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.