[Ksplice][Ubuntu-20.04-Updates] New Ksplice updates for Ubuntu 20.04 Focal (USN-7003-1)

Gregory Herrero gregory.herrero at oracle.com
Wed Oct 9 20:13:46 UTC 2024 

Synopsis: USN-7003-1 can now be patched using Ksplice
CVEs: CVE-2023-52803 CVE-2024-36978 CVE-2024-39487 CVE-2024-39499 CVE-2024-39502 CVE-2024-39503 CVE-2024-40901 CVE-2024-40902 CVE-2024-40904 CVE-2024-40905 CVE-2024-40912 CVE-2024-40942 CVE-2024-40958 CVE-2024-40959 CVE-2024-40960 CVE-2024-40961 CVE-2024-40981 CVE-2024-40995 CVE-2024-41035 CVE-2024-41041 CVE-2024-41044 CVE-2024-41089 CVE-2024-41095 CVE-2024-42070 CVE-2024-42101 CVE-2024-42102 CVE-2024-42106 CVE-2024-42119 CVE-2024-42145 CVE-2024-42154 CVE-2024-42224 CVE-2024-42232

Systems running Ubuntu 20.04 Focal can now use Ksplice to patch
against the latest Ubuntu Security Notice, USN-7003-1.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running Ubuntu 20.04
Focal install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* CVE-2023-52803: Privilege escalation in SUNRPC networking stack.

A missing check when using the SUNRPC networking stack could lead to a
use-after-free. A local attacker could use this flaw to escalate
privileges.


* CVE-2024-36978: Privilege escalation in MULTIQ driver.

A logic error when using the MULTIQ driver could lead to an
out-of-bounds memory write. A local attacker could use this flaw to
escalate privileges.


* CVE-2024-39487: Information leak in bonding driver.

A missing check when using the bonding driver could lead to an out-of-bounds
memory read. A local attacker could use this flaw to extract sensitive
information.


* CVE-2024-39499: Information leak in VMware VMCI Driver.

A logic error when using the VMware VMCI Driver could lead to an out-of-
bounds memory access. A local attacker could use this flaw to extract
sensitive information.


* CVE-2024-39502: Denial-of-service in Pensando Ethernet IONIC driver.

A logic error when using the Pensando Ethernet IONIC driver could lead
to a kernel assert. A local attacker could use this flaw to cause a
denial-of-service.


* CVE-2024-39503: Privilege escalation in netfilter (IP set) subsystem.

A race condition when using netfilter (IP set) subsystem could lead to a
use-after-free. A local attacker could use this flaw to escalate
privileges.


* CVE-2024-40901: Memory corruption in LSI Fusion-MPT SAS driver.

A logic error when using the LSI Fusion-MPT SAS driver could lead to an
out-of-bounds memory access. A local attacker could use this flaw to
cause memory corruption.


* CVE-2024-40902: Denial-of-service in JFS filesystem driver.

An out-of-bounds read when printing xattr debug information
in the JFS filesystem driver could lead to a system crash.
A local attacker could use this to cause a denial-of-service.


* CVE-2024-40904: Denial-of-service in core USB subsystem.

A logic error when using the core USB subsystem could lead to soft
lockup due to excessive logging. A local attacker could use this flaw to
cause a denial-of-service.


* CVE-2024-40905: Denial-of-service in IPv6 networking stack.

A race condition when using the IPv6 networking stack could lead to a
NULL pointer dereference. A local attacker could use this flaw to cause
a denial-of-service.


* CVE-2024-40912: Denial-of-service in core WiFi subsystem.

A logic error when using the core WiFi subsystem could lead to a
deadlock. A local attacker could use this flaw to cause a denial-of-
service.


* CVE-2024-40942: Resource leak in core WiFi subsystem.

A logic error when using the core WiFi subsystem could lead to a memory
leak. A local attacker could use this flaw to cause a denial-of-service.


* CVE-2024-40958: Denial-of-service in core net subsystem.

A logic error when using the core net subsystem could lead to a use-
after-free. A local attacker could use this flaw to cause a denial-of-
service.


* CVE-2024-40959, CVE-2024-40960, CVE-2024-40961: Denial-of-service in IPv6 networking stack.

A missing check when using the IPv6 networking stack could lead to a
NULL pointer dereference. A local attacker could use this flaw to cause
a denial-of-service.


* CVE-2024-40981: Denial-of-service in BATMAN protocol stack.

A missing check when using the BATMAN protocol stack could lead to a
soft lockup. A local attacker could use this flaw to cause a
denial-of-service.


* CVE-2024-40995: Denial-of-service in networking traffic control actions stack.

A logic error when using the networking traffic control actions stack
could lead to a deadlock. A local attacker could use this flaw to cause
a denial-of-service.


* CVE-2024-41035: Denial-of-service in core USB subsystem.

A logic error when using the core USB subsystem could lead to a kernel
oops. A local attacker could use this flaw to cause a denial-of-service.


* CVE-2024-41041: Denial-of-service in TCP/IP networking stack.

A race condition when using TCP/IP networking could lead to a
kernel oops. A local attacker could use this flaw to cause a
denial-of-service.


* CVE-2024-41044: Information leak in PPP (point-to-point protocol) networking stack.

A missing check when using the PPP networking stack could lead to use of
uninitialized memory. A local attacker could use this flaw to extract
sensitive information.


* CVE-2024-41089, CVE-2024-41095, CVE-2024-42101: Denial-of-service in nouveau driver.

A missing check when using the nouveau driver could lead to a NULL
pointer dereference. A local attacker could use this flaw to cause a
denial-of-service.


* CVE-2024-42070: Privilege escalation in netfilter subsystem.

A logic error when using the netfilter subsystem could lead to a memory
leak. A local attacker could use this flaw to escalate privileges.


* CVE-2024-42102: Memory corruption in kernel memory manager.

Incorrect cast of a divisor when setting dirty page writeback limits in the
memory management subsystem could lead to divide-by-zero. A local attacker
could use this flaw to cause denial-of-service.


* CVE-2024-42106: Information leak in socket monitoring interface.

A missing variable initialization when using the socket monitoring
interface could lead to a use of uninitialized memory. A local
attacker could use this flaw to extract sensitive information.


* CVE-2024-42119: Information leak in AMD display core driver.

A missing check when using the AMD display core driver could lead to an
out-of-bounds memory access. A local attacker could use this flaw to
extract sensitive information.


* CVE-2024-42145: Remote denial-of-service in InfiniBand driver.

A logic error when using the InfiniBand driver could lead to resource
exhaustion (uncontrolled resource consumption) when userspace does not
extract MAD packets at the same rate as the attacker is sending.  A
remote attacker could use this flaw to cause a denial-of-service.


* CVE-2024-42154: Information leak in TCP/IP networking stack.

A missing check when using the TCP/IP networking stack could lead to an
out-of-bounds memory access. A local attacker could use this flaw to
extract sensitive information.


* CVE-2024-42224: Denial-of-service in Marvell 88E6xxx Ethernet Switch driver.

A logic error when using the Marvell 88E6xxx Ethernet Switch driver
could lead to a use-after-free. A local attacker could use this flaw to
cause a denial-of-service.


* CVE-2024-42232: Memory corruption in Ceph core library.

A logic error when using the Ceph core library could lead to a
use-after-free. A local attacker could use this flaw to cause memory
corruption.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.

More information about the Ksplice-Ubuntu-20.04-updates mailing list