From gregory.herrero at oracle.com Thu Apr 24 12:45:37 2025 From: gregory.herrero at oracle.com (Oracle Ksplice) Date: Thu, 24 Apr 2025 12:45:37 -0000 Subject: [Ksplice][Ubuntu-20.04-Updates] New Ksplice updates for Ubuntu 20.04 Focal (USN-7391-1) Message-ID: Synopsis: USN-7391-1 can now be patched using Ksplice CVEs: CVE-2021-47219 CVE-2024-44938 CVE-2024-44985 CVE-2024-44986 CVE-2024-47707 CVE-2024-49884 CVE-2024-49936 CVE-2024-49996 CVE-2024-53112 CVE-2024-53124 CVE-2024-53146 CVE-2024-53155 CVE-2024-53171 CVE-2024-53173 CVE-2024-56595 CVE-2024-56596 CVE-2024-56597 CVE-2024-56598 CVE-2024-56600 CVE-2024-56601 CVE-2024-56602 CVE-2024-56605 CVE-2024-56606 CVE-2024-56631 CVE-2024-56637 CVE-2024-56644 CVE-2024-56650 CVE-2024-57892 CVE-2024-57901 CVE-2024-57902 CVE-2025-21638 CVE-2025-21639 CVE-2025-21640 CVE-2025-21699 Systems running Ubuntu 20.04 Focal can now use Ksplice to patch against the latest Ubuntu Security Notice, USN-7391-1. INSTALLING THE UPDATES We recommend that all users of Ksplice Uptrack running Ubuntu 20.04 Focal install these updates. On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf, these updates will be installed automatically and you do not need to take any action. Alternatively, you can install these updates by running: # /usr/sbin/uptrack-upgrade -y DESCRIPTION * CVE-2021-47219: Information leak in SCSI debugging host and device simulator driver. A missing check when using the SCSI debugging host and device simulator driver could lead to an out-of-bounds memory read. A local attacker could use this flaw to extract sensitive information. * CVE-2024-44938: Denial-of-service in JFS filesystem driver. A missing check when using the JFS filesystem driver could lead to an integer overflow. A local attacker could use this flaw to cause a denial-of-service. * CVE-2024-44985, CVE-2024-44986: Privilege escalation in IPv6 Networking driver. A locking error when using the IPv6 routes in the Networking driver could lead to a use-after-free. A local attacker could use this flaw to escalate privileges. * CVE-2024-47707: Denial-of-service in Linux INET6 driver. A missing check when closing network interface in the Linux INET6 driver could lead to a NULL pointer dereference. A local attacker could use this flaw to cause a denial-of-service. * CVE-2024-49884: Privilege escalation in EXT4 filesystem driver. A logic error when adding extent in the EXT4 filesystem driver could lead to a use-after-free. A local attacker could use this flaw to escalate privileges. * CVE-2024-49936: Privilege escalation in Xen backend network device driver. A locking error when using the Xen backend network device driver could lead to a use-after-free. An attacker from a guest VM could use this flaw to escalate privileges. * CVE-2024-49996: Privilege escalation in SMB3 and CIFS driver. A missing check when parsing NFS reparse points in the SMB3 and CIFS driver could lead to an out-of-bounds memory access. A remote attacker could use this flaw to escalate privileges. * CVE-2024-53112: Denial-of-service in OCFS2 filesystem. A missing check when using OCFS2_IOC_GROUP_ADD ioctl in the OCFS2 filesystem could lead to a kernel assertion failure. A local attacker could use this flaw to cause a denial-of-service. * CVE-2024-53124: Denial-of-service in IPv6 Networking driver. A missing check when destroying a socket in the IPv6 Networking driver could lead to a memory leak. A local attacker could use this flaw to cause a denial-of-service. * CVE-2024-53146: Information leak in NFS server driver. A logic error when using the NFS server driver could lead to an out-of-bounds memory access. A local attacker could use this flaw to extract sensitive information. * CVE-2024-53155: Information leak in OCFS2 filesystem. A missing variable initialization when using the OCFS2 filesystem could lead to use of uninitialized memory. A local attacker could use this flaw to extract sensitive information. * CVE-2024-53171: Privilege escalation in UBIFS file system driver. A logic error when using the UBIFS file system driver could lead to a use-after-free. A local attacker could use this flaw to gain root privileges. * CVE-2024-53173: Privilege escalation in NFS client driver. A logic error when opening multiple files concurrently in the NFS client driver could lead to a use-after-free. A local attacker could use this flaw to escalate privileges. * CVE-2024-56595, CVE-2024-56596, CVE-2024-56597, CVE-2024-56598: Code execution in JFS filesystem driver. A missing check when using the JFS filesystem driver could lead to an out-of-bounds memory access. A local attacker could use this flaw to execute arbitrary code in kernel mode. * CVE-2024-56600: Privilege escalation in Networking subsystem. A missing variable initialization when creating a socket fails in the Networking subsystem could lead to a use-after-free. A local attacker could use this flaw to escalate privileges. * CVE-2024-56601: Privilege escalation in TCP/IP networking driver. A missing variable initialization when creating a socket fails in the TCP/IP networking driver could lead to a use-after-free. A local attacker could use this flaw to escalate privileges. * CVE-2024-56602: Privilege escalation in IEEE Std 802.15.4 Low-Rate Wireless Personal Area Networks driver. A missing variable initialization when creating a socket fails in the IEEE Std 802.15.4 Low-Rate Wireless Personal Area Networks driver could lead to a use-after-free. A local attacker could use this flaw to escalate privileges. * CVE-2024-56605: Privilege escalation in Bluetooth subsystem driver. A missing variable initialization when creating a l2cap socket fails in the Bluetooth subsystem driver could lead to a use-after-free. A local attacker could use this flaw to escalate privileges. * CVE-2024-56606: Privilege escalation in packet protocol networking stack. A logic error when using the packet protocol networking stack could lead to a use-after-free. A local attacker could use this flaw to escalate privileges. * CVE-2024-56631: Privilege escalation in SCSI generic driver. A locking error when releasing data in the SCSI generic driver could lead to a use-after-free. A local attacker could use this flaw to escalate privileges. * CVE-2024-56637: Denial-of-service in netfilter (IP set) subsystem. A logic error when using the netfilter (IP set) subsystem could lead to a kernel crash. A local attacker could use this flaw to cause a denial-of-service. * CVE-2024-56644: Remote denial-of-service in IPv6 networking stack. Incorrect reference counting when using the IPv6 networking stack could lead to a memory leak. A remote attacker could use this flaw to cause a denial-of-service. * CVE-2024-56650: Privilege escalation in netfilter driver. A missing check when using the netfilter driver could lead to an out-of-bounds memory access. A local attacker could use this flaw to escalate privileges. * CVE-2024-57892: Privilege escalation in OCFS2 file system driver. A logic error when using quota_getnextquota() syscall in the OCFS2 file system driver could lead to a use-after-free. A local attacker could use this flaw to escalate privileges. * CVE-2024-57901, CVE-2024-57902: Remote denial-of-service in packet protocol networking stack. A logic error when receiving a message using the packet protocol networking stack could lead to a kernel panic. A remote attacker could use this flaw to cause a denial-of-service. * CVE-2025-21638, CVE-2025-21639, CVE-2025-21640: Denial-of-service in SCTP protocol networking stack. A logic error when using the SCTP protocol networking stack could lead to a NULL pointer dereference. A local attacker could use this flaw to cause a denial-of-service. * CVE-2025-21699: Disk corruption in GFS2 filesystem. There is a logic error in the GFS2 filesystem code's handling of the FS_IOC_SETFLAGS ioctl call, which sets the flags for an inode and is used by the `chattr` command. A local attacker could use this flaw to cause disk corruption. This update fixes the logic error so the handling is fixed and later usage of the ioctl results in correct behaviour, but doesn't actively attempt to fix the existing filesystem inodes. * Remote denial-of-service in NFSv4.1 client driver. A missing check when using the NFSv4.1 client driver could lead to a livelock. A remote attacker could use this flaw to cause a denial-of-service. * Note: Oracle has determined some CVEs are not applicable. The kernel is not affected by the following CVEs since the code under consideration is not compiled. CVE-2025-21687 SUPPORT Ksplice support is available at ksplice-support_ww at oracle.com. From gregory.herrero at oracle.com Wed Apr 30 09:37:37 2025 From: gregory.herrero at oracle.com (Oracle Ksplice) Date: Wed, 30 Apr 2025 09:37:37 -0000 Subject: [Ksplice][Ubuntu-20.04-Updates] New Ksplice updates for Ubuntu 20.04 Focal (USN-7408-1) Message-ID: <0eb257809f2cf7250f6c921603892208.apache@ksplice.com> Synopsis: USN-7408-1 can now be patched using Ksplice CVEs: CVE-2024-26928 CVE-2024-35864 Systems running Ubuntu 20.04 Focal can now use Ksplice to patch against the latest Ubuntu Security Notice, USN-7408-1. INSTALLING THE UPDATES We recommend that all users of Ksplice Uptrack running Ubuntu 20.04 Focal install these updates. On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf, these updates will be installed automatically and you do not need to take any action. Alternatively, you can install these updates by running: # /usr/sbin/uptrack-upgrade -y DESCRIPTION * CVE-2024-26928, CVE-2024-35864: Remote privilege escalation in SMB3/CIFS. A race condition when a client connection is being torn down in the SMB3/CIFS driver could lead to a use-after-free. A remote attacker could use this flaw to gain root privileges. SUPPORT Ksplice support is available at ksplice-support_ww at oracle.com.