[Ksplice][Ubuntu-22.04-Updates] New Ksplice updates for Ubuntu 22.04 Jammy (USN-6246-1)

Oracle Ksplice quentin.casasnovas at oracle.com
Tue Aug 8 19:54:10 UTC 2023


Synopsis: USN-6246-1 can now be patched using Ksplice
CVEs: CVE-2023-3090 CVE-2023-31248 CVE-2023-3389 CVE-2023-3390 CVE-2023-3439 CVE-2023-35001

Systems running Ubuntu 22.04 Jammy can now use Ksplice to patch
against the latest Ubuntu Security Notice, USN-6246-1.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running Ubuntu 22.04
Jammy install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* CVE-2023-3090: Stack overflow in ipvlan driver during transmit operation.

A failure to zero out a buffer before use can lead to an out-of-bounds
write to the current process's stack.  This flaw could be exploited a
local attack to cause a denial of service, or other undefined behavior.


* CVE-2023-3390: Use-after-free in Netfilter nf_tables packet classification framework.

Incorrect error path handling with NFT_MSG_NEWRULE in the Netfilter
nf_tables packet classification framework can lead to a use-after-free.
This can allow a local unprivileged user to perform arbitrary access to
kernel memory and escalate privileges.


* CVE-2023-3389: Use-after-free in io_uring.

A race-condition in io_uring when canceling a poll request with a
linked timeout may lead to a use-after-free. An attacker could use this
flaw for a denial-of-service or escalate privileges.


* CVE-2023-31248: Use-after-free in Netfilter nf_tables packet classification framework.

A missing sanity check in netfilter nf_tables when looking up a deleted
chain by its ID may lead to a use-after-free. A local user with the
CAP_NET_ADMIN capability could use this flaw to escalate privileges.


* CVE-2023-35001: Out-of-bounds memory access in Netfilter nf_tables packet classification framework.

A flaw in netfilter nf_tables when evaluating byteorder expressions may
lead to an out-of-bounds memory read or write. A local user with the
CAP_NET_ADMIN capability could use this flaw to escalate privileges.


* Note: Oracle will not provide a zero-downtime update for CVE-2023-3439.

Incorrect cleanup logic in the Management Component Transport Protocol
can cause a use-after-free when a netcard is detached. This can allow a
user with physical access to cause a denial-of-service or cause
undefined behavior.
Only systems with physical adapters using MCTP are affected,
Oracle has determined that a rebootless patch for this issue would not
be safe and recommends rebooting the affected systems.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.





More information about the Ksplice-Ubuntu-22.04-updates mailing list