[Ksplice][Ubuntu-22.04-Updates] New Ksplice updates for Ubuntu 22.04 Jammy (USN-5667-1)

Julian Pidancet julian.pidancet at oracle.com
Wed Jan 25 16:33:50 UTC 2023


Synopsis: USN-5667-1 can now be patched using Ksplice
CVEs: CVE-2022-1882 CVE-2022-21505 CVE-2022-26373 CVE-2022-3176 CVE-2022-36123 CVE-2022-36879 CVE-2022-39189

Systems running Ubuntu 22.04 Jammy can now use Ksplice to patch
against the latest Ubuntu Security Notice, USN-5667-1.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running Ubuntu 22.04
Jammy install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* Note: Oracle will not be providing an update for CVE-2022-36123.

This CVE is only applicable at boot time, so by the time Ksplice live updates
are applied, the relevant code has already ran.


* CVE-2022-21505: Lockdown bypass in Integrity Measurement Architecture.

A flaw in Integrity Measurement Architecture could allow kernel lockdown
bypass by using kexec when Secure Boot is disabled. A local user could
use this flaw for code execution.


* CVE-2022-36879: Denial-of-service in XFRM.

An incorrect reference counting flaw in IP framework for transforming
packets when manipulating XFRM policy entries could result in releasing
a resource before it is made available for re-use. A local user could
use this flaw for a denial-of-service.


* CVE-2022-1882: Use-after-free in pipe subsystem.

A race condition in the pipe subsystem could lead to a use-after-free
when a pipe node is freed. An unprivileged user could use this flaw to
cause a denial-of-service or escalate privileges.


* CVE-2022-39189: Privilege escalation in Kernel-based Virtual Machine.

A flaw in KVM instruction emulation could allow unprivileged guest
userspace access to guest kernel memory through stale TLB translations.
An unprivileged guest user could use this flaw to cause a
denial-of-service or gain arbitrary code execution in a guest VM.


* CVE-2022-3176: Use-after-free in Asynchronous IO Interface.

Lack of POLLFREE handling in io_uring could lead to a pointer
use-after-free when a signalfd or an Android binder file descriptor is
polled with io_uring. A local attacker could use this flaw to cause a
denial of service or elevate privileges on the system.


* CVE-2022-26373: Information leak abusing x86 CPU return predictor.

A hardware flaw on Intel processors with Enhanced Indirect Branch
Restricted Speculation (eIBRS) when handling RET instructions after a VM
exit could lead to an information leak. A local attacker could use this
flaw to gain access to sensitive information.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.




More information about the Ksplice-Ubuntu-22.04-updates mailing list