[Ksplice][Ubuntu-22.04-Updates] New Ksplice updates for Ubuntu 22.04 Jammy (USN-5912-1)
Oracle Ksplice
quentin.casasnovas at oracle.com
Mon Mar 13 15:38:58 UTC 2023
Synopsis: USN-5912-1 can now be patched using Ksplice
CVEs: CVE-2022-3169 CVE-2022-3344 CVE-2022-3435 CVE-2022-3521 CVE-2022-3545 CVE-2022-3643 CVE-2022-4139 CVE-2022-42328 CVE-2022-42329 CVE-2022-4379 CVE-2022-45869 CVE-2022-47518 CVE-2022-47519 CVE-2022-47520 CVE-2022-47521 CVE-2023-0179 CVE-2023-0461 CVE-2023-0468
Systems running Ubuntu 22.04 Jammy can now use Ksplice to patch
against the latest Ubuntu Security Notice, USN-5912-1.
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack running Ubuntu 22.04
Jammy install these updates.
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.
Alternatively, you can install these updates by running:
# /usr/sbin/uptrack-upgrade -y
DESCRIPTION
* CVE-2022-45869: Denial-of-service when using virtualization with TDP MMU.
A locking error when using nested virtualization with TDP MMU enabled
could lead to a race condition. An attacker from a guest could use this
flaw to cause a denial-of-service.
* CVE-2022-3344: Denial-of-service when allowing nested virtualization on AMD.
A logic error when handling nested guests from the hypervisor could lead
to a page fault on AMD. A guest attacker could use this flaw to cause a denial-
of-service.
* CVE-2022-3435: Information disclosure in IPv4.
A flaw in ioctls of IPv4 could result in out-of-bounds read access.
A local user could use this flaw for information disclosure.
* CVE-2023-0179: Denial-of-service when handling VLAN headers.
A logic error in the handling of VLAN headers in netfilter could lead to
an out-of-bounds access. A local attacker could use this flaw to cause a
denial-of-service or execute arbitrary code.
* CVE-2022-4139: Information disclosure in Intel HD Graphics Driver.
A flaw in Intel HD Graphics Driver when flushing translation lookaside
buffers could allow access to physical memory which might be already
assigned to a different process. A local user could use this flaw for
denial-of-service or information disclosure.
* CVE-2022-3545: Use-after-free in Netronome Flow Processor Ethernet driver.
A logic flaw in error handling in Netronome Flow Processor Ethernet
driver could result in a use-after-free. A local attacker could use this
flaw for a denial-of-service or code execution.
* CVE-2022-47518, CVE-2022-47519, CVE-2022-47520, CVE-2022-47521: Out-of-bounds memory access in WILC1000 wireless driver.
Improper validation of various user-supplied parameters in the WILC1000
wireless driver may lead to a head-based buffer overflow. A local user
could use this flaw for a denial-of-service or privilege escalation.
* CVE-2022-3169: Denial-of-service in Non-Volatile Memory Host Controller.
Missing serialization in nvme driver when handling a large number of
consecutive reset ioctl requests from userspace may lead to a system
crash. A local user could use this flaw to cause a denial-of-service.
* CVE-2022-3521: Denial-of-service in Kernel Connection Multiplexor.
A race condition in kcm when multiple threads are concurrently running
in kcm_release could lead to a NULL pointer dereference. A local user
could use this flaw for a denial-of-service.
* CVE-2023-0461: Use-after-free in Upper Level Protocol.
A flaw in ULP when handling sockets entering the LISTEN state in certain
protocols may lead to a user-after-free. A local user could use this
flaw to cause a denial-of-service or elevate privileges on the system.
* CVE-2023-0468: Denial-of-service in io_uring.
A race condition with poll_refs in io_uring can lead to a NULL pointer
dereference. A local user could use this flaw for a denial-of-service.
* Improved update to CVE-2022-3643: Denial-of-host-service via malicious Xen netfront packet.
The Xen netback handler does not properly handle packets with protocol
headers that span multiple slots. A malicious guest might exploit this
to crash certain varieties of network interface on the host.
* XSA-424, CVE-2022-42328, CVE-2022-42329: Denial-of-service in Xen PV network backend.
A flaw in xen-netback when freeing the SKB of a packet dropped due to
XSA-392/CVE-2022-42328 handling might result in a deadlock. A malicious
guest could use this flaw to cause a denial-of-service of the host.
* CVE-2022-4379: Denial-of-service in NFS version 4 client.
A use-after-free flaw in NFS4 when when handling a server-to-server copy
may cause an invalid pointer dereference. A remote attacker could use this
flaw for a denial-of-service.
* Use-after-free in Android binder.
A flaw in the binder subsystem when handling the mmap() syscall after
updating the process' mm via execve could lead to a use-after-free.
A local user could use this flaw to cause a denial-of-service or
escalate privileges.
* Denial-of-service in io_uring when cancelling work items after execve.
A flaw in io_uring when cancelling work items after an execve syscall
could lead to a NULL pointer dereference. A local user could use this
flaw for a denial-of-service.
SUPPORT
Ksplice support is available at ksplice-support_ww at oracle.com.
More information about the Ksplice-Ubuntu-22.04-updates
mailing list