From gregory.herrero at oracle.com Fri May 2 00:34:01 2025 From: gregory.herrero at oracle.com (Oracle Ksplice) Date: Fri, 02 May 2025 00:34:01 +0000 Subject: [Ksplice][Ubuntu-22.04-Updates] New Ksplice updates for Ubuntu 22.04 Jammy (USN-7387-1) Message-ID: <59ebf6b585d12c7074acd5a30297b9a3.apache@ksplice.com> Synopsis: USN-7387-1 can now be patched using Ksplice CVEs: CVE-2024-36476 CVE-2024-42315 CVE-2024-44938 CVE-2024-47408 CVE-2024-47707 CVE-2024-49571 CVE-2024-49974 CVE-2024-49996 CVE-2024-50121 CVE-2024-50241 CVE-2024-50242 CVE-2024-53073 CVE-2024-53112 CVE-2024-53124 CVE-2024-53146 CVE-2024-53155 CVE-2024-53171 CVE-2024-53173 CVE-2024-53206 CVE-2024-53241 CVE-2024-53685 CVE-2024-56590 CVE-2024-56595 CVE-2024-56596 CVE-2024-56597 CVE-2024-56598 CVE-2024-56600 CVE-2024-56601 CVE-2024-56602 CVE-2024-56603 CVE-2024-56605 CVE-2024-56606 CVE-2024-56631 CVE-2024-56640 CVE-2024-56643 CVE-2024-56644 CVE-2024-56650 CVE-2024-56704 CVE-2024-56770 CVE-2024-57791 CVE-2024-57802 CVE-2024-57892 CVE-2024-57901 CVE-2024-57902 CVE-2025-21631 CVE-2025-21636 CVE-2025-21637 CVE-2025-21638 CVE-2025-21639 CVE-2025-21640 CVE-2025-21669 CVE-2025-21692 CVE-2025-21699 Systems running Ubuntu 22.04 Jammy can now use Ksplice to patch against the latest Ubuntu Security Notice, USN-7387-1. INSTALLING THE UPDATES We recommend that all users of Ksplice Uptrack running Ubuntu 22.04 Jammy install these updates. On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf, these updates will be installed automatically and you do not need to take any action. Alternatively, you can install these updates by running: # /usr/sbin/uptrack-upgrade -y DESCRIPTION * CVE-2024-36476: Denial-of-service in RTRS server driver. A logic error in the RDMA Transport (RTRS) server driver could lead to a NULL pointer dereference. A local attacker could use this flaw to cause a denial-of-service. * CVE-2024-42315: Denial-of-service in exFAT filesystem driver. A locking error when using the exFAT filesystem driver could lead to a deadlock. A local attacker could use this flaw to cause a denial-of-service. * CVE-2024-44938: Denial-of-service in JFS filesystem driver. A missing check when using the JFS filesystem driver could lead to an integer overflow. A local attacker could use this flaw to cause a denial-of-service. * CVE-2024-47408, CVE-2024-49571: Denial-of-service in SMC socket driver. Missing checks in the SMC socket driver could lead to out-of-bounds reads. An attacker with access to adjacent network could use this flaw to cause a denial-of-service. * CVE-2024-47707: Denial-of-service in Linux INET6 driver. A missing check when closing network interface in the Linux INET6 driver could lead to a NULL pointer dereference. A local attacker could use this flaw to cause a denial-of-service. * CVE-2024-49974, CVE-2024-50241, CVE-2024-53073: Remote denial-of-service in NFS server driver. A logic error when doing async copy operations in the NFS server driver could lead to memory and CPU exhaustion. A remote attacker could use this flaw to cause a denial-of-service. * CVE-2024-49996: Privilege escalation in SMB3 and CIFS driver. A missing check when parsing NFS reparse points in the SMB3 and CIFS driver could lead to an out-of-bounds memory access. A remote attacker could use this flaw to escalate privileges. * CVE-2024-50121: Privilege escalation in NFS server version 4 driver. A logic error when using the NFS server version 4 driver could lead to a use-after-free. A local attacker could use this flaw to escalate privileges. * CVE-2024-50242: Privilege escalation in NTFS file system driver. A missing check in the NTFS file system driver could allow access to protected files or directories. A local attacker could use this flaw to gain access to sensitive data or escalate privileges. * CVE-2024-53112: Denial-of-service in OCFS2 filesystem. A missing check when using OCFS2_IOC_GROUP_ADD ioctl in the OCFS2 filesystem could lead to a kernel assertion failure. A local attacker could use this flaw to cause a denial-of-service. * CVE-2024-53124: Denial-of-service in IPv6 Networking driver. A missing check when destroying a socket in the IPv6 Networking driver could lead to a memory leak. A local attacker could use this flaw to cause a denial-of-service. * CVE-2024-53146: Information leak in NFS server driver. A logic error when using the NFS server driver could lead to an out-of-bounds memory access. A local attacker could use this flaw to extract sensitive information. * CVE-2024-53155: Information leak in OCFS2 filesystem. A missing variable initialization when using the OCFS2 filesystem could lead to use of uninitialized memory. A local attacker could use this flaw to extract sensitive information. * CVE-2024-53171: Privilege escalation in UBIFS file system driver. A logic error when using the UBIFS file system driver could lead to a use-after-free. A local attacker could use this flaw to gain root privileges. * CVE-2024-53173: Privilege escalation in NFS client driver. A logic error when opening multiple files concurrently in the NFS client driver could lead to a use-after-free. A local attacker could use this flaw to escalate privileges. * CVE-2024-53206: Privilege escalation in TCP/IP networking driver. A logic error when establishing a connection in the TCP/IP networking driver could lead to a use-after-free. A local attacker could use this flaw to escalate privileges. * CVE-2024-53685: Denial-of-service in Ceph distributed file system driver. A logic error when building a dentry path in the Ceph distributed file system driver could lead to an infinite loop. A local attacker could use this flaw to cause a denial-of-service. * CVE-2024-56590: Privilege escalation in Bluetooth subsystem driver. A logic error when using the Bluetooth subsystem driver could lead to an out-of-bounds memory access. A local attacker could use this flaw to escalate privileges. * CVE-2024-56595, CVE-2024-56596, CVE-2024-56597, CVE-2024-56598: Code execution in JFS filesystem driver. Missing checks when using the JFS filesystem driver could lead to an out-of-bounds memory access. A local attacker could use this flaw to execute arbitrary code in kernel mode. * CVE-2024-56600: Privilege escalation in Networking subsystem. A missing variable initialization when creating a socket fails in the Networking subsystem could lead to a use-after-free. A local attacker could use this flaw to escalate privileges. * CVE-2024-56601: Privilege escalation in TCP/IP networking driver. A missing variable initialization when creating a socket fails in the TCP/IP networking driver could lead to a use-after-free. A local attacker could use this flaw to escalate privileges. * CVE-2024-56602: Privilege escalation in IEEE Std 802.15.4 Low-Rate Wireless Personal Area Networks driver. A missing variable initialization when creating a socket fails in the IEEE Std 802.15.4 Low-Rate Wireless Personal Area Networks driver could lead to a use-after-free. A local attacker could use this flaw to escalate privileges. * CVE-2024-56603: Privilege escalation in CAN bus subsystem driver. A missing variable initialization when creating a CAN socket fails in the CAN bus subsystem driver could lead to a use-after-free. A local attacker could use this flaw to escalate privileges. * CVE-2024-56605: Privilege escalation in Bluetooth subsystem driver. A missing variable initialization when creating a l2cap socket fails in the Bluetooth subsystem driver could lead to a use-after-free. A local attacker could use this flaw to escalate privileges. * CVE-2024-56606: Privilege escalation in packet protocol networking stack. A logic error when using the packet protocol networking stack could lead to a use-after-free. A local attacker could use this flaw to escalate privileges. * CVE-2024-56631: Privilege escalation in SCSI generic driver. A locking error when releasing data in the SCSI generic driver could lead to a use-after-free. A local attacker could use this flaw to escalate privileges. * CVE-2024-56640: Privilege escalation in SMC socket driver. A race condition when using the SMC socket driver could lead to a use-after-free. A local attacker could use this flaw to escalate privileges. * CVE-2024-56643: Denial-of-service in DCCP driver. A logic error in the Datagram Congestion Control Protocol driver could lead to a memory leak. A local attacker could use this flaw to cause a denial-of-service. * CVE-2024-56644: Remote denial-of-service in IPv6 networking stack. Incorrect reference counting when using the IPv6 networking stack could lead to a memory leak. A remote attacker could use this flaw to cause a denial-of-service. * CVE-2024-56650: Privilege escalation in netfilter driver. A missing check when using the netfilter driver could lead to an out-of-bounds memory access. A local attacker could use this flaw to escalate privileges. * CVE-2024-56704: Privilege escalation in 9P Xen Transport driver. A logic error in the 9P Xen Transport driver could lead to incorrect behavior when trying to free an interrupt handler. A local attacker could use this flaw to escalate privileges. * CVE-2024-56770: Privilege escalation in network emulator. A logic error when using the network emulator could lead to an integer overflow. A local attacker could use this flaw to escalate privileges. * CVE-2024-57791: Denial-of-service in SMC socket driver. A missing check in the SMC socket driver could lead to an endless loop. An attacker with access to adjacent network could use this flaw to cause a denial-of-service. * CVE-2024-57802: Denial-of-service in NET/ROM protocol driver. A missing check in the NET/ROM protocol driver could lead to a read access to uninitialized memory. A local attacker could use this flaw to cause a denial-of-service or potentially extract sensitive data. * CVE-2024-57892: Privilege escalation in OCFS2 file system driver. A logic error when using quota_getnextquota() syscall in the OCFS2 file system driver could lead to a use-after-free. A local attacker could use this flaw to escalate privileges. * CVE-2024-57901, CVE-2024-57902: Remote denial-of-service in packet socket driver. A logic error when receiving raw network packets using the packet socket interface could lead to a kernel panic. A remote attacker could use this flaw to cause a denial-of-service. * CVE-2025-21631: Privilege escalation in Budget Fair Queueing (BFQ) I/O scheduler. A missing check when using the Budget Fair Queueing (BFQ) I/O scheduler could lead to a use-after-free. A local attacker could use this flaw to escalate privileges. * CVE-2025-21636, CVE-2025-21637, CVE-2025-21638, CVE-2025-21639, CVE-2025-21640: Denial-of-service in SCTP. A logic error when using the SCTP protocol driver could lead to a NULL pointer dereference. A local attacker could use this flaw to cause a denial-of-service. * CVE-2025-21669: Denial-of-service in Virtual Socket protocol driver. A logic error when using the Virtual Socket protocol driver could lead to a NULL pointer dereference. A local attacker could use this flaw to cause a denial-of-service. * CVE-2025-21692: Privilege escalation in ETS packet scheduler. A missing check in the Enhanced Transmission Selection scheduler could lead to an out-of-bounds memory access. A local attacker could use this flaw to escalate privileges. * CVE-2025-21699: Disk corruption in GFS2 filesystem. There is a logic error in the GFS2 filesystem code's handling of the FS_IOC_SETFLAGS ioctl call, which sets the flags for an inode and is used by the `chattr` command. A local attacker could use this flaw to cause disk corruption. This update fixes the logic error so the handling is fixed and later usage of the ioctl results in correct behaviour, but doesn't actively attempt to fix the existing filesystem inodes. * Note: Oracle will not provide a zero-downtime update for CVE-2024-53241 (XSA-466). CVE-2024-53241 (XSA-466) is an information leak from Xen guests. Oracle has determined that patching CVE-2024-53241 (XSA-466) on a running system would not be safe and recommends a reboot if Xen is used. * Note: Oracle has determined some CVEs are not applicable. The kernel is not affected by the following CVEs since the code under consideration is not compiled. CVE-2021-47655, CVE-2022-49034, CVE-2024-47143, CVE-2024-50051, CVE-2024-53145, CVE-2024-53158, CVE-2024-53161, CVE-2024-53165, CVE-2024-53181, CVE-2024-53183, CVE-2024-53184, CVE-2024-53226, CVE-2024-53241, CVE-2024-56572, CVE-2024-56575, CVE-2024-56578, CVE-2024-56581, CVE-2024-56610, CVE-2024-56678, CVE-2024-56679, CVE-2024-56701, CVE-2024-56726, CVE-2024-56728, CVE-2024-56754, CVE-2024-56766, CVE-2024-56767, CVE-2024-56776, CVE-2024-56777, CVE-2024-56778, CVE-2024-56781, CVE-2024-56785, CVE-2024-56787, CVE-2024-57838, CVE-2024-57849, CVE-2024-57904, CVE-2024-57906, CVE-2024-57911, CVE-2024-57939, CVE-2025-21687, CVE-2025-21697 SUPPORT Ksplice support is available at ksplice-support_ww at oracle.com. From gregory.herrero at oracle.com Fri May 9 16:39:36 2025 From: gregory.herrero at oracle.com (Oracle Ksplice) Date: Fri, 09 May 2025 16:39:36 +0000 Subject: [Ksplice][Ubuntu-22.04-Updates] New Ksplice updates for Ubuntu 22.04 Jammy (USN-7406-1) Message-ID: <85a11b8b0c1428937eca0f1f5eb8c9dc.apache@ksplice.com> Synopsis: USN-7406-1 can now be patched using Ksplice CVEs: CVE-2024-26928 CVE-2024-35864 CVE-2024-56658 CVE-2024-57798 Systems running Ubuntu 22.04 Jammy can now use Ksplice to patch against the latest Ubuntu Security Notice, USN-7406-1. INSTALLING THE UPDATES We recommend that all users of Ksplice Uptrack running Ubuntu 22.04 Jammy install these updates. On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf, these updates will be installed automatically and you do not need to take any action. Alternatively, you can install these updates by running: # /usr/sbin/uptrack-upgrade -y DESCRIPTION * CVE-2024-26928, CVE-2024-35864: Remote privilege escalation in SMB3/CIFS. A race condition when a client connection is being torn down in the SMB3/CIFS driver could lead to a use-after-free. A remote attacker could use this flaw to gain root privileges. * CVE-2024-56658: Memory corruption in Network namespace subsystem. A race condition when using the Network namespace subsystem could lead to a use-after-free. A local attacker could use this flaw to cause memory corruption. * CVE-2024-57798: Memory corruption in DRM DisplayPort subsystem. A locking error when using the DRM DisplayPort subsystem could lead to a use-after-free. A local attacker could use this flaw to cause memory corruption. SUPPORT Ksplice support is available at ksplice-support_ww at oracle.com. From gregory.herrero at oracle.com Mon May 19 07:53:47 2025 From: gregory.herrero at oracle.com (Oracle Ksplice) Date: Mon, 19 May 2025 07:53:47 +0000 Subject: [Ksplice][Ubuntu-22.04-Updates] New Ksplice updates for Ubuntu 22.04 Jammy (USN-7455-1) Message-ID: Synopsis: USN-7455-1 can now be patched using Ksplice CVEs: CVE-2022-0995 CVE-2024-46826 CVE-2024-50256 CVE-2025-21700 CVE-2025-21701 CVE-2025-21702 CVE-2025-21703 CVE-2025-21756 Systems running Ubuntu 22.04 Jammy can now use Ksplice to patch against the latest Ubuntu Security Notice, USN-7455-1. INSTALLING THE UPDATES We recommend that all users of Ksplice Uptrack running Ubuntu 22.04 Jammy install these updates. On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf, these updates will be installed automatically and you do not need to take any action. Alternatively, you can install these updates by running: # /usr/sbin/uptrack-upgrade -y DESCRIPTION * CVE-2022-0995: Privilege escalation in General notification queue driver. A logic error when using the General notification queue driver could lead to an out-of-bounds memory access. A local attacker could use this flaw to escalate privileges. * CVE-2024-46826: Undefined behavior in kernel ELF parsing subsystem. A logic error when using the kernel ELF parsing subsystem. could lead to an inconsistently loaded binary. The resulting loaded binary might exhibit undefined behavior. * CVE-2024-50256: Denial-of-service in IPv6 packet rejection driver. A logic error when using the IPv6 packet rejection driver could lead to a kernel assertion failure. A local attacker could use this flaw to cause a denial-of-service. * CVE-2025-21700: Privilege escalation in QoS and/or fair queueing driver. A logic error when using the QoS and/or fair queueing driver could lead to a use-after-free. A local attacker could use this flaw to gain root privileges. * CVE-2025-21701: Denial-of-service in Networking driver. A race condition when using the Networking driver could lead to a kernel assertion failure. A local attacker could use this flaw to cause a denial-of-service. * CVE-2025-21702: Privilege escalation in network QoS/scheduling driver. A missing check when using the network QoS/scheduling driver could lead to a use-after-free. A local attacker could use this flaw to escalate privileges. * CVE-2025-21703: Privilege escalation in network emulator. A logic error when using the network emulator could lead to a use-after-free. A local attacker could use this flaw to escalate privileges. * CVE-2025-21756: Privilege escalation in Virtual Socket protocol driver. A logic error when using the Virtual Socket protocol driver could lead to a use-after-free. A local attacker could use this flaw to escalate privileges. SUPPORT Ksplice support is available at ksplice-support_ww at oracle.com. From gregory.herrero at oracle.com Mon May 19 18:57:39 2025 From: gregory.herrero at oracle.com (Oracle Ksplice) Date: Mon, 19 May 2025 18:57:39 +0000 Subject: [Ksplice][Ubuntu-22.04-Updates] New Ksplice updates for Ubuntu 22.04 Jammy (USN-7494-1) Message-ID: <9c12d088dde3dfdde5f9fcc27f1ecec6.apache@ksplice.com> Synopsis: USN-7494-1 can now be patched using Ksplice CVEs: CVE-2023-52664 CVE-2023-52927 Systems running Ubuntu 22.04 Jammy can now use Ksplice to patch against the latest Ubuntu Security Notice, USN-7494-1. INSTALLING THE UPDATES We recommend that all users of Ksplice Uptrack running Ubuntu 22.04 Jammy install these updates. On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf, these updates will be installed automatically and you do not need to take any action. Alternatively, you can install these updates by running: # /usr/sbin/uptrack-upgrade -y DESCRIPTION * CVE-2023-52664: Privilege escalation in aQuantia AQtion driver. A double free error when using the aQuantia AQtion driver with high memory pressure could lead to a use-after-free. A local attacker could use this flaw to escalate privileges. * CVE-2023-52927: Privilege escalation in Network packet filtering framework. A logic error when using the Network packet filtering framework could lead to a use-after-free. A local attacker could use this flaw to escalate privileges. SUPPORT Ksplice support is available at ksplice-support_ww at oracle.com. From gregory.herrero at oracle.com Thu May 22 08:55:25 2025 From: gregory.herrero at oracle.com (Oracle Ksplice) Date: Thu, 22 May 2025 08:55:25 +0000 Subject: [Ksplice][Ubuntu-22.04-Updates] New Ksplice updates for Ubuntu 22.04 Jammy (USN-7510-1) Message-ID: <2a06e540276879fda666e5b0b7d102b8.apache@ksplice.com> Synopsis: USN-7510-1 can now be patched using Ksplice CVEs: CVE-2024-26982 CVE-2024-58001 CVE-2025-21647 CVE-2025-21719 CVE-2025-21745 CVE-2025-21753 CVE-2025-21787 CVE-2025-21791 CVE-2025-21795 CVE-2025-21844 CVE-2025-21919 CVE-2025-21920 CVE-2025-21926 CVE-2025-21971 Systems running Ubuntu 22.04 Jammy can now use Ksplice to patch against the latest Ubuntu Security Notice, USN-7510-1. INSTALLING THE UPDATES We recommend that all users of Ksplice Uptrack running Ubuntu 22.04 Jammy install these updates. On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf, these updates will be installed automatically and you do not need to take any action. Alternatively, you can install these updates by running: # /usr/sbin/uptrack-upgrade -y DESCRIPTION * CVE-2024-26982: Denial-of-service in SquashFS. A missing check when using SquashFS could lead to an out-of-bounds memory access. A local attacker could use this flaw to cause a denial-of-service. * CVE-2024-58001: Denial-of-service in OCFS2 filesystem. Incorrect reference counting when using the OCFS2 filesystem could lead to a memory leak. A local attacker could use this flaw to cause a denial-of-service. * CVE-2025-21647: Privilege escalation in Common Applications Kept Enhanced (CAKE) driver. A logic error when using the Common Applications Kept Enhanced (CAKE) driver could lead to an out-of-bounds memory access. A local attacker could use this flaw to escalate privileges. * CVE-2025-21719: Denial-of-service in TCP/IP networking driver. A logic error when using the TCP/IP networking driver could lead to a kernel crash. A local attacker could use this flaw to cause a denial-of-service. * CVE-2025-21745: Denial-of-service in IO controller driver. Incorrect reference counting when using the IO controller driver could lead to a reference count leak. A local attacker could use this flaw to cause a denial-of-service. * CVE-2025-21753: Privilege escalation in Btrfs filesystem. A race condition when using the Btrfs filesystem could lead to a use-after-free. A local attacker could use this flaw to escalate privileges. * CVE-2025-21787: Denial-of-service in Ethernet team driver. Incorrect checks on parameters passed from userspace when using the Ethernet team driver could lead to an out-of-bounds memory read. A local attacker could use this flaw to cause a denial-of-service. * CVE-2025-21791: Privilege escalation in layer 3 master device support. A race condition when using an L3 master device could lead to a use-after-free. A local attacker could use this flaw to escalate privileges. * CVE-2025-21795: Remote denial-of-service in NFS server driver. A logic error when using the NFS server driver could lead to ~15 minutes long hang. A remote attacker could use this flaw to cause a denial-of-service. * CVE-2025-21844: Denial-of-service in Common Internet File System (CIFS). A missing check when using the SMB3 client could lead to a NULL pointer dereference. A local attacker could use this flaw to cause a denial-of-service. * CVE-2025-21919: Memory corruption in Completely Fair Scheduler (CFS). A logic error when using the Completely Fair Scheduler could lead to an out-of-bounds memory access. A local attacker could use this flaw to cause memory corruption. * CVE-2025-21920: Information leak in ethernet VLAN stack. A missing check for device type in the ethernet VLAN stack could lead to kernel address leak. As System.map file is also readable by an unprivileged attacker, KASLR can be bypassed since the attacker can find out the relative offsets and combine that with the leaked address to find the address of any kernel symbol, which can facilitate an attack, like privilege escalation. * CVE-2025-21926: Denial-of-service in UDPv4 Generic Segmentation Offload support. A logic error when using UDPv4 sockets with GSO could lead to a kernel panic. A local attacker could use this flaw to cause a denial-of-service. * CVE-2025-21971: Denial-of-service in QoS driver. A missing check when computing statistics in the QoS driver could lead to a kernel panic. A local attacker could use this flaw to cause a denial-of-service. * Information leak in USB Modem (CDC ACM) driver. A missing check when using the USB Modem (CDC ACM) driver could lead to use of uninitialized memory. A local attacker could use this flaw to extract sensitive information. * Note: Oracle has determined some CVEs are not applicable. The kernel is not affected by the following CVEs since the code under consideration is not compiled. CVE-2025-21687, CVE-2025-21785, CVE-2025-21871 SUPPORT Ksplice support is available at ksplice-support_ww at oracle.com.