[Ksplice][Ubuntu-22.04-Updates] New Ksplice updates for Ubuntu 22.04 Jammy (USN-7387-1)

Oracle Ksplice gregory.herrero at oracle.com
Fri May 2 00:34:01 UTC 2025 

Synopsis: USN-7387-1 can now be patched using Ksplice
CVEs: CVE-2024-36476 CVE-2024-42315 CVE-2024-44938 CVE-2024-47408 CVE-2024-47707 CVE-2024-49571 CVE-2024-49974 CVE-2024-49996 CVE-2024-50121 CVE-2024-50241 CVE-2024-50242 CVE-2024-53073 CVE-2024-53112 CVE-2024-53124 CVE-2024-53146 CVE-2024-53155 CVE-2024-53171 CVE-2024-53173 CVE-2024-53206 CVE-2024-53241 CVE-2024-53685 CVE-2024-56590 CVE-2024-56595 CVE-2024-56596 CVE-2024-56597 CVE-2024-56598 CVE-2024-56600 CVE-2024-56601 CVE-2024-56602 CVE-2024-56603 CVE-2024-56605 CVE-2024-56606 CVE-2024-56631 CVE-2024-56640 CVE-2024-56643 CVE-2024-56644 CVE-2024-56650 CVE-2024-56704 CVE-2024-56770 CVE-2024-57791 CVE-2024-57802 CVE-2024-57892 CVE-2024-57901 CVE-2024-57902 CVE-2025-21631 CVE-2025-21636 CVE-2025-21637 CVE-2025-21638 CVE-2025-21639 CVE-2025-21640 CVE-2025-21669 CVE-2025-21692 CVE-2025-21699

Systems running Ubuntu 22.04 Jammy can now use Ksplice to patch
against the latest Ubuntu Security Notice, USN-7387-1.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running Ubuntu 22.04
Jammy install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* CVE-2024-36476: Denial-of-service in RTRS server driver.

A logic error in the RDMA Transport (RTRS) server driver could
lead to a NULL pointer dereference. A local attacker could use
this flaw to cause a denial-of-service.


* CVE-2024-42315: Denial-of-service in exFAT filesystem driver.

A locking error when using the exFAT filesystem driver could lead to a
deadlock. A local attacker could use this flaw to cause a
denial-of-service.


* CVE-2024-44938: Denial-of-service in JFS filesystem driver.

A missing check when using the JFS filesystem driver could lead to an
integer overflow. A local attacker could use this flaw to cause a
denial-of-service.


* CVE-2024-47408, CVE-2024-49571: Denial-of-service in SMC socket driver.

Missing checks in the SMC socket driver could lead to out-of-bounds
reads. An attacker with access to adjacent network could use this
flaw to cause a denial-of-service.


* CVE-2024-47707: Denial-of-service in Linux INET6 driver.

A missing check when closing network interface in the Linux INET6 driver
could lead to a NULL pointer dereference. A local attacker could use this flaw
to cause a denial-of-service.


* CVE-2024-49974, CVE-2024-50241, CVE-2024-53073: Remote denial-of-service in NFS server driver.

A logic error when doing async copy operations in the NFS server driver
could lead to memory and CPU exhaustion. A remote attacker could use
this flaw to cause a denial-of-service.


* CVE-2024-49996: Privilege escalation in SMB3 and CIFS driver.

A missing check when parsing NFS reparse points in the SMB3 and CIFS
driver could lead to an out-of-bounds memory access. A remote attacker
could use this flaw to escalate privileges.


* CVE-2024-50121: Privilege escalation in NFS server version 4 driver.

A logic error when using the NFS server version 4 driver could lead to a
use-after-free. A local attacker could use this flaw to escalate
privileges.


* CVE-2024-50242: Privilege escalation in NTFS file system driver.

A missing check in the NTFS file system driver could allow access
to protected files or directories. A local attacker could use this
flaw to gain access to sensitive data or escalate privileges.


* CVE-2024-53112: Denial-of-service in OCFS2 filesystem.

A missing check when using OCFS2_IOC_GROUP_ADD ioctl in the OCFS2
filesystem could lead to a kernel assertion failure. A local
attacker could use this flaw to cause a denial-of-service.


* CVE-2024-53124: Denial-of-service in IPv6 Networking driver.

A missing check when destroying a socket in the IPv6 Networking driver
could lead to a memory leak. A local attacker could use this flaw to
cause a denial-of-service.


* CVE-2024-53146: Information leak in NFS server driver.

A logic error when using the NFS server driver could lead to an
out-of-bounds memory access. A local attacker could use this flaw to
extract sensitive information.


* CVE-2024-53155: Information leak in OCFS2 filesystem.

A missing variable initialization when using the OCFS2 filesystem could
lead to use of uninitialized memory. A local attacker could use this
flaw to extract sensitive information.


* CVE-2024-53171: Privilege escalation in UBIFS file system driver.

A logic error when using the UBIFS file system driver could lead to a
use-after-free. A local attacker could use this flaw to gain root
privileges.


* CVE-2024-53173: Privilege escalation in NFS client driver.

A logic error when opening multiple files concurrently in the NFS client
driver could lead to a use-after-free. A local attacker could use this
flaw to escalate privileges.


* CVE-2024-53206: Privilege escalation in TCP/IP networking driver.

A logic error when establishing a connection in the TCP/IP networking
driver could lead to a use-after-free. A local attacker could use this
flaw to escalate privileges.


* CVE-2024-53685: Denial-of-service in Ceph distributed file system driver.

A logic error when building a dentry path in the Ceph distributed file
system driver could lead to an infinite loop. A local attacker could use
this flaw to cause a denial-of-service.


* CVE-2024-56590: Privilege escalation in Bluetooth subsystem driver.

A logic error when using the Bluetooth subsystem driver could lead to an
out-of-bounds memory access. A local attacker could use this flaw to
escalate privileges.


* CVE-2024-56595, CVE-2024-56596, CVE-2024-56597, CVE-2024-56598: Code execution in JFS filesystem driver.

Missing checks when using the JFS filesystem driver could lead to an
out-of-bounds memory access. A local attacker could use this flaw to
execute arbitrary code in kernel mode.


* CVE-2024-56600: Privilege escalation in Networking subsystem.

A missing variable initialization when creating a socket fails in the
Networking subsystem could lead to a use-after-free. A local attacker
could use this flaw to escalate privileges.


* CVE-2024-56601: Privilege escalation in TCP/IP networking driver.

A missing variable initialization when creating a socket fails in the
TCP/IP networking driver could lead to a use-after-free. A local
attacker could use this flaw to escalate privileges.


* CVE-2024-56602: Privilege escalation in IEEE Std 802.15.4 Low-Rate Wireless Personal Area Networks driver.

A missing variable initialization when creating a socket fails in the
IEEE Std 802.15.4 Low-Rate Wireless Personal Area Networks driver could
lead to a use-after-free. A local attacker could use this flaw to
escalate privileges.


* CVE-2024-56603: Privilege escalation in CAN bus subsystem driver.

A missing variable initialization when creating a CAN socket fails in
the CAN bus subsystem driver could lead to a use-after-free. A local
attacker could use this flaw to escalate privileges.


* CVE-2024-56605: Privilege escalation in Bluetooth subsystem driver.

A missing variable initialization when creating a l2cap socket fails in
the Bluetooth subsystem driver could lead to a use-after-free. A local
attacker could use this flaw to escalate privileges.


* CVE-2024-56606: Privilege escalation in packet protocol networking stack.

A logic error when using the packet protocol networking stack could lead
to a use-after-free. A local attacker could use this flaw to escalate
privileges.


* CVE-2024-56631: Privilege escalation in SCSI generic driver.

A locking error when releasing data in the SCSI generic driver could
lead to a use-after-free. A local attacker could use this flaw to
escalate privileges.


* CVE-2024-56640: Privilege escalation in SMC socket driver.

A race condition when using the SMC socket driver could lead to a
use-after-free. A local attacker could use this flaw to escalate
privileges.


* CVE-2024-56643: Denial-of-service in DCCP driver.

A logic error in the Datagram Congestion Control Protocol driver
could lead to a memory leak. A local attacker could use this flaw
to cause a denial-of-service.


* CVE-2024-56644: Remote denial-of-service in IPv6 networking stack.

Incorrect reference counting when using the IPv6 networking stack could
lead to a memory leak. A remote attacker could use this flaw to cause a
denial-of-service.


* CVE-2024-56650: Privilege escalation in netfilter driver.

A missing check when using the netfilter driver could lead to an
out-of-bounds memory access. A local attacker could use this flaw to
escalate privileges.


* CVE-2024-56704: Privilege escalation in 9P Xen Transport driver.

A logic error in the 9P Xen Transport driver could lead to incorrect
behavior when trying to free an interrupt handler. A local attacker
could use this flaw to escalate privileges.


* CVE-2024-56770: Privilege escalation in network emulator.

A logic error when using the network emulator could lead to an integer
overflow. A local attacker could use this flaw to escalate privileges.


* CVE-2024-57791: Denial-of-service in SMC socket driver.

A missing check in the SMC socket driver could lead to an endless
loop. An attacker with access to adjacent network could use this
flaw to cause a denial-of-service.


* CVE-2024-57802: Denial-of-service in NET/ROM protocol driver.

A missing check in the NET/ROM protocol driver could lead to a read
access to uninitialized memory. A local attacker could use this flaw
to cause a denial-of-service or potentially extract sensitive data.


* CVE-2024-57892: Privilege escalation in OCFS2 file system driver.

A logic error when using quota_getnextquota() syscall in the OCFS2 file
system driver could lead to a use-after-free. A local attacker could use
this flaw to escalate privileges.


* CVE-2024-57901, CVE-2024-57902: Remote denial-of-service in packet socket driver.

A logic error when receiving raw network packets using the packet
socket interface could lead to a kernel panic. A remote attacker
could use this flaw to cause a denial-of-service.


* CVE-2025-21631: Privilege escalation in Budget Fair Queueing (BFQ) I/O scheduler.

A missing check when using the Budget Fair Queueing (BFQ) I/O scheduler
could lead to a use-after-free. A local attacker could use this flaw to
escalate privileges.


* CVE-2025-21636, CVE-2025-21637, CVE-2025-21638, CVE-2025-21639, CVE-2025-21640: Denial-of-service in SCTP.

A logic error when using the SCTP protocol driver could lead to a
NULL pointer dereference. A local attacker could use this flaw to
cause a denial-of-service.


* CVE-2025-21669: Denial-of-service in Virtual Socket protocol driver.

A logic error when using the Virtual Socket protocol driver could lead
to a NULL pointer dereference. A local attacker could use this flaw to
cause a denial-of-service.


* CVE-2025-21692: Privilege escalation in ETS packet scheduler.

A missing check in the Enhanced Transmission Selection scheduler could
lead to an out-of-bounds memory access. A local attacker could use this
flaw to escalate privileges.


* CVE-2025-21699: Disk corruption in GFS2 filesystem.

There is a logic error in the GFS2 filesystem code's handling of the
FS_IOC_SETFLAGS ioctl call, which sets the flags for an inode and is
used by the `chattr` command. A local attacker could use this flaw to
cause disk corruption.

This update fixes the logic error so the handling is fixed and later
usage of the ioctl results in correct behaviour, but doesn't actively
attempt to fix the existing filesystem inodes.


* Note: Oracle will not provide a zero-downtime update for CVE-2024-53241 (XSA-466).

CVE-2024-53241 (XSA-466) is an information leak from Xen guests.

Oracle has determined that patching CVE-2024-53241 (XSA-466) on a
running system would not be safe and recommends a reboot if Xen is used.


* Note: Oracle has determined some CVEs are not applicable.

The kernel is not affected by the following CVEs
since the code under consideration is not compiled.

CVE-2021-47655, CVE-2022-49034, CVE-2024-47143, CVE-2024-50051,
CVE-2024-53145, CVE-2024-53158, CVE-2024-53161, CVE-2024-53165,
CVE-2024-53181, CVE-2024-53183, CVE-2024-53184, CVE-2024-53226,
CVE-2024-53241, CVE-2024-56572, CVE-2024-56575, CVE-2024-56578,
CVE-2024-56581, CVE-2024-56610, CVE-2024-56678, CVE-2024-56679,
CVE-2024-56701, CVE-2024-56726, CVE-2024-56728, CVE-2024-56754,
CVE-2024-56766, CVE-2024-56767, CVE-2024-56776, CVE-2024-56777,
CVE-2024-56778, CVE-2024-56781, CVE-2024-56785, CVE-2024-56787,
CVE-2024-57838, CVE-2024-57849, CVE-2024-57904, CVE-2024-57906,
CVE-2024-57911, CVE-2024-57939, CVE-2025-21687, CVE-2025-21697

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.

More information about the Ksplice-Ubuntu-22.04-updates mailing list