[Ksplice][Ubuntu-24.04-Updates] New Ksplice updates for Ubuntu 24.04 Noble (USN-6949-1)

Fri Aug 30 09:47:00 UTC 2024

Synopsis: USN-6949-1 can now be patched using Ksplice
CVEs: CVE-2024-36000 CVE-2024-36883 CVE-2024-36886 CVE-2024-36904 CVE-2024-36933 CVE-2024-36941 CVE-2024-36964 CVE-2024-38558 CVE-2024-38578 CVE-2024-38586 CVE-2024-38599

Systems running Ubuntu 24.04 Noble can now use Ksplice to patch
against the latest Ubuntu Security Notice, USN-6949-1.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running Ubuntu 24.04
Noble install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y

DESCRIPTION

* CVE-2024-36000: Denial-of-service in HugeTLB.

A locking error when using HugeTLB could lead to a kernel assertion
failure. A local attacker could use this flaw to cause a denial-of-
service.

* CVE-2024-36883: Denial-of-service in Networking namespace support.

A race condition when using Networking namespace support could lead to
an out-of-bounds memory access. A local attacker could use this flaw to
cause a denial-of-service.

* CVE-2024-36886: Remote code execution in TIPC networking stack.

A logic error when using the TIPC networking stack could lead to a
use-after-free. A remote attacker could use this flaw to execute
arbitrary code in kernel mode, escalate privileges, cause a
denial-of-service, or aid in other types of attacks.

* CVE-2024-36904: Remote code execution in TCP/IP networking stack.

A race condition in TCP/IP networking stack can cause a data race
with a refcount value, leading to an underflow, which can cause a
use-after-free elsewhere in the kernel depending on the refcount.
A remote attacker could use this flaw to execute arbitrary code in
kernel mode, escalate privileges, cause a denial-of-service, or aid
in other types of attacks.

* CVE-2024-36933: Information leak in Network Service Header protocol stack.

A logic error when using the Network Service Header protocol stack could
lead to an out-of-bounds memory access. A local attacker could use this
flaw to extract sensitive information.

* CVE-2024-36941: Denial-of-service in core WiFi subsystem.

A missing check when using the core WiFi subsystem could lead to a NULL
pointer dereference. A local attacker could use this flaw to cause a
denial-of-service.

* CVE-2024-36964: Privilege escalation in Plan 9 Resource Sharing filesystem.

A logic error when using the Plan 9 Resource Sharing filesystem stack
could lead to garbage 9P mode bits setting the underlying Unix perm
bits, including the suid bit. A local attacker could use this flaw to
escalate privileges.

* CVE-2024-38558: Denial-of-service in Open vSwitch driver.

A logic error when using Open vSwitch driver could lead to destination
address being partially zeroed out. A local attacker could use this flaw
to cause a denial-of-service.

* CVE-2024-38578: Information leak in Linux filesystem encryption layer.

A logic error when using Linux filesystem encryption layer could lead to
an out-of-bounds memory write. A local attacker could use this flaw to
extract sensitive information.

* CVE-2024-38586: Memory corruption in Realtek 8169/8168/8101/8125 ethernet driver.

A logic error when using Realtek 8169/8168/8101/8125 ethernet driver
could possibly lead to ring buffer corruption and NULL pointer
dereference. A local attacker could use this flaw to cause
denial-of-service.

* CVE-2024-38599: Disk corruption in JFFS2 filesystem.

A missing check when using JFFS2 filesystem could lead to an out-of-
bounds memory write. A local attacker could use this flaw to cause disk
corruption.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.