[Ksplice][Ubuntu-Oracle-Updates] New Ksplice updates for Ubuntu OCI kernel (USN-4363-1)
Oracle Ksplice
ksplice-support_ww at oracle.com
Tue Jun 30 23:51:56 PDT 2020
Synopsis: USN-4363-1 can now be patched using Ksplice
CVEs: CVE-2020-11494 CVE-2020-12657 CVE-2020-12826
Systems running Ubuntu OCI kernel can now use Ksplice to patch against
the latest Ubuntu Security Notice, USN-4363-1.
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack running Ubuntu OCI
kernel install these updates.
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.
Alternatively, you can install these updates by running:
# /usr/sbin/uptrack-upgrade -y
DESCRIPTION
* Denial-of-service when performing fallocate in ocfs2 filesystem.
Incorrect handling of the fallocate syscall in the ocfs2 filesystem
could trigger a kernel BUG. An attacker could exploit this to cause a
denial-of-service.
* Denial-of-service when processing a write request in NFS.
A bug in the NFS filesystem leads to memory leak when processing write
requests. An attacker may exploit this to exhaust kernel memory and
cause a denial-of-service.
* CVE-2020-12657: Use-after-free in BFD I/O scheduler subsystem.
A race condition in the BFD I/O scheduler subsystem when clearing queue
leads to a use-after-free bug. An attacker may exploit this bug to cause
a denial-of-service.
* CVE-2020-11494: Information leak in serial line CAN device communication.
When communicating with a CAN device over serial, a buffer structure is
transmitted without proper sanitization, potentially exposing stack
memory over the network.
* Data corruption in the HFS+ filesystem when deleting files.
A bug in extended attribute handling in the HFS+ filesystem causes
on-disk data corruption when deleting files. This could lead to
inadvertent data loss.
* Denial-of-service during address resolution in the rdma driver.
Inadequate error handling in the rdma subsystem leads to a NULL pointer
dereference during address resolution. An attacker may exploit this bug
to cause a denial-of-service.
* Data corruption in the gfs2 filesystem.
A data race in the gfs2 filesystem due to inadequate exclusion could
lead to permanent data corruption after transient error. This could lead
to inadvertent data loss.
* Denial-of-service when processing delayed work in btrfs.
Incorrect locking in the btrfs filesystem when running delayed items
could lead to a deadlock. An attacker could exploit this bug to cause
a denial-of-service.
* Denial-of-service in the block I/O subsystem.
A use-after-free bug in the block I/O subsystem while clearing request
queue could cause a kernel panic. An attacker could exploit this bug to
cause a denial-of-service.
* Denial-of-service when performing fsync in btrfs filesystem.
Failing to release a lock in the after an fsync leads to deadlock in the
btrfs filesystem. An attacker could exploit this bug to cause a
denial-of-service.
* Use-after-free when tearing down SCTP queue.
A reference counting bug in the SCTP protocol leads to a use-after-free
in while tearing down outgoing queue. An attacker could exploit this bug
to cause a denial-of-service.
* CVE-2020-12826: Privilege escalation in process signal handling.
A logic error in the way signal are passed from child to parent could
lead to a child sending any signal to a parent. A local attacker could
use this flaw to escalate privileges.
SUPPORT
Ksplice support is available at ksplice-support_ww at oracle.com.
More information about the Ksplice-Ubuntu-Oracle-Updates
mailing list