[Ksplice][Ubuntu-Oracle-Updates] New Ksplice updates for Ubuntu OCI kernel (USN-5385-1)

Oracle Ksplice quentin.casasnovas at oracle.com
Fri Apr 22 11:46:00 UTC 2022 

Synopsis: USN-5385-1 can now be patched using Ksplice
CVEs: CVE-2020-36516 CVE-2021-43975 CVE-2022-0617 CVE-2022-24448 CVE-2022-24959

Systems running Ubuntu OCI kernel can now use Ksplice to patch against
the latest Ubuntu Security Notice, USN-5385-1.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running Ubuntu OCI
kernel install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* CVE-2022-0617: NULL-pointer dereference when processing UDF metadata.

When converting a UDF filesystem control block to its expanded form, an
invalid block could result in a NULL callback being invoked, resulting
in a system crash. A malicious user or filesystem image might exploit
this to cause a denial-of-service.


* CVE-2022-24448: Information leak when NFSv4 directory lookup fails.

If an open is performed with O_DIRECTORY on a regular file mounted over
NFSv4, the returned file descriptor will be uninitialized, potentially
leaking sensitive kernel information.


* CVE-2021-43975: Out-of-bounds access in aQuantia AQtion(tm) Ethernet card driver.

A lack of input validation in aQuantia AQtion(tm) Ethernet card driver
could result in an out-of-bounds access. Compromised/Malfunctioning
devices could be used by an attacker to trigger this flaw and cause
a denial-of-service or execute arbitrary code.


* CVE-2022-24959: Denial-of-service in YAM AX.25 device driver.

A bad error handling flaw in the YAM AX.25 device driver could happen
due to improper memory deallocation in some error conditions and cause
memory leaks. A local privileged user could use this flaw for a denial
of service.


* CVE-2020-36516: Man-in-the-Middle Attack in TCP/IP Protocol.

A flaw in TCP/IP Protocol implementation could allow an off-path TCP
hijacking attack that could be used to terminate victim TCP connections
or inject forged data into victim TCP connections by manipulating
the mixed IPID assignment method. A remote user could use this flaw
to perform a Man-in-the-Middle Attack.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.

More information about the Ksplice-Ubuntu-Oracle-Updates mailing list