Oracle Linux 6266 Published by

The following updates has been released for Oracle Linux:

ELSA-2018-1957 Important: Oracle Linux 7 git security update
New Ksplice updates for UEKR3 3.8.13 on OL6 and OL7 (ELSA-2018-4134)



ELSA-2018-1957 Important: Oracle Linux 7 git security update

Oracle Linux Security Advisory ELSA-2018-1957

http://linux.oracle.com/errata/ELSA-2018-1957.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
emacs-git-1.8.3.1-14.el7_5.noarch.rpm
emacs-git-el-1.8.3.1-14.el7_5.noarch.rpm
git-1.8.3.1-14.el7_5.x86_64.rpm
git-all-1.8.3.1-14.el7_5.noarch.rpm
git-bzr-1.8.3.1-14.el7_5.noarch.rpm
git-cvs-1.8.3.1-14.el7_5.noarch.rpm
git-daemon-1.8.3.1-14.el7_5.x86_64.rpm
git-email-1.8.3.1-14.el7_5.noarch.rpm
git-gui-1.8.3.1-14.el7_5.noarch.rpm
git-hg-1.8.3.1-14.el7_5.noarch.rpm
git-p4-1.8.3.1-14.el7_5.noarch.rpm
git-svn-1.8.3.1-14.el7_5.x86_64.rpm
gitk-1.8.3.1-14.el7_5.noarch.rpm
gitweb-1.8.3.1-14.el7_5.noarch.rpm
perl-Git-1.8.3.1-14.el7_5.noarch.rpm
perl-Git-SVN-1.8.3.1-14.el7_5.noarch.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/git-1.8.3.1-14.el7_5.src.rpm



Description of changes:

[1.8.3.1-14]
- Backport fix for CVE-2018-1123
- Thanks to Jonathan Nieder for backporting to 2.1.x
and to Steve Beattie for backporting to 1.9.1

New Ksplice updates for UEKR3 3.8.13 on OL6 and OL7 (ELSA-2018-4134)

Synopsis: ELSA-2018-4134 can now be patched using Ksplice
CVEs: CVE-2016-2384 CVE-2016-2543 CVE-2016-2544 CVE-2016-2545 CVE-2016-2547
CVE-2016-2548 CVE-2016-2549 CVE-2017-1000410 CVE-2017-17741 CVE-2018-10323
CVE-2018-3665

Users with Oracle Linux Premier Support can now use Ksplice to patch
against the latest Oracle Linux Security Advisory, ELSA-2018-4134.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running UEKR3 3.8.13 on
OL6 and OL7 install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* CVE-2016-2384: Privilege escalation in USB MIDI device driver.

The USB MIDI device driver does not correctly free memory when failing
to initialize an endpoint which can cause a use-after-free condition. A
local unprivileged user can use this flaw to trigger kernel code
execution.

Orabug: 28058229


* CVE-2016-2543: Denial-of-service in ALSA SNDRV_SEQ_IOCTL_REMOVE_EVENTS ioctl().

A missing NULL pointer check in the SNDRV_SEQ_IOCTL_REMOVE_EVENTS
ioctl() handler could result in a NULL pointer dereference and kernel
crash. A local user with access to an ALSA device could use this flaw
to crash the system.

Orabug: 28058229


* CVE-2016-2549: Denial-of-service in ALSA timer management.

Incorrect timer reprogramming in the ALSA subsystem could result in
deadlock. A local user with access to the device could use this flaw to
cause a denial-of-service.

Orabug: 28058229


* CVE-2017-1000410: Information leak in Bluetooth L2CAP messages.

Incorrect handling of short EFS elements in an L2CAP message could allow
an attacker to leak the contents of kernel memory.

Orabug: 28030520


* CVE-2018-10323: NULL pointer dereference when converting extents-format to
B+tree in XFS filesystem.

A logic error when converting extents-format to B+tree in XFS filesystem
could lead to a NULL pointer dereference. A local attacker could use
this flaw with a crafted XFS image to cause a denial-of-service.

Orabug: 27989498


* CVE-2016-2544, CVE-2016-2545, CVE-2016-2547, CVE-2016-2548: Use-after-free in
ALSA sequencer timers.

Multiple flaws could result in a use-after-free when adding and removing
timers in the ALSA sequencer. A local user with access to the device
could use this flaw to crash the system, or potentially escalate
privileges.

Orabug: 28058229


* CVE-2017-17741: Information leak in kvm_mmio tracepoint.

An out-of-bounds access in the kvm_mmio tracepoint could result in
disclosure of sensitive information from the host Kernel to a guest. A
malicious guest could use this flaw to facilitate a further attack on
the host Kernel.

Orabug: 27951287


* CVE-2018-3665: Information leak in floating point registers.

An information leak from floating point registers when lazy FPU context
switching was performed could allow a malicious local user to gain
access to sensitive information across process boundaries.

Orabug: 28156176

SUPPORT

Ksplice support is available at ksplice-support_ww@oracle.com.