Oracle Linux 6265 Published by

New Ksplice updates for UEKR5 4.14.35 on Oracle Linux 7 are available.



El-errata: New Ksplice updates for UEKR5 4.14.35 on OL7 (ELSA-2023-12242)


Synopsis: ELSA-2023-12242 can now be patched using Ksplice
CVEs: CVE-2022-3107 CVE-2023-1073 CVE-2023-1074 CVE-2023-1513 CVE-2023-23559 CVE-2023-26545

Users with Oracle Linux Premier Support can now use Ksplice to patch
against the latest Oracle Linux Security Advisory, ELSA-2023-12242.
More information about this errata can be found at
  https://linux.oracle.com/errata/ELSA-2023-12242.html

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running UEKR5 4.14.35
on OL7 install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y

DESCRIPTION

* CVE-2023-23559: Buffer overflow in driver for RNDIS-based wireless USB devices.

A buffer overflow exists in the driver code for wireless USB devices based on
Remote Network Driver Interface Specification (RNDIS). This could allow a local
user to cause denial-of-service.

* CVE-2023-1073: Memory Corruption in HID subsystem.

An error in the human interface device (HID) subsystem during insertion
of a USB device can trigger memory corruption. This can allow a local
user to cause denial-of-service or escalate privileges.

* CVE-2023-1074: Memory Leak in Stream Control Transmission Protocol.

A flaw in the Stream Control Transmission Protocol (sctp) can allow a
local user to start a malicious networking service that leaks kernel
memory. This could allow the user to starve resources leading to a
denial-of-service.

* CVE-2022-3107: Denial-of-service in Microsoft Hyper-V virtual network driver.

A missing check in Microsoft Hyper-V virtual network driver could
result in a null pointer dereference. A local attacker could use
this flaw to cause denial-of-service.

Orabug: 34951483

* CVE-2023-26545: Stale pointer in MultiProtocol Label Switching subsystem.

Incorrect error handling in the MultiProtocol Label Switching subsystem
(MPLS) during the renaming of a device can lead to double free. This could
allow a local user to write to arbitrary memory locations or cause
denial-of-service.

* CVE-2023-1513: Information leak in KVM ioctl.

Incomplete initialization of structure returned to user during KVM's
KVM_GET_DEBUGREGS ioctl can lead to information leak. This can allow a local
user to access to privileged data.

* Latency when replying to retries in the NFS server.

A bad heuristic to return cached entries in the NFS server when the entry
was just created could lead to extra latency after a reconnect.

Orabug: 35136066

* Parallelize mapping and unmapping operations of large address ranges.

Mapping and unmapping operations on preserved memory increase linearly with
the memory size, leading to delays to exec new processes. Parallize those
operations to significantly improve the time it takes to exec a new
process.

Orabug: 35054623

* Denial-of-service in the RDS Infiniband driver when garbage collecting caches.

Lack of calling to the scheduler to let other tasks run in the RDS
Infiniband driver garbage collector could lead to soft lock-ups.

Orabug: 35079728

SUPPORT

Ksplice support is available at ksplice-support_ww@oracle.com.


_______________________________________________