New Ksplice updates for Oracle Enhanced RHCK 7 are available.

El-errata: New Ksplice updates for Oracle Enhanced RHCK 7 (ELBA-2021-2725-1)

Synopsis: ELBA-2021-2725-1 can now be patched using Ksplice
CVEs: CVE-2019-20934 CVE-2020-11668 CVE-2021-33033 CVE-2021-33034 CVE-2021-33909

Users with Oracle Linux Premier Support can now use Ksplice to patch
against the latest Oracle Linux Bug Fix Advisory, ELBA-2021-2725-1.
More information about this errata can be found at
  https://linux.oracle.com/errata/ELBA-2021-2725-1.html

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running Oracle Enhanced
RHCK 7 install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y

DESCRIPTION

* Prepare Ksplice options for entry.S.



* Clear garbage data on the kernel stack when handling signals.



* Provide an interface to freeze tasks.

Provides an alternative method for freezing selected tasks using a flag
in struct task_struct. This is useful starting with 3.3 due to
freezer changes.

* Workaround for alternative instruction inconsistencies.

Some RHEL7 kernels apply different alternative instructions between the
Kernel and modules, this prevents Ksplice update modules from patching core
Kernel code. This update works around the problem by ensuring alternative
instructions are applied in Ksplice updates to the Kernel in the same way
they would have been at boot.

* KSPLICE enablement for patching KVM Intel module.



* CVE-2021-33034: Use-after-free when tearing down bluetooth HCI channel.

A race condition in the bluetooth Host Controller Interface code could
result in a use-after-free. A malicious device might exploit this to
write data to an arbitrary kernel address, potentially allowing code
execution under control of the device.

* CVE-2020-11668: NULL pointer dereference when initializing Xirlink C-It USB camera device.

A missing check on USB endpoints when initializing Xirlink C-It USB
camera device could lead to a NULL pointer dereference. A local attacker
could use this flaw and a malicious USB device to cause a
denial-of-service.

* CVE-2021-33033: Use-after-free in NetLabel subsystem due to improper reference counting.

A flaw in CIPSO and CALIPSO reference counting scheme of NetLabel packet
labeling framework could lead to a use-after-free. A local use could this
flaw for a code execution or a denial-of-service.

* CVE-2021-33909: Code execution in the virtual file system.

An unsigned to signed integer conversion flaw in the virtual file system
implementation could lead to a system crash. A local attacker could use
this flaw to execute arbitrary code or cause a denial-of-service.

* Ksplice enablement for patching the huge page kernel thread.



* CVE-2019-20934: Use-after-free when reading NUMA statistics concurrently to execve.

A locking error in the function freeing NUMA statistics could lead to a
use-after-free on concurrent read of /proc/pid/sched by userspace. A
local, unprivileged user could use this flaw to leak information from the
kernel or cause a denial-of-service.

SUPPORT

Ksplice support is available at ksplice-support_ww@oracle.com.