New Ksplice updates for UEKR6 5.4.17 on OL7 and OL8 (ELSA-2023-12782)
Synopsis: ELSA-2023-12782 can now be patched using Ksplice
CVEs: CVE-2022-40982 CVE-2022-47946 CVE-2023-3212 CVE-2023-3390 CVE-2023-35001 CVE-2023-3776 CVE-2023-3863 CVE-2023-4132
Users with Oracle Linux Premier Support can now use Ksplice to patch
against the latest Oracle Linux Security Advisory, ELSA-2023-12782.
More information about this errata can be found at
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack running UEKR6 5.4.17 on
OL7 and OL8 install these updates.
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.
Alternatively, you can install these updates by running:
# /usr/sbin/uptrack-upgrade -y
* CVE-2023-3212: NULL dereference in GFS2 file system.
On corrupt gfs2 file systems, the evict logic can dereference the journal
descriptor after it has been freed, leading to a NULL pointer dereference. A
local user with privileges can use this flaw to cause denial-of-service.
* CVE-2023-4132: Use-after-free in Siano MDTV reciever driver.
A logic error in the smsusb driver can lead to a use-after-free
scenario. This flaw could be exploited by an unprivileged local
attacker to cause a denial-of-service.
* CVE-2023-3390: Use-after-free in Netfilter nf_tables packet classification framework.
Incorrect error path handling with NFT_MSG_NEWRULE in the Netfilter
nf_tables packet classification framework can lead to a use-after-free.
This can allow a local unprivileged user to perform arbitrary access to
kernel memory and escalate privileges.
* CVE-2023-35001: Out-of-bounds memory access in Netfilter nf_tables packet classification framework.
A flaw in netfilter nf_tables when evaluating byteorder expressions may
lead to an out-of-bounds memory read or write. A local user with the
CAP_NET_ADMIN capability could use this flaw to escalate privileges.
* CVE-2023-3776: Use-after-free in netfilter classifier due to refcount error.
Incorrect refcounting in the netfilter classifier might result in
use-after-free, potentially allowing an attacker to cause a
* CVE-2022-47946: Privilege escalation when waiting in io_uring subsystem.
A logic error when using IORING_ENTER_SQ_WAIT option of io_uring could
lead to a use-after-free. A local attacker with system execution
privileges could use this flaw to escalate privileges.
* Add possibility to disable usage of io_uring subsystem.
io_uring subsystem has many security issues with some of it being
impossible to live patch. Thus, Oracle decided to add a way for customer
not using io_uring to disable it for unprivileged user by using
Note that io_uring is disabled by default for unprivileged users.
This is the solution proposed by Oracle for CVE-2022-2327,
CVE-2023-3389 and CVE-2023-1295.
* Note: Oracle will not provide a zero-downtime update for CVE-2022-40982.
The fix for this CVE on systems running Oracle UEK6 is a microcode
update for affected CPUs. Customers will need to upgrade the microcode
on affected CPUs in order to mitigate this vulnerability.
* Note: Oracle has determined that CVE-2023-3863 is not applicable.
A use-after-free in NFC subsystem could allow a local attacker to leak
information about the running kernel.
The kernel is not affected by CVE-2023-3863 since the code under
consideration is not compiled.
Ksplice support is available at firstname.lastname@example.org.
New Ksplice updates for UEKR6 5.4.17 on Oracle Linux 7 and 8 are available.