[Ksplice][EL6-Updates] New updates available via Ksplice (RHSA-2012:0350-1)
Tim Abbott
tim.abbott at oracle.com
Fri Mar 9 00:06:50 PST 2012
Synopsis: RHSA-2012:0350-1 can now be patched using Ksplice
CVEs: CVE-2011-4077 CVE-2011-4081 CVE-2011-4132 CVE-2011-4347
CVE-2011-4594 CVE-2011-4622 CVE-2012-0038 CVE-2012-0045 CVE-2012-0207
Red Hat Security Advisory Severity: Moderate
Systems running Red Hat Enterprise Linux 6, CentOS 6, and Scientific
Linux 6 can now use Ksplice to patch against the latest Red Hat
Security Advisory, RHSA-2012:0350-1.
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack on RHEL 6, CentOS 6,
and Scientific Linux 6 install these updates. You can install these
updates by running:
# /usr/sbin/uptrack-upgrade -y
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any additional action.
DESCRIPTION
* CVE-2011-4077: Buffer overflow in xfs_readlink.
A flaw in the way the XFS filesystem implementation handled links with
pathnames larger than MAXPATHLEN allowed an attacker to mount a
malicious XFS image that could crash the system or result in privilege
escalation.
* CVE-2011-4081: NULL pointer dereference in GHASH cryptographic algorithm.
Nick Bowler reported an issue in the GHASH message digest
algorithm. ghash_update can pass a NULL pointer to gf128mul_4k_lle in some
cases, leading to a NULL pointer dereference (kernel OOPS).
* CVE-2011-4132: Denial of service in Journaling Block Device layer.
A flaw in the way the Journaling Block Device (JBD) layer handled an
invalid log first block value allowed an attacker to mount a malicious
ext3 or ext4 image that would crash the system.
* CVE-2011-4347: Denial of service in KVM device assignment.
Several bugs that allowed unprivileged users to improperly assign
devices to KVM guests could result in a denial of service.
* CVE-2011-4622: NULL pointer deference in KVM interval timer emulation.
Starting PIT timers in the absence of irqchip support could cause a
NULL pointer dereference and kernel OOPs.
* CVE-2012-0038: In-memory corruption in XFS ACL processing.
A missing check in xfs_acl_from_disk on the number of XFS ACLs could
result in in-memory corruption and a kernel panic.
* CVE-2012-0045: Denial of service in KVM system call emulation.
A bug in the system call emulation for allowed local users on a 32-bit
KVM guest system to cause the guest system to panic.
* CVE-2012-0207: Denial of service bug in IGMP.
The IGMP subsystem's compatibility handling of v2 packets had a bug in
the computation of a delay field which could result in division by
zero (causing a kernel panic).
* CVE-2011-4594: Denial of service in network message batching.
Two flaws were found in the way the Linux kernel's __sys_sendmsg()
function, when invoked via the sendmmsg() system call, accessed user-space
memory.
A local, unprivileged user could use these flaws to cause a denial
of service.
SUPPORT
Ksplice support is available at ksplice-support_ww at oracle.com.
More information about the Ksplice-EL6-Updates
mailing list