[Ksplice][EL6-Updates] New updates available via Ksplice (RHSA-2015:1081)

Oracle Ksplice ksplice-support_ww at oracle.com
Wed Jun 10 20:08:27 PDT 2015 

Synopsis: RHSA-2015:1081 can now be patched using Ksplice
CVEs: CVE-2014-9419 CVE-2014-9420 CVE-2014-9585 CVE-2015-1805 CVE-2015-3331

Systems running RHCK on Oracle Linux 6, Red Hat Enterprise Linux 6,
CentOS 6, and Scientific Linux 6 can now use Ksplice to patch against
the latest Red Hat Security Advisory, RHSA-2015:1081.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack on OL 6, RHEL 6, CentOS
6, and Scientific Linux 6 install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* CVE-2015-1805: Memory corruption in handling of userspace pipe I/O vector.

Pipe I/O vector handling functions didn't handle failure of atomic accesses
correctly. This would allow a local unprivileged user to crash the system.


* CVE-2015-3331: Denial-of-service in Intel AES RFC4106 decryption.

Incorrect mapping of buffers in the Intel AES RFC4106 implementation
could result in a kernel crash.  A local, unprivileged user with access
to AF_ALG(aead) sockets could use this flaw to trigger a
denial-of-service.


* CVE-2014-9419: Address leak on context switch bypasses ASLR.

A flaw in the context switch code could lead to leaking another thread's
local storage area.  A local, unprivileged user could use this flaw to gain
information about another process address space mappings and bypass address
space layout randomization.


* CVE-2014-9420: Infinite loop in isofs when parsing continuation entries.

A flaw in the iso9660 file system support could lead to an infinite
recursion loop when parsing continuation entries.  An unprivileged user
could use this flaw to crash the system resulting in a denial-of-service.


* CVE-2014-9585: Address space layout randomization bypass for VDSO address.

A flaw in the VDSO code loader leads to a 50% chance of having the VDSO
address placed at the end of a PMD. This could allow an attacker to bypass
ASLR protections more easily.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.

More information about the Ksplice-EL6-Updates mailing list