[Ksplice][EL7-Updates] New updates available via Ksplice (RHSA-2015:0102-1)

Phil Turnbull phil.turnbull at oracle.com
Thu Jan 29 12:37:00 PST 2015 

Synopsis: RHSA-2015:0102-1 can now be patched using Ksplice
CVEs: CVE-2014-4171 CVE-2014-5471 CVE-2014-5472 CVE-2014-7145 CVE-2014-7822 CVE-2014-7841

Systems running Red Hat Enterprise Linux 7 can now use Ksplice to
patch against the latest Red Hat Security Advisory, RHSA-2015:0102-1.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack on RHEL 7 install these
updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* CVE-2014-4171: Denial-of-service in shared memory when faulting into a hole while it's punched.

A flaw in the shared memory fault implementation could lead to a kernel
hang if the fault happens to be in a hole which is being punched or
sliced. A local, privileged user could use this flaw to cause a
denial-of-service.


* CVE-2014-7145: NULL pointer dereference in CIFS SMB2 error handling.

Invalid error handling in the cifs smb2 code could result in
a NULL pointer dereference and kernel panic.


* CVE-2014-7822: Incorrect parameter validation in splice() system call.

An incorrect parameter validation in the splice() system call could allow
a local, unprivileged user could use this flaw to write past the maximum
file size, and thus crash the system.


* CVE-2014-7841: NULL pointer dereference with SCTP server during ASCONF.

A problem with how the SCTP verifies input can lead to a NULL pointer
dereference and kernel panic.  A malicious user could exploit this using
a specially crafted packet to cause a denial-of-service.


* CVE-2014-5471, CVE-2014-5472: Privilege escalation in ISO filesystem implementation.

The parse_rock_ridge_inode_internal() function in the ISO filesystem driver
does not correctly check relocated directories when processing Rock Ridge
child link tags. An attacker with physical access to the system could use a
specially crafted ISO image to cause a denial of service or, potentially,
escalate their privileges.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.

More information about the Ksplice-EL7-updates mailing list