[Ksplice][EL7-Updates] New Ksplice updates for OL 7, RHEL 7, CentOS 7, and Scientific Linux 7 (RHBA-2017:2581)

[Oracle Ksplice]

Synopsis: RHBA-2017:2581 can now be patched using Ksplice

Systems running RHCK on Oracle Linux 7, Red Hat Enterprise Linux 7,
CentOS 7, and Scientific Linux 7 can now use Ksplice to patch against
the latest Red Hat Bug Fix Advisory, RHBA-2017:2581.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running OL 7, RHEL 7,
CentOS 7, and Scientific Linux 7 install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* Memory leak in the Non Volatile Memory Express driver when releasing an IO buffer.

Failure to release the memory used by an IO buffer in the Non Volatile
Memory Express (NVMe) driver leads to a memory leak.  An attacker could use
this flaw to cause a denial-of-service through memory exhaustion.


* Use-after-free when disabling an IPSec tunnel.

Incorrect reference counting on a cryptographic algorithm object could lead
to a use-after-free and kernel panic.  A local user with the ability to
disable an IPsec tunnel between two nodes could use this flaw to cause a
denial-of-service.


* NULL pointer dereference in Chelsio Ethernet driver when setting up DMA queues.

A logic error in the Chelsio Ethernet (CXGB4) driver when setting up DMA
queues could lead to a NULL pointer dereference when the adapter is not in
offload mode.  A local user with the ability to change the adapter mode
could use this flaw to cause a denial-of-service.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.