[Ksplice][Fedora-15-updates] New updates available via Ksplice (FEDORA-2011-9130)

[Anders Kaseorg]

Synopsis: FEDORA-2011-9130 can now be patched using Ksplice
CVEs: CVE-2011-2497 CVE-2011-2517

Systems running Fedora 15 can now use Ksplice to patch against the
latest Fedora security update, FEDORA-2011-9130.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack on Fedora 15 install
these updates.  You can install these updates by running:

# /usr/sbin/uptrack-upgrade -y

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any additional action.


DESCRIPTION

* Denial of service on block open failure.

A NULL pointer dereference in the blkdev_get function could lead to
denial of service.


* Denial of service in CFQ disk scheduler.

Incorrect locking in the __cfq_exit_single_io_context function could
lead to denial of service via kernel oops.


* CVE-2011-2497: Remote heap corruption in Bluetooth L2CAP.

A remote user can trigger an integer underflow via a malformed L2CAP
configuration request, leading to denial of service via heap
corruption.


* CVE-2011-2517: Buffer overflow in 802.11 netlink interface.

The nl80211_trigger_scan function failed to check for a valid SSID
length, leading to denial of service via buffer overflow.

SUPPORT

Ksplice support is available at support at ksplice.com or +1 765-577-5423.