[Ksplice][Fedora-15-updates] New updates available via Ksplice (FEDORA-2012-2136)

Sasha Levin sasha.levin at oracle.com
Mon Feb 27 07:35:31 PST 2012 

Synopsis: FEDORA-2012-2136 can now be patched using Ksplice
CVEs: 

Systems running Fedora 15 can now use Ksplice to patch against the
latest Fedora security update, FEDORA-2012-2136.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack on Fedora 15 install
these updates.  You can install these updates by running:

# /usr/sbin/uptrack-upgrade -y

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any additional action.


DESCRIPTION

* NULL Dereference in the proc filesystem.

A missing check when releaseing a handle to a memory file in the proc filesystem
could allow a NULL dereference.


* Denial of service in the file mapping subsystem.

A race condition in the file mapping subsystem could allow two threads which try to
fault on the same memory page at the same time to potentially OOPS the system.


* Denial of service in the eCryptfs filesystem.

On 32bit systems, when truncating a file, the integer holding the file size
could overflow, which would put the write operation in an infinite loop in
the kernel.


* NULL dereference in the nVidia card driver.

A race condition between creating a fence and synchronizing with it could cause a NULL
derefence by attempting to sync with a fence which was already destroyed and set to NULL.


* NULL dereference in the CIFS filesystem.

When setting up a NULL user mount, the session setup code would still attempt
to copy the username of the user who's creating the mount into internal
structures.

Since in that case the username is always NULL, we would try to dereference
a NULL pointer, usually causing a kernel OOPS.


* NULL dereference in the SCSI subsystem.

A NULL dereference may occur if a SCSI device is physically removed
without being logically removed from the system.

This would lead to a NULL dereference since the revalidation routine
assumed the device is always present while it runs.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.

More information about the Ksplice-Fedora-15-Updates mailing list