[Ksplice][Fedora-16-updates] New updates available via Ksplice (FEDORA-2012-1298)
Anders Kaseorg
anders.kaseorg at oracle.com
Tue Feb 7 12:05:30 PST 2012
Synopsis: FEDORA-2012-1298 can now be patched using Ksplice
Systems running Fedora 16 can now use Ksplice to patch against the
latest Fedora security update, FEDORA-2012-1298.
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack on Fedora 16 install
these updates. You can install these updates by running:
# /usr/sbin/uptrack-upgrade -y
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any additional action.
DESCRIPTION
* Denial of service in eCryptfs.
A user may trigger heavy reclaim or even the OOM-killer by writing large
amount of data to a eCryptfs device.
* Memory corruption in the Direct Rendering Manager.
A race condition in the Direct Rendering Manager may allow an
unprivileged user to corrupt kernel memory.
* Memory corruption in the Xen subsystem.
High contention on a Xen spinlock may cause an overflow of the spinlock
structure and allow the user to corrupt kernel memory.
* NULL pointer dereference in the CAIF networking subsystem.
CAIF wasn't registering properly as a pernet subsystem, which would
allow a user to trigger calls into the CAIF code while the subsystem was
still uninitialized, leading to a NULL dereference.
* NULL dereference in the L2TP subsystem.
A NULL pointer dereference may occur when receiving L2TP packets while
using IP link encapsulation.
* Use after free in the MACVLAN driver.
A use after free in the MACVLAN driver will occur if a packet was
resized and reallocated, for example, if the network controller supports
hardware encryption.
SUPPORT
Ksplice support is available at ksplice-support_ww at oracle.com.
More information about the Ksplice-Fedora-16-Updates
mailing list