[Ksplice][Fedora-16-updates] New updates available via Ksplice (FEDORA-2012-3350)
Sasha Levin
sasha.levin at oracle.com
Mon Mar 12 04:03:58 PDT 2012
Synopsis: FEDORA-2012-3350 can now be patched using Ksplice
CVEs: CVE-2012-1097
Systems running Fedora 16 can now use Ksplice to patch against the
latest Fedora security update, FEDORA-2012-3350.
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack on Fedora 16 install
these updates. You can install these updates by running:
# /usr/sbin/uptrack-upgrade -y
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any additional action.
DESCRIPTION
* CVE-2012-1097: NULL pointer dereference in the ptrace subsystem.
Under certain circumstances, ptrace-ing a process could lead to a NULL
pointer dereference and kernel panic.
* Denial of service in transparent hugepage memory subsystem.
It is possible to trigger a BUG() when exiting a process or freeing a large
block of memory which was mapped using transparent hugepages.
SUPPORT
Ksplice support is available at ksplice-support_ww at oracle.com.
More information about the Ksplice-Fedora-16-Updates
mailing list