[Ksplice][Fedora-16-updates] New updates available via Ksplice (FEDORA-2012-8359)

[Jamie Iles]

Synopsis: FEDORA-2012-8359 can now be patched using Ksplice
CVEs: CVE-2012-2375

Systems running Fedora 16 can now use Ksplice to patch against the
latest Fedora kernel update, FEDORA-2012-8359.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack on Fedora 16 install
these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* NULL pointer dereference in MTD character driver.

A NULL pointer dereference in the MTD character driver could result in a
kernel panic.


* Deadlock in JFFS2 filesystem.

Under certain circumstances, circular locking in the JFFS2 filesystem
could result in a soft lockup.


* Use-after-free in device mapper subsystem.

The expiry of a timer after suspending a device could result in a
use-after-free resulting in undefined operation.


* Denial of service in TCP sockets.

Splicing data to a TCP socket in out-of-memory conditions could result
stalls and a denial of service.


* Task hang in sync-mounted ext4 filesystems.

An ext4 filesystem mounted with the sync option and no journal would
result in task hangs when accessing the filesystem.


* Memory leak in memory control group.

The memory control group did not free all data structures on removal of
the last event leading to a memory leak.


* CVE-2012-2375: Kernel crash in NFSv4.

The upstream fix for CVE-2010-4131 was incomplete and still exploitable
under certain circumstances.  nfs4_getfacl decoding causes a kernel
crash when a server returns more than 2 GETATTR bitmap words in response
to the FATTR4_ACL attribute request.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.