[Ksplice][Fedora-18-updates] New updates available via Ksplice (FEDORA-2013-4645)
Sonja Tideman
sonja.tideman at oracle.com
Thu Apr 4 13:07:18 PDT 2013
Synopsis: FEDORA-2013-4645 can now be patched using Ksplice
Systems running Fedora 18 can now use Ksplice to patch against the
latest Fedora kernel update, FEDORA-2013-4645.
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack on Fedora 18 install
these updates.
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.
Alternatively, you can install these updates by running:
# /usr/sbin/uptrack-upgrade -y
DESCRIPTION
* Kernel crash in B.A.T.M.A.N. advanced meshing protocol.
A missing bounds check in B.A.T.M.A.N. packet processing could lead to
out-of-bounds memory accesses. A remote attacker could potentially use
this to crash the kernel if this protocol is in use.
* Kernel crash in SCTP protocol handler.
Due to a bug in the SCTP protocol handler, packets containing duplicate
cookie chunks will lead to inconsistent data structures. A remote
attacker could use this to crash the kernel.
* Use-after-free in virtio net host kernel accelerator.
A user-controlled variable was being used without sanitation. A malicious
guest VM could use this to cause a use-after-free and subsequent kernel
crash.
* Use-after-free in TCP fragmentation handling.
Under certain circumstances, MTU reduction on listening TCP sockets
may lead to prematurely freeing the socket. An attacker could use
this to crash the kernel.
* Locking imbalance in POSIX message queues.
When remounting an mqueue filesystem, an incorrect assumption about
the writability of the filesystem could lead to a locking imbalance
and a subsequent kernel hang.
* Use after free in generic journaling layer (JBD2).
Incorrect reference counting can lead to a use-after-free in the JBD2
subsystem. A malicious user could potentially use the flaw to crash the
kernel.
* Kernel hang when unmounting ext4 filesystems mounted in 'journal' mode.
Under certain circumstances, mounting and unmounting an ext4 filesystem
quickly can lead to a kernel hang. A local user with sufficient
privileges could use this to carry out a denial-of-service attack.
SUPPORT
Ksplice support is available at ksplice-support_ww at oracle.com.
More information about the Ksplice-Fedora-18-Updates
mailing list