[Ksplice][Fedora-18-updates] New updates available via Ksplice (FEDORA-2013-4645)

Sonja Tideman sonja.tideman at oracle.com
Thu Apr 4 13:07:18 PDT 2013 

Synopsis: FEDORA-2013-4645 can now be patched using Ksplice

Systems running Fedora 18 can now use Ksplice to patch against the
latest Fedora kernel update, FEDORA-2013-4645.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack on Fedora 18 install
these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* Kernel crash in B.A.T.M.A.N. advanced meshing protocol.

A missing bounds check in B.A.T.M.A.N. packet processing could lead to
out-of-bounds memory accesses. A remote attacker could potentially use
this to crash the kernel if this protocol is in use.


* Kernel crash in SCTP protocol handler.

Due to a bug in the SCTP protocol handler, packets containing duplicate
cookie chunks will lead to inconsistent data structures. A remote
attacker could use this to crash the kernel.


* Use-after-free in virtio net host kernel accelerator.

A user-controlled variable was being used without sanitation. A malicious
guest VM could use this to cause a use-after-free and subsequent kernel
crash.


* Use-after-free in TCP fragmentation handling.

Under certain circumstances, MTU reduction on listening TCP sockets
may lead to prematurely freeing the socket. An attacker could use
this to crash the kernel.


* Locking imbalance in POSIX message queues.

When remounting an mqueue filesystem, an incorrect assumption about
the writability of the filesystem could lead to a locking imbalance
and a subsequent kernel hang.


* Use after free in generic journaling layer (JBD2).

Incorrect reference counting can lead to a use-after-free in the JBD2
subsystem. A malicious user could potentially use the flaw to crash the
kernel.


* Kernel hang when unmounting ext4 filesystems mounted in 'journal' mode.

Under certain circumstances, mounting and unmounting an ext4 filesystem
quickly can lead to a kernel hang. A local user with sufficient
privileges could use this to carry out a denial-of-service attack.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.

More information about the Ksplice-Fedora-18-Updates mailing list