[Ksplice][Fedora-18-updates] New updates available via Ksplice (FEDORA-2013-5617)

Samson Yeung samson.yeung at oracle.com
Thu Apr 18 00:32:38 PDT 2013 

Synopsis: FEDORA-2013-5617 can now be patched using Ksplice

Systems running Fedora 18 can now use Ksplice to patch against the
latest Fedora kernel update, FEDORA-2013-5617.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack on Fedora 18 install
these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* Leak in Reiser filesystem inode allocation.

The Reiser filesystem does not correctly handle deleting extended attributes
of files which contain '.' or '..' leading to inodes to be leaked on the
underlying device.


* Kernel panic in Nouveau graphics driver.

The Nouveau graphics driver does not correctly handle IOCTLs which contain
zero channels leading to dereferencing an invalid pointer and kernel panic.


* NULL pointer dereference in DRM graphics framework.

A NULL pointer dereference and kernel panic can be triggered when failing to
open DRM procfs files.


* Race condition in virtual memory subsystem.

It is possible to trigger a race condition between two processes with a
shared memory space that triggers a kernel panic (BUG_ON).


* Buffer overflow in Marvell wireless driver.

A buffer overflow can be triggered in the Marvell WiFi-Ex driver by a 
large number
of channels when scanning wireless networks.


* Use-after-free when cloning SunRPC client.

A reference counting error in the SunRPC client can cause a use-after-free
condition and kernel panic when cloning an existing client.


* Memory leak in multi-homed NFSv4 client.

A kernel memory leak can be triggered in the NFSv4 client when communicating
with a multi-homed NFSv4 server.


* Use-after-free in multi-homed NFSv4 client.

A use-after-free condition and kernel panic can be triggered in the 
NFSv4 client
when communicating with a multi-homed NFSv4 server.


* Invalid free in CAN networking.

The Controller Area Networking subsystem incorrectly frees scheduled jobs
leading to a kernel panic.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.

More information about the Ksplice-Fedora-18-Updates mailing list