[Ksplice][Fedora-18-updates] New updates available via Ksplice (FEDORA-2013-1785)

[Sonja Tideman]

Synopsis: FEDORA-2013-1785 can now be patched using Ksplice

Systems running Fedora 18 can now use Ksplice to patch against the
latest Fedora kernel update, FEDORA-2013-1785.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack on Fedora 18 install
these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* Denial-of-service in Extended Verification Module.

A missing NULL pointer check could lead to an NULL pointer dereference
and a kernel oops when removing an extended attribute from a file that
does not implemented extended attributes.  This could allow an
unprivileged user to crash the system.


* User buffer overflow in VFIO.

The VFIO PCI driver could overflow the user buffer with certain read
operations.


* Race condition in USB UHCI during initialization.

A race condition exists in the USB UHCI code that could cause the
interrupt handler to be called before all data structures are setup,
leading to potential invalid memory accesses.


* NULL pointer dereference in ACPI with cpuidle disabled.

The ACPI code does not correctly handle all cases where cpuidle is
disabled, leading to a kernel NULL pointer dereference.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.