[Ksplice][Fedora-18-updates] New updates available via Ksplice (FEDORA-2013-12987)
Phil Turnbull
phil.turnbull at oracle.com
Mon Jul 22 09:27:46 PDT 2013
Synopsis: FEDORA-2013-12987 can now be patched using Ksplice
Systems running Fedora 18 can now use Ksplice to patch against the
latest Fedora kernel update, FEDORA-2013-12987.
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack on Fedora 18 install
these updates.
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.
Alternatively, you can install these updates by running:
# /usr/sbin/uptrack-upgrade -y
DESCRIPTION
* Deadlock in CephFS extended attributes.
Invalid locking in the Ceph filesystem when reading extended attributes can cause
a deadlock and kernel panic.
* Format string vulnerability in power charger manager.
A lack of sanitisation of a parameter when notifying udev about power charger
events can trigger a format string vulnerability and cause a kernel panic.
* Integer overflow in HP filesystem mounting.
An integer overflow and kernel panic can be triggered by attempting to mount a
malformed HP filesystem.
* Format string vulnerability in crypto subsystem.
A lack of sanitisation of a parameter when looking up crypto algorithms in the
kernel can trigger a format string vulnerability and cause a kernel panic
* Use-after-free in cgroup memory control groups.
Invalid reference counting in the cgroup memory control groups can cause a use-
after-free condition and kernel panic.
* Data corruption in ext4 filesystem on 32-bit systems.
A number of integer overflows when handling 64-bit integers in the ext4 filesystem
on 32-bit systems can cause data corruption and/or loss.
SUPPORT
Ksplice support is available at ksplice-support_ww at oracle.com.
More information about the Ksplice-Fedora-18-Updates
mailing list