[Ksplice][Fedora-18-updates] New updates available via Ksplice (FEDORA-2013-17942)
Oracle Ksplice
ksplice-support_ww at oracle.com
Fri Oct 4 04:07:57 PDT 2013
Synopsis: FEDORA-2013-17942 can now be patched using Ksplice
CVEs: CVE-2013-4300
Systems running Fedora 18 can now use Ksplice to patch against the
latest Fedora kernel update, FEDORA-2013-17942.
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack on Fedora 18 install
these updates.
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.
Alternatively, you can install these updates by running:
# /usr/sbin/uptrack-upgrade -y
DESCRIPTION
* Use-after-free in Xen grant table callbacks.
Xen allows individual callbacks to be registered multiple times for individual
grant tables leading to a use-after-free condition and kernel panic.
* CVE-2013-4300: Privilege escalation in AF_UNIX credential passing.
The kernel uses the wrong namespace when validating credentials passed via a
AF_UNIX socket allowing users in a namespace to spoof credentials and gain
elevated privileges.
* Denial-of-service in USB configuration parsing.
The generic USB driver does not correctly validate the length of USB configuration
blocks allowing a malicious USB device to cause a kernel panic.
* NULL pointer dereference in PicoLCD device removal.
The PicoLCD HID driver does not validate a pointer when removing a PicoLCD device
leading to a NULL pointer dereference and kernel panic.
* Information leak in procfs filesystem.
A missing privilege check in the procfs filesystem allows users inside a namespace
to remount the procfs filesystem with weak permissions, leaking information about
processes in other namespaces.
* Memory leak in CephFS Object Storage Daemon client.
The Ceph filesystem does not release memory when a read or write operation to an
Object Storage Daemon fails causing a kernel memory leak.
* Off-by-one error causes reduced entropy in kernel PRNG.
An off-by-one error can cause the default kernel pseudorandom number generator
to return duplicate bytes when filling multiple buffers in quick succession.
* Deadlock in CephFS GET_DATALOC ioctl.
The Ceph filesystem does not release mutex if an error is encountered when handling
the GET_DATALOC ioctl leading to a kernel deadlock.
SUPPORT
Ksplice support is available at ksplice-support_ww at oracle.com.
More information about the Ksplice-Fedora-18-Updates
mailing list