[Ksplice-Fedora-20-updates] New updates available via Ksplice (FEDORA-2014-3655)
Oracle Ksplice
ksplice-support_ww at oracle.com
Wed Mar 12 06:59:53 PDT 2014
Synopsis: FEDORA-2014-3655 can now be patched using Ksplice
Systems running Fedora 20 can now use Ksplice to patch against the
latest Fedora kernel update, FEDORA-2014-3655.
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack on Fedora 20 install
these updates.
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.
Alternatively, you can install these updates by running:
# /usr/sbin/uptrack-upgrade -y
DESCRIPTION
* Deadlock in ext4 filesystem in swap_inode_boot_loader() error path.
Incorrect locking in the error path of swap_inode_boot_loader() leaves a
mutex unlocked leading to a deadlock. A local, privileged user could use
this flaw to cause a denial-of-service.
* Data corruption in ext4 when resizing with non-standard blocks-per-group number.
A flaw in the ext4 resizing code could lead to data corruptions when the
number of blocks per group is not 8.
* Denial-of-service in ext4 when resizing with large inode tables.
A flaw in the ext4 code when resizing a filesystem with large number of
inodes per block group could lead to a kernel BUG. A local, privileged user
could use this flaw to cause a denial-of-service.
* Use-after-free in JDB2 transaction code.
A flaw in the JBD2 code could lead to a use-after-free and kernel crash. A
local, privileged user could use this flaw to cause a denial-of-service.
* Deadlock in the tg3 ethernet driver when changing the MTU.
Incorrect locking in the tg3 ethernet driver could lead to a deadlock when
changing the MTU. A local, privileged user could use this flaw to cause a
denial-of-service.
* Deadlock in vhost net driver when releasing resources.
A time of check time of use race condition in the vhost reference counting
could lead to a deadlock and potentially to a denial-of-service.
* Denial-of-service in net core when allocating sk_buff under memory pressure.
A flaw in the net core subsystem when allocating a sk_buff under memory
pressure could lead to trigger OOM and potentially result in a
denial-of-service.
* Memory leaks in batman-adv driver in various conditions.
Incorrect reference counting in the batman-adv driver in various places
could lead to memory leaks. A local, privileged user could use this flaw to
exhaust the memory on the system and cause a denial-of-service.
* Out of bounds memory read in the routing code of batman-adv driver.
A logic error in the batman-adv driver could lead to a out of bounds memory
read, potentially resulting in a kernel crash. A local, privileged user
could use this flaw to cause a denial-of-service.
* Double-free in batman-adv driver on initialization failure.
A logic error in the batman-adv driver could lead to a double-free and
potentially a kernel crash. A local, privileged user could use this flaw to
cause a denial-of-service or potentially escalate privileges.
* Denial-of-service in batman-adv driver on unicast transmission.
A flaw in the batman-adv driver code could lead to dereference a dangling
pointer on unicast transmissions. A local, unprivileged user could use this
flaw to cause a denial-of-service.
* Denial-of-service in cgroup subsystem when creating cgroup files.
A time of check time of use race condition could lead to a kernel crash in
the cgroup subsystem. A local, unprivileged user could use this flaw to
cause a denial-of-service.
* Denial-of-service in cgroup subsystem when adding a cgroup to a task.
Incorrect locking in the cgroup subsystem could lead to list corruptions
and kernel crash under specific conditions. A local, unprivileged user
could use this flaw to cause a denial-of-service.
* Deadlock in PCI DMA subsystem when allocating a DMA buffer.
A logic error in the PCI DMA architecture dependent code could lead to a
deadlock.
* Memory leak in ACPI PCI when enabling IRQ.
A flaw in the ACPI PCI IRQ driver could lead to leak memory. A local,
privileged user could use this flaw to exhaust the memory on the system and
cause a denial-of-service.
* Use-after-free in i7 EDAC driver when iterating PCI devices.
Due to incorrect reference counting in the i7 EDAC driver, a use-after-free
could result in a kernel crash and denial-of-service.
* Use-after-free in workqueue subsystem when destroying a worker.
Incorrect reference counting in the workqueue subsystem could lead to a
use-after-free and kernel crash.
* Use-after-free in Intel MEI driver on send flow control failure.
A flaw in the MEI driver could lead to a use-after-free and kernel crash. A
local privileged user could use this flaw to cause a denial-of-service.
* Denial-of-service in perf subsystem when hotplugging CPU.
Incorrect locking in the perf subsystem could lead to use-after-free and
kernel crash when hotplugging a CPU. A local, privileged user could use
this flaw to cause a denial-of-service.
* Deadlock in Arizona haptics input driver.
A flaw in the Arizona haptics input driver leads to a double mutex_lock()
resulting in a deadlock and denial-of-service.
* Denial-of-service in QLogic driver on selective retransmission request.
A missing check in the QLogic driver code results in NULL pointer
dereference and kernel crash. A remote user could use this flaw to cause a
denial-of-service.
* Deadlock in firmware class driver on suspend path.
A flaw in the firmware class driver results in a deadlock and kernel
hang. A local, privileged user could use this flaw to cause a
denial-of-service.
* Use-after-free in STE DMA driver tasklet.
A flaw in the STE DMA driver results in a use-after-free and potentially to
a kernel crash.
* Denial-of-service in Radeon DRM driver when opening mode setting interface.
A flaw in the Radeon DRM driver could lead to a kernel crash on opening the
kernel mode setting interface. A local, privileged user could use this flaw
to cause a denial-of-service.
* Denial-of-service in transparent huge page subsystem under memory pressure.
A flaw in the memory and transparent huge page subsystems could lead to a
kernel hang when handling a page fault under memory pressure. A local,
unprivileged user could use this flaw to cause a denial-of-service.
SUPPORT
Ksplice support is available at ksplice-support_ww at oracle.com.
More information about the Ksplice-Fedora-20-Updates
mailing list