[Ksplice-Fedora-22-updates] New updates available via Ksplice (FEDORA-2016-0a8edd5b43)

Oracle Ksplice ksplice-support_ww at oracle.com
Thu Jun 9 14:58:58 PDT 2016 

Synopsis: FEDORA-2016-0a8edd5b43 can now be patched using Ksplice

Systems running Fedora 22 can now use Ksplice to patch against the
latest Fedora kernel update, FEDORA-2016-0a8edd5b43.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack on Fedora 22 install
these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* Filesystem corruption in EXT4 extent moving.

A missing update of the buffer head could result in filesystem
corruption when moving extent data.


* Privilege escalation when opening performance events.

A race condition between perf_event_open and execve can allow an
unprivileged user to trace a privileged process, potentially allowing an
unprivileged user to escalate privileges.


* Privilege escalation when probing Keyspan USB Serial devices.

A logic error when failing to probe a Keyspan USB Serial device can
trigger a use-after-free and possible privilege escalation.


* Privilege escalation when probing Quatech USB Serial devices.

A logic error when failing to probe a Quatech USB Serial device can
trigger a use-after-free and possible privilege escalation.


* Kernel panic when detaching Thunderbolt devices.

A logic error in the Thunderbolt kernel driver can trigger a double-free
and kernel panic when a Thunderbolt device is detaching while being
probed.


* Kernel panic when setting baud-rate on generic PCI serial devices.

Setting the baud-rate of a generic PCI serial device can trigger a
divide-by-zero error and subsequent kernel panic. A local user could
use this flaw to trigger a denial of service.


* Kernel panic when sending SCSI commands to a InfiniBand devices.

A logic error can trigger an assertion failure when sending SCSI
commands to an InfiniBand RDMA device with debugging enabled.


* Use after free in Bluetooth VHCI device opening.

The kernel Bluetooth driver does not correctly handle opening VHCI
devices, used for emulating HCI devices, which can trigger a use after
free and kernel panic.


* Memory leak in Bluetooth VHCI device opening.

The kernel Bluetooth driver does not handle closing a VHCI device before
packets are delivered to userspace which leads to a kernel memory leak
and subsequent denial of service.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.

More information about the Ksplice-Fedora-22-Updates mailing list