[Ksplice-Fedora-23-updates] New updates available via Ksplice (FEDORA-2016-b59fd603be)
Oracle Ksplice
ksplice-support_ww at oracle.com
Wed Jan 27 04:57:52 PST 2016
Synopsis: FEDORA-2016-b59fd603be can now be patched using Ksplice
CVEs: CVE-2016-0728
Systems running Fedora 23 can now use Ksplice to patch against the
latest Fedora kernel update, FEDORA-2016-b59fd603be.
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack on Fedora 23 install
these updates.
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.
Alternatively, you can install these updates by running:
# /usr/sbin/uptrack-upgrade -y
DESCRIPTION
* Use-after-free in IPv6 SCTP accept() calls.
Incorrect cloning of IP options during accept() could result in a kernel
crash. A local, unprivileged user could use this flaw to crash the
system.
* Denial-of-service in timestamping with raw sockets.
Type confusion could result in a kernel crash when attempting to enable
timestamping on a raw socket. A local user with access to raw sockets
could use this flaw to crash the system.
* Denial-of-service in hash table walking.
Incorrect locking in the resizable kernel hash table could result in
memory corruption and a kernel crash, or under specific conditions, may
allow arbitrary code execution.
* CVE-2016-0728: Privilege escalation in session keyrings.
A reference count imbalance with session keyrings could result in a
use-after-free condition. A local, unprivileged user could use this
flaw to crash the system or gain arbitrary code execution in the kernel.
* Use-after-free in Open vSwitch connection tracking.
An integer overflow in the Open vSwitch connection tracking code could
result in a use-after-free under specific conditions. A user with
permissions to perform connection tracking could use this flaw to crash
the system or possibly escalate privileges.
* BTRFS filesystem corruption during trim/discard.
Incorrect limits in BTRFS extent freeing could result in discarding
information in the superblock of device, rendering the filesystem
unmountable.
* Denial-of-service in BTRFS device array reading.
Missing error handling could result in a kernel crash when reading the
system array. A maliciously crafted filesystem image could be used to
crash the system.
* Memory corruption in Nouveau driver during connector hotplug.
Missing locking could result in memory corruption and subsequent
undefined behaviour when hotplugging a connector under specific
conditions.
SUPPORT
Ksplice support is available at ksplice-support_ww at oracle.com.
More information about the Ksplice-Fedora-23-Updates
mailing list