[Ksplice-Fedora-23-updates] New updates available via Ksplice (FEDORA-2016-c1faf6005c)
Oracle Ksplice
ksplice-support_ww at oracle.com
Fri Jun 10 02:02:05 PDT 2016
Synopsis: FEDORA-2016-c1faf6005c can now be patched using Ksplice
CVEs: CVE-2016-4951
Systems running Fedora 23 can now use Ksplice to patch against the
latest Fedora kernel update, FEDORA-2016-c1faf6005c.
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack on Fedora 23 install
these updates.
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.
Alternatively, you can install these updates by running:
# /usr/sbin/uptrack-upgrade -y
DESCRIPTION
* Use after free in Bluetooth VHCI device opening.
The kernel Bluetooth driver does not correctly handle opening VHCI
devices, used for emulating HCI devices, which can trigger a use after
free and kernel panic.
* Memory leak in Bluetooth VHCI device opening.
The kernel Bluetooth driver does not handle closing a VHCI device before
packets are delivered to userspace which leads to a kernel memory leak
and subsequent denial of service.
* Privilege escalation when probing Keyspan USB Serial devices.
A logic error when failing to probe a Keyspan USB Serial device can
trigger a use-after-free and possible privilege escalation.
* Privilege escalation when probing Quatech USB Serial devices.
A logic error when failing to probe a Quatech USB Serial device can
trigger a use-after-free and possible privilege escalation.
* Kernel panic when setting baud-rate on generic PCI serial devices.
Setting the baud-rate of a generic PCI serial device can trigger a
divide-by-zero error and subsequent kernel panic. A local user could
use this flaw to trigger a denial of service.
* Kernel panic when sending SCSI commands to a InfiniBand devices.
A logic error can trigger an assertion failure when sending SCSI
commands to an InfiniBand RDMA device with debugging enabled.
* Kernel panic when detaching Thunderbolt devices.
A logic error in the Thunderbolt kernel driver can trigger a double-free
and kernel panic when a Thunderbolt device is detaching while being
probed.
* CVE-2016-4951: NULL pointer dereference in TIPC nested attribute parsing.
A missing NULL pointer check could result in a NULL pointer dereference
when parsing nested attributes for a published socket.
* Privilege escalation when opening performance events.
A race condition between perf_event_open and execve can allow an
unprivileged user to trace a privileged process, potentially allowing an
unprivileged user to escalate privileges.
* Kernel panic in STMicroelectronics NFC I2C driver.
The kernel NFC I2C driver for STMicroelectronics devices incorrectly
handles memory on failing to probe a device which can trigger a kernel
panic.
SUPPORT
Ksplice support is available at ksplice-support_ww at oracle.com.
More information about the Ksplice-Fedora-23-Updates
mailing list