[Ksplice-Fedora-23-updates] New updates available via Ksplice ( FEDORA-2016-45a6ce26d4)

[Oracle Ksplice]

Synopsis:  FEDORA-2016-45a6ce26d4 can now be patched using Ksplice
CVEs: CVE-2016-5195

Systems running Fedora 23 can now use Ksplice to patch against the
latest Fedora kernel update,  FEDORA-2016-45a6ce26d4.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack on Fedora 23 install
these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* Race condition in USB core could cause incorrect data transfer.

A race condition when bulk transferring data to a USB device is
improperly synchronized, potentially allowing access to protected
memory.


* Deadlock in Integrity Management Architecture attribute update.

When updating an attribute on an object in the underlying overlayfs,
the Integrity Management Architecture system accesses the object's
directory entry improperly, potentially deadlocking on the associated
inode and causing a denial of service.


* Data race in Trusted Platform Module 2.0 when unsealing trusted key.

A logic error in the TPM2 code could allow a data race, potentially
breaking or disrupting the chain of trust.


* Missing cancel in Trusted Platform Module 2.0 request callback.

Missing logic to correctly cancel a TPM2 request could cause incorrect
protocol behavior and a break in the chain of trust.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.