[Ksplice-Fedora-24-updates] New Ksplice updates for Fedora 24 (FEDORA-2016-2b1f91e9bd)

[Oracle Ksplice]

Synopsis: FEDORA-2016-2b1f91e9bd can now be patched using Ksplice
CVEs: CVE-2016-9588

Systems running Fedora 24 can now use Ksplice to patch against the
latest Fedora kernel update, FEDORA-2016-2b1f91e9bd.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running Fedora 24
install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* Denial-of-service due to bad BUG() call in SCSI fiber channel driver.

An unsolicited message across an SCSI fiber channel could trigger
incorrect error checking logic in the driver, causing a kernel oops and
denial-of-service.


* Memory corruption in non-volatile memory driver.

Incorrectly computing the size of an output buffer in the non-volatile
memory subsystem could cause kernel memory corruption, causing a
denial-of-service or potentially allowing an attacker access to kernel
memory.


* Specifying incompatible cryptographic algorithm causes kernel crash.

If mcryptd is provided a cryptographic algorithm it is not compatible
with, the kernel will panic, causing a denial-of-service.


* Denial-of-service in PEAK USB/CAN adapter driver.

A use-after-free of memory in the PEAK USB-to-CAN driver could cause a
kernel oops and denial-of-service.


* Invalid memory access when failing allocation in BATMAN driver.

Failing to check whether memory allocation succeeded in the BATMAN
network driver could cause already-allocated memory to be returned,
potentially exposing kernel memory.


* Missing privilege check in zram device initialization.

Incorrect privilege logic could allow a non-root user to create
uninitialized zram devices on the system. This could potentially
allow privileged memory access or a denial-of-service.


* Three-way race condition in rtmutex causes lock corruption.

A race condition between three concurrent threads could cause corruption
of the associated rtmutex, causing the mutex to potentially be granted
to the wrong waiter. This would likely lead to a kernel panic and
denial-of-service.


* CVE-2016-9588: Denial-of-service in Intel nested VMX exception handling.

Failure to handle exceptions thrown by an L2 guest could result in
kernel crash.  A malicious guest could use this flaw to crash the
virtualization host.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.