[Ksplice-Fedora-24-updates] New updates available via Ksplice ( FEDORA-2016-b762b15e29)

Mon Oct 17 13:48:18 PDT 2016

Synopsis:  FEDORA-2016-b762b15e29 can now be patched using Ksplice

Systems running Fedora 24 can now use Ksplice to patch against the
latest Fedora kernel update,  FEDORA-2016-b762b15e29.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack on Fedora 24 install
these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y

DESCRIPTION

* Page fault in Intel WiFi driver when transmitting packets.

The Intel Next-Gen AGN WiFi driver can incorrectly read over a page
boundary in its command buffer when sending a packet and cause a denial
of service.

* Memory leak in Intel WiFi driver session.

A memory leak in the Intel Next Gen AGN WiFi driver could cause an
eventual kernel panic and denial of service.

* Double free in Intel X722 iWARP driver.

A missing free in the error case when creating a queue pair
would leak the allocated memory, eventually causing a kernel panic.

* Use-after-free in Intel X722 iWARP driver.

Several structures in the Intel X722 iWARP driver are
incorrectly zeroed after being freed, potentially causing out-of-bound
writes and a kernel panic.

* Null pointer dereference in Intel X722 iWARP driver.

A missing null check in the Intel X722 iWARP driver could cause a kernel
panic and denial of service when forming connections.

* Use-after-free caused by incorrect reference counting in BATMAN.

Incorrect reference counting could cause a bonding candidate struct
to be prematurely freed, potentially causing memory corruption, a
kernel panic, and a denial of service.

* Potential denial of service in Sun RPC RDMA fast memory regions.

Unmapping fast RDMA regions over InfiniBand fails to remove the unmapped
regions from the global list, potentially causing memory corruption
leading to a kernel panic and denial of service.

* Memory leaks in Broadcom IEEE802.11 driver could cause denial of service.

Missing calls to free memory in uncommon error cases could cause poor
performance and eventually a kernel panic and denial of service.

* Memory leak in InfiniBand core causes denial of service.

Missing cleanup calls in error paths while resolving InfiniBand routes
could leak memory, causing performance issues and potentially a kernel
panic and denial of service.

* Memory corruption in IPoIB connection code causes denial of service.

A dangling pointer when connecting IP over InfiniBand could cause
memory corruption, leading to a kernel panic and denial of service.

* Use-after-free in InfiniBand group membership message.

A race condition when an InfiniBand device sends a specific multicast
message can trigger kernel memory corruption and a kernel panic.

* Incorrectly detecting serial attached SCSI device causes denial of service.

Incorrectly checking whether a SCSI device used SAS caused an assertion
to trigger, potentially causing a denial of service.

* NULL pointer dereference when probing Lego Mindstorms infrared device.

A race condition when probing Lego Mindstorms infrared device can trigger
a NULL pointer dereference and cause a local denial of service.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.