[Ksplice-Fedora-24-updates] New updates available via Ksplice (FEDORA-2016-f9d5f8f03f)
Oracle Ksplice
ksplice-support_ww at oracle.com
Wed Sep 14 03:42:42 PDT 2016
Synopsis: FEDORA-2016-f9d5f8f03f can now be patched using Ksplice
Systems running Fedora 24 can now use Ksplice to patch against the
latest Fedora kernel update, FEDORA-2016-f9d5f8f03f.
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack on Fedora 24 install
these updates.
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.
Alternatively, you can install these updates by running:
# /usr/sbin/uptrack-upgrade -y
DESCRIPTION
* Denial-of-service in SLUB memory freeing.
Incorrect locking could result in deadlock when freeing memory. A local
user could use this flaw to trigger a denial-of-service under specific
conditions.
* Denial-of-service in user-space VFIO driver interrupt setup.
Missing validation of user-supplied data could result in incorrectly
configuring interrupts. A local, privileged user could use this flaw to
crash the system.
* Use-after-free in ACPI PCC channel request error handling.
Incorrect error handling could result in dereferencing an invalid
pointer and crashing the system under specific conditions.
* Memory leak in USB hub disconnection.
A race condition when handling removal of a USB hub could result in
leaking a memory allocation. A local user with physical access to the
system could potentially use this flaw to exhaust memory and trigger a
denial-of-service.
* Denial-of-service in USB endpoint parsing.
Missing validation of the endpoint maximum packet size could result in a
denial-of-service when a user could attach malicious USB devices to the
system.
* NULL pointer dereference in USB XHCI disconnection.
A race condition when disconnecting XHCI devices could result in a NULL
pointer dereference and kernel crash.
* Kernel hang in XHCI PCI device disconnection.
Incorrect handling of device quirks could result in a kernel hang when
removing specific USB devices from the system.
* Memory leak in USB serial port driver registration failure.
Missing resource cleanup on registration failure could result in failure
to return allocated memory. A malicious user with physical access to
the system could use this flaw to cause a denial-of-service.
* Denial-of-service in uprobes memory control group accounting.
Incorrect interaction with the memory control group subsystem could
result in an integer overflow and memory exhaustion. A local,
privileged user could use this flaw to trigger a denial-of-service.
* Denial-of-service in AMD graphics connector detection.
Missing validation could result in an out-of-bounds access and kernel
crash when detecting a connector.
* Kernel crash in LSI MTP Fusion SAS 3.0 WarpDrive resume.
A logic error in the resume path for WarpDrive devices could result in
accessing a stale pointer and kernel crash on resume from suspend.
* Kernel crash in device mapper round-robin path selector.
Incorrect locking could result in accessing an invalid pointer during
preemption under specific conditions.
* NULL pointer dereference in Maxim MAX730X GPIO expanders.
Incorrect ordering of registering a MAX730X device could result in a
NULL pointer dereference and kernel crash when setting the GPIO
direction under specific conditions.
* Information leak in seq_file reading.
A logic error in the seq_file read implementation could result in
leaking information from beyond the end of the buffer. A local,
unprivileged user could use this flaw to gain sensitive kernel
information.
* NULL pointer dereference in DAX persistent memory probing.
Incorrect handling of resource reservations could result in
dereferencing an invalid or NULL pointer and kernel crash.
* Denial-of-service in BTRFS quota group rescan.
Incorrect signal handling whilst waiting for quota group rescan to
complete could result in a NULL pointer dereference and kernel crash.
* Resource leak in BTRFS orphan cleanup.
Incorrect error handling during BTRFS orphan cleanup could result in a
resource leak. A local, privileged user could use this flaw to cause a
denial-of-service.
* Denial-of-service in USB gadget DMA requests.
Missing resource releasing in the USB gadget driver could result in
failure to allocate DMA mappings. A local, privileged user could use
this flaw to cause a denial-of-service under specific conditions.
* Denial-of-service in Moschip USB serial writing.
Incorrect memory allocations could result in deadlock and a kernel crash
when writing to the port.
* Use-after-free in Line6 USB volume controls.
Incorrect reference counting in the Line6 USB volume control could
result in prematurely freeing the USB device and causing a kernel crash.
A local user with privileges to access the device could use this flaw to
crash the system.
* Kernel crash in Line6 USB audio device stream stopping.
Missing locking in the Line6 USB audio device driver whilst stopping a
stream could result in recursive locking and a kernel crash.
* Kernel crash in Line6 USB audio device sysfs attributes.
Incorrect typecasting of pointers could result in a dereference of an
invalid pointer and kernel crash. A local, unprivileged user could use
this flaw to crash the system or leak sensitive kernel data.
SUPPORT
Ksplice support is available at ksplice-support_ww at oracle.com.
More information about the Ksplice-Fedora-24-Updates
mailing list