[Ksplice-Fedora-24-updates] New Ksplice updates for Fedora 24 (FEDORA-2017-392b319bb5)

Wed Feb 8 14:47:07 PST 2017

Synopsis: FEDORA-2017-392b319bb5 can now be patched using Ksplice
CVEs: CVE-2016-8405 CVE-2017-2596

Systems running Fedora 24 can now use Ksplice to patch against the
latest Fedora kernel update, FEDORA-2017-392b319bb5.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running Fedora 24
install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y

DESCRIPTION

* CVE-2016-8405: Information leak via frame buffer color map.

An out-of-bounds read when copying frame buffer color maps to userspace
could potentially expose kernel memory to an unprivileged userspace
application.

* Denial-of-service caused by infinite loop when COW-ing huge pages.

A missing flag check could cause an infinite loop if a read-only memory
region with page size huge was written to via copy-on-write, causing a
denial-of-service.

* Use-after-free in memory-policy causes kernel memory corruption.

A race condition when allocating memory pages could cause a memory
policy structure to be accessed while being freed, potentially causing
memory corruption and a denial-of-service.

* Runaway memory allocation in xfs quotacheck causes denial-of-service.

When mounting an xfs volume, quotacheck could cause runaway allocation
of memory in the inode LRU, eventually depleting available system memory
and causing a denial-of-service.

* Null pointer dereference in Controller Area Network driver.

Probing an attached Controller Area Network driver could cause an unset
function pointer to be called, potentially causing an invalid memory
access and denial-of-service.

* Deadlock in NFSv4.1 failed layout call.

A failed layout call across NFSv4.1 could result in a deadlock of the
client, and a potential denial-of-service of filesystem data.

* Missing mode after NFSv4 SETATTR creates file with default permissions.

When creating a file over NFSv4 with O_EXCL, the file permissions bits
might not be sent, resulting in a file created with the server's default
permissions.

* Denial-of-service in Infiniband-over-Ethernet queue pair cleanup.

Missing cleanup code of an Infiniband-over-Ethernet queue pair could
cause a later cleanup reaper to operate on freed memory, potentially
causing a denial-of-service.

* CVE-2017-2596: Memory leak in KVM VMXON emulated instruction.

When processing a VMXON instruction for a guest machine, the reference
count of the emulated VMXON memory region could be over-incremented,
resulting in a leak of the region and eventual denial-of-service

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.