[Ksplice-Fedora-25-updates] New Ksplice updates for Fedora 25 (FEDORA-2017-26c9ecd7a4)
Oracle Ksplice
ksplice-support_ww at oracle.com
Tue Apr 25 09:08:13 PDT 2017
Synopsis: FEDORA-2017-26c9ecd7a4 can now be patched using Ksplice
CVEs: CVE-2017-7294 CVE-2017-7308 CVE-2017-7616
Systems running Fedora 25 can now use Ksplice to patch against the
latest Fedora kernel update, FEDORA-2017-26c9ecd7a4.
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack running Fedora 25
install these updates.
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.
Alternatively, you can install these updates by running:
# /usr/sbin/uptrack-upgrade -y
DESCRIPTION
* Malicious code injection in VMWare virtual GPU fence object.
Fence objects in the VMWare virtual GPU system were not properly
type-checked from userspace, potentially allowing a user to inject
malicious code.
* Information leak in VMWare virtual GPU capability sysctl.
A missing size check in the VMWare virtual GPU vmw_get_cap_3d_ioctl()
call could potentially expose kernel memory to userspace.
* CVE-2017-7294: Denial-of-service when defining surface using vmwgfx driver.
A missing parameter check when using VMW_CREATE_SURFACE ioctl of vmwgfx
driver could lead to an integer overflow. A local attacker could use
this flaw to cause a denial-of-service.
* Denial-of-service/information leak due to error condition in sysfs ops->show().
Incorrectly sanitizing error output from sysfs ops->show() could cause the
next sysfs read or write to run out of bounds, potentially exposing
kernel memory or causing a denial-of-service.
* Denial-of-service in 80211 wireless resume callback.
A use-after-free in the generic 80211 wireless resume callback when
resuming an idle device could cause a kernel BUG and a
denial-of-service.
* Denial-of-service due to race condition in ptrace state.
A race condition in the ptrace signal handling can cause memory
corruption in the kernel, causing a kernel panic and denial-of-service.
* Denial-of-service due to race condition in DAX filesystem radix tree.
A race condition in the Direct-Access Filesystem radix tree could cause
memory corruption, causing a kernel panic and denial-of-service.
* Denial-of-service in Broadcom 802.11 virtual interface.
A use-after-free in the Broadcom 802.11 driver causes an invalid memory
access, potentially causing a kernel panic and denial-of-service.
* Denial-of-service caused by RAID1 device with missing metadata.
Invalid logic allowed device-mapper to create a RAID1 device with no
metadata devices. This could cause a kernel panic and denial-of-service.
* CVE-2017-7616: Information leak when setting memory policy.
A missing check when setting memory policy through set_mempolicy()
syscall could lead to a stack data leak. A local attacker could use this
flaw to leak information about running kernel and facilitate an attack.
* CVE-2017-7308: Memory corruption in AF_PACKET socket options.
Multiple integer overflows in the AF_PACKET setsockopt implementation can
trigger kernel memory corruption. A local user could use this flaw to elevate
privileges.
SUPPORT
Ksplice support is available at ksplice-support_ww at oracle.com.
More information about the Ksplice-Fedora-25-Updates
mailing list