[Ksplice-Fedora-25-updates] New Ksplice updates for Fedora 25 (FEDORA-2017-76e3fe6cfa)

[Oracle Ksplice]

Synopsis: FEDORA-2017-76e3fe6cfa can now be patched using Ksplice

Systems running Fedora 25 can now use Ksplice to patch against the
latest Fedora kernel update, FEDORA-2017-76e3fe6cfa.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running Fedora 25
install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* Memory leak in Mellanox switch packet transmission.

Incorrect reference counting in the Mellanox switch driver when transmitting
packets can cause a kernel memory leak and subsequent kernel panic.


* Denial of service in AX.25 socket disconnection.

A logic error in the AX.25 networking subsystem can trigger a NULL pointer
dereference and kernel panic when closing a connection.


* Memory leak in network packet action API.

Incorrect reference counting when looking up network packet actions can trigger
a memory leak and subsequent kernel panic.


* Deadlock when disabling IPv6 network interface.

Incorrect locking in the IPv6 address auto-configuration when disabling a
network interface can trigger a deadlock and kernel panic.


* Deadlock in UNIX domain socket binding.

Incorrect locking when binding a UNIX domain socket and splicing to a pipe can
trigger a kernel deadlock and denial of service.


* Denial of service in XFS directory handling.

A logic error when mounting an XFS filesystem which has corrupted directory
metadata can trigger an assertion failure and kernel panic.


* Denial of service in XFS file-mode handling.

A logic error when mounting an XFS filesystem which has corrupted file-modes
can trigger an out-of-bounds read and kernel panic.


* Denial of service when creating XFS files.

The kernel XFS filesystem driver does not sanity check file-modes when creating
files and directories which can trigger an assertion failure and kernel panic.


* Denial of service when mounting XFS image with large block-size.

A logic error when validating XFS superblocks can allow an XFS filesystem with
invalid block-sizes to be mounted which can trigger an assertion failure and
kernel panic.


* Memory corruption in XFS buffer readahead.

Under memory pressure a logic error in XFS buffer readahead can cause a
double-free and kernel memory corruption. A local user with privileges to mount
filesystems could use this flaw to escalate privileges.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.