[Ksplice-Fedora-25-updates] New Ksplice updates for Fedora 25 (FEDORA-2017-1af3d2e1b9)

[Oracle Ksplice]

Synopsis: FEDORA-2017-1af3d2e1b9 can now be patched using Ksplice

Systems running Fedora 25 can now use Ksplice to patch against the
latest Fedora kernel update, FEDORA-2017-1af3d2e1b9.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running Fedora 25
install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* Deadlock when expanding EXT4 inline data.

Incorrect locking between expanding EXT4 inline data and writing to inline data
can trigger a deadlock and kernel panic.


* Deadlock when setting ALSA timer with small tickrate.

The ALSA subsystem does not define a lower-bound for tickrates which can allow
a local user to cause deadlocks by setting a small tickrate for timers.


* Kernel panic in Realtek wireless header parsing.

The Realtek wireless driver does not correctly handle truncated wireless frames
which can trigger a NULL pointer dereference and kernel panic.


* Memory corruption when performing IO on anonymous memory mappings.

A logic error when performing IO on anonymous memory mappings can trigger
memory corruption and a kernel panic.


* Denial of service in loop device SET_STATUS ioctl.

The kernel loopback driver does not drain pending work before changing status
which can later trigger kernel panics.


* Memory corruption when handling EXT4 small group sizes.

A logic error when handling EXT4 filesystems with small group sizes can trigger
an out-of-bounds read and potentially corrupt kernel memory.


* Memory leak in EXT4 inline data writeback.

The EXT4 filesystem driver does not handle errors when writing inline to disk
which can trigger reference counting errors and a kernel memory leak.


* Use after free in EXT4 encryption lookup.

A malformed EXT4 filesystem which has inconsistent encryption contexts across
directories can trigger a use-after-free condition and trigger a kernel panic.


* Memory leak when synchronously closing FUSE files.

Incorrect reference counting when synchronously closing files on FUSE
filesystems can trigger a kernel memory leak and subsequent kernel panic.


* Kernel panic in USB CAN memory transfers.

The USB CAN driver incorrectly DMAs memory which can trigger memory corruption
and a kernel panic.


* Memory leak when attaching one-wire slave devices.

A logic error when an error is encountered attaching one-wire devices can
trigger a kernel memory leak and subsequent kernel panic.


* Memory leak when disabling USB HID gadget devices.

Incorrect memory management when disabling a USB gadget device with HID
functions can trigger a kernel memory leak and subsequent kernel panic.


* Denial of service when parsing RDMA iWARP parameters.

The kernel RDMA connection manager does not fully validate iWARP parameters
from userspace which can allow a local user to trigger a NULL pointer
dereference and kernel panic.


* Use-after-free in GFS2 lock management.

A race condition when manipulating locks in the GFS2 filesystem can trigger a
use-after-free condition and kernel panic.


* Denial of service when truncating files on NFS exports.

The kernel NFS server does not correctly handle updating ownership metadata and
filesizes which trigger assertion failures when some filesystems are exported
via NFS.


* Memory leak when opening files via NFSv4 client.

The kernel NFSv4 client does not track memory correctly when opening files on a
remote NFS server which can lead to a memory leak and subsequent kernel panic.


* Use after free in F2FS when merging file extents.

The F2FS filesystem does not correctly handle freed memory when merging file
extents which can lead to a use-after-free condition and kernel panic.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.