[Ksplice-Fedora-25-updates] New Ksplice updates for Fedora 25 (FEDORA-2017-4b4c022807)
Oracle Ksplice
ksplice-support_ww at oracle.com
Fri Sep 8 03:50:44 PDT 2017
Synopsis: FEDORA-2017-4b4c022807 can now be patched using Ksplice
CVEs: CVE-2017-7558
Systems running Fedora 25 can now use Ksplice to patch against the
latest Fedora kernel update, FEDORA-2017-4b4c022807.
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack running Fedora 25
install these updates.
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.
Alternatively, you can install these updates by running:
# /usr/sbin/uptrack-upgrade -y
DESCRIPTION
* Use-after-free in audit watch removal.
Incorrect use of reference counting in the audit framework can result in
a use-after-free. A local user with the ability to use the audit
framework could use this flaw to escalate privileges.
* Use-after-free in ALSA sequencer queue creation.
A race condition when creating a queue for use in the ALSA sequencer can
result in a use-after-free. A local user with access to ALSA could use
this flaw to escalate privileges.
* Use-after-free in get_mempolicy due to incorrect reference counting.
A reference count error in the get_mempolicy ioctl implementation can
result in a use-after-free. A local user could use this flaw to
escalate privileges.
* CVE-2017-7558: Information disclosure in SCTP diagnostic reporting.
Incorrect sanitisation of information in the SCTP diagnostic information
reporting can result in uninitialised memory being provided to
userspace. A local user could use this flaw to facilitate a further
attack on the kernel.
* Denial-of-service in Memory CGroup destruction.
A logic error when freeing memory allocated by the Memory cgroup
controller can result in a memory leak. A local user with the ability to
create and destroy memory cgroups could use this flaw to exhaust kernel
memory, resulting in a denial of service.
* ASLR bypass due to insufficient permissions checks in move_pages.
A failure to correctly check permissions when using the move_pages
system call can allow an attacker to map out the address space of a
process which shares the same uid. A local user could use this flaw to
facilitate a further attack.
* Denial-of-service in module warnings due to incorrect memory permissions.
A configuration error in the module build process results in modules
causing a kernel crash when attempting to assert a WARN_ONCE statement.
A local user with the ability to trigger a WARN_ONCE in a kernel module
could use this flaw to cause a denial-of-service.
* Out-of-bounds access when using AVX2 instructions for SHA1.
An error when using AVX2 instruction on X86 with SHA1 could lead to an
out of bound access. A local attacker could use this flaw to cause a
denial-of-service.
* SMAP bypass in NMI handler.
A failure to clear a flag in the non-maskable interrupt handler can
result in Supervisor Mode Access Prevention being disabled.
SUPPORT
Ksplice support is available at ksplice-support_ww at oracle.com.
More information about the Ksplice-Fedora-25-Updates
mailing list