[Ksplice-Fedora-28-updates] New Ksplice updates for Fedora 28 (FEDORA-2019-20a89ca9af)

Oracle Ksplice ksplice-support_ww at oracle.com
Fri Mar 1 08:15:53 PST 2019 

Synopsis: FEDORA-2019-20a89ca9af can now be patched using Ksplice

Systems running Fedora 28 can now use Ksplice to patch against the
latest Fedora kernel update, FEDORA-2019-20a89ca9af.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running Fedora 28
install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* Deadlock when COW-ing block on btrfs.

When performing a copy-on-write operation on a btrfs filesystem mount,
the filesystem might recursively lock unintended inodes, resulting in a
lock order reversal and denial-of-service.


* Out-of-bounds access when locking/unlocking file over CIFS/SMB2.

When modifying lock structures on a CIFS/SMB2 remote mount, an
abnormally small max buffer size provided by the server could result in
an access out-of-bounds, potentially resulting in a denial-of-service.


* Deadlock between ext4 and cgroups when reclaiming memory.

When reclaiming memory for cgroups, ext4 writeback might attempt to
access the same page, resulting in a potential lock order reversal and
system deadlock.


* Integer overflow when unmapping VFIO IOMMU DMA mapping.

When unmapping memory for DMA to VFIO IOMMU type 1 device, an off-by-one
error could potentially result in an integer overflow, resulting in
undefined behavior on the system.


* Deadlock when using fiemap ioctl on ext4 file with inline data.

When calling the fiemap() ioctl on an ext4 file with inline data, a
potential deadlock can occur if the call happens to generate a page
fault, resulting in a denial-of-service.


* Deadlock in btrfs when enabling quotas and creating snapshot.

A race condition in btrfs between enabling quotas and creating a
snapshot could result in a lock order reversal and denial-of-service.


* Deadlock in btrfs when initializing extended security attributes.

When allocating memory for extended security attributes on a btrfs
file, an invalid scheduling context was used, potentially resulting in a
deadlock and denial-of-service.


* Denial-of-service due to error ordering in usercopy.

Incorrect ordering of error cases could result in a kernel assertion
failure and denial-of-service when attempting to copy stack memory with
usercopy, when such attempts should simply fail with an error instead.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.

More information about the Ksplice-Fedora-28-Updates mailing list