[Ksplice][Ubuntu 10.04 Updates] New updates available via Ksplice (2.6.32-36.79)
Jessica McKellar
jessica.mckellar at oracle.com
Fri Dec 2 13:42:29 PST 2011
Synopsis: 2.6.32-36.79 can now be patched using Ksplice
CVEs: CVE-2011-2491 CVE-2011-2496 CVE-2011-2517 CVE-2011-2525
Systems running Ubuntu 10.04 Lucid can now use Ksplice to patch
against the latest Ubuntu kernel, 2.6.32-36.79.
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack on Ubuntu 10.04 Lucid
install these updates. You can install these updates by running:
# /usr/sbin/uptrack-upgrade -y
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any additional action.
DESCRIPTION
* CVE-2011-2525: Denial of Service in packet scheduler API.
A flaw allowed the tc_fill_qdisc() function in the Linux kernel's
packet scheduler API implementation to be called on built-in qdisc
structures. A local, unprivileged user could use this flaw to trigger
a NULL pointer dereference, resulting in a denial of service.
* CVE-2011-2517: Buffer overflow in the nl80211 driver.
An incorrect SSID length check in the trigger_scan operation of the
nl80211 driver allowed a buffer overflow when copying long SSIDs.
* Improved fix to CVE-2011-2496: Denial of Service in mremap.
Ubuntu's original patch for CVE-2011-2496 did not include related
boundary checks in the code for automatic stack expansion.
* CVE-2011-2491: Local denial of service in NLM subsystem.
A flaw in the client-side NLM implementation could allow a local,
unprivileged user to cause a denial of service.
SUPPORT
Ksplice support is available at support at ksplice.com or +1 765-577-5423.
More information about the Ksplice-Ubuntu-10.04-Updates
mailing list