[Ksplice][Ubuntu-12.04-Updates] New updates available via Ksplice (3.2.0-30.48)
jamie.iles at oracle.com
jamie.iles at oracle.com
Thu Sep 6 05:45:46 PDT 2012
Synopsis: 3.2.0-30.48 can now be patched using Ksplice
Systems running Ubuntu 12.04 Precise can now use Ksplice to patch
against the latest Ubuntu kernel update, 3.2.0-30.48.
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack on Ubuntu 12.04 Precise
install these updates.
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.
Alternatively, you can install these updates by running:
# /usr/sbin/uptrack-upgrade -y
DESCRIPTION
* NULL pointer dereference in scsi subsystem on host reset.
In some circumstances, a missing null pointer check can cause a system
crash when a host reset happens.
* Denial-of-service in cifs.
When CONFIG_HIGHMEM is set, some writeback kthreads can deadlock trying
to kmap memory. This fixes this by serializing the marshall_iov
operations for asynchronous reads and writes.
* Information leak via incomplete copies in USB.
Copies of non-contiguous isochronous buffers in the USB subsystem may
leak kernel memory to a potential attacker.
* Various problems in target core unmap command.
The target core did not do sufficient checking when the unmap command was
issued to it. As a result, an attacker could unmap things they should
not be allowed to, potentially causing a denial of service on the
server.
* Use-after-free in SCSI request handling.
A use-after-free may occur if a SCSI request has no more references,
but is still rescheduled for completion.
* Data loss in ext4 filesystems.
An integer underflow in metadata block management could result in
allocation failure and data loss.
* Out-of-bound values allowed by fcntl_setlease.
A missing bounds check in fcntl_setlease may allow out-of-bounds values
due to an incorrect cast from a long to an integer.
* Fix ACPI oops when it is unable to initialize a power supply.
When the ACPI driver failed to initialize a power supply, the
failure wasn't getting returned causing the driver to mistakingly
believe the device was initialized. This could lead to a kernel
oops.
* Memory leak in radeon driver.
Incorrect handling of retry cases could result in a memory
leak and denial of service.
* Fix invalid access to kexec_load() syscall.
Invalid checking of capabilities of a process mistakenly allowed
a process to invoke kexec_load even when that process was invoked
from a non-privileged namespace.
* NULL pointer dereference on remote control device removal.
Under certain circumstance, removing a usb remote control can cause
the lirc daemon to dereference a NULL pointer leading to a kernel oops.
* Fix possible memory corruption in floppy driver.
If the floppy driver fails during initialization, it could access memory
that was never properly initialized leading to memory corruption and a
possible oops.
* NULL pointer dereference in futex requeuing.
A missing NULL pointer check could result in a kernel crash when
attempting to requeue a futex.
* NULL pointer dereference in non-pi futexes.
Incorrect configuration of futex addresses could lead to a NULL pointer
dereference and kernel crash.
* Memory leak in device mapper thin provisioning driver.
Incorrect error handling could result in a memory leak and denial of
service.
* Denial-of-service in rpciod.
rpciod could deadlock when trying to allocate memory for a new socket
resulting in a system hang and denial-of-service.
* Kernel panic on SUNRPC initialization failure.
A kernel panic may occur due to a failed SUNRPC initialization due to invalid
return values returned by the initialization function.
* Use-after-free in freed page LRU handling.
A race condition between MMU notifier release and page unmapping may cause
the memory manager to access a page which was already freed.
* Out-of-bound access in ORE handling of external filesystems.
External filesystems using ORE may cause an out-of-bound access if the use
more than one ORE COMP for their device table.
* Possible denial of service in drop_monitor.
drop_monitor may sleep while holding a spinlock, which could lead
to a possible deadlock situation.
SUPPORT
Ksplice support is available at ksplice-support_ww at oracle.com.
More information about the Ksplice-Ubuntu-12.04-Updates
mailing list