[Ksplice][Ubuntu-12.10-Updates] New updates available via Ksplice (USN-2178-1)

Mon Apr 28 02:47:31 PDT 2014

Synopsis: USN-2178-1 can now be patched using Ksplice
CVEs: CVE-2014-0049 CVE-2014-0069

Systems running Ubuntu 12.10 Quantal can now use Ksplice to patch
against the latest Ubuntu Security Notice, USN-2178-1.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack on Ubuntu 12.10 Quantal
install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y

DESCRIPTION

* Deadlock in PCI DMA subsystem when allocating a DMA buffer.

A logic error in the PCI DMA architecture dependent code could lead to a
deadlock.

* CVE-2014-0069: Incorrect handling of bad iovecs in CIFS.

A flaw in how CIFS handled iovecs could be used by an unprivileged local
user with access to crash the system or leak kernel memory.

* Data corruption in ext4 when resizing with non-standard blocks-per-group number.

A flaw in the ext4 resizing code could lead to data corruptions when the
number of blocks per group is not 8.

* Deadlock in the tg3 ethernet driver when changing the MTU.

Incorrect locking in the tg3 ethernet driver could lead to a deadlock when
changing the MTU. A local, privileged user could use this flaw to cause a
denial-of-service.

* Denial-of-service in KVM with nested VMs.

A missing check in the KVM MMU code could lead to a kernel crash. A local,
privileged user could use this flaw to cause a denial-of-service.

* Use-after-free in STE DMA driver tasklet.

A flaw in the STE DMA driver results in a use-after-free and potentially to
a kernel crash.

* Denial-of-service in QLogic driver on selective retransmission request.

A missing check in the QLogic driver code results in NULL pointer
dereference and kernel crash. A remote user could use this flaw to cause a
denial-of-service.

* Denial-of-service in perf subsystem when hotplugging CPU.

Incorrect locking in the perf subsystem could lead to use-after-free and
kernel crash when hotplugging a CPU. A local, privileged user could use
this flaw to cause a denial-of-service.

* CVE-2014-0049: Code execution in KVM mmio emulator.

A logic error in the KVM code could lead to out of bounds memory accesses,
resulting in a kernel crash or potentially allowing a local user to write
in the host memory. A local, privileged user could use this flaw to elevate
privileges and execute arbitrary code in kernel mode.

* Denial-of-service in cgroup subsystem when adding a cgroup to a task.

Incorrect locking in the cgroup subsystem could lead to list corruptions
and kernel crash under specific conditions. A local, unprivileged user
could use this flaw to cause a denial-of-service.

* Use-after-free in i7 EDAC driver when iterating PCI devices.

Due to incorrect reference counting in the i7 EDAC driver, a use-after-free
could result in a kernel crash and denial-of-service.

* Deadlock in EHCI USB2 controller driver when handling an interrupt.

Incorrect locking in the EHCI driver code could lead to a deadlock,
resulting in a denial-of-service under specific conditions.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com