[Ksplice][Ubuntu-12.10-Updates] New updates available via Ksplice (USN-2114-1)
Oracle Ksplice
ksplice-support_ww at oracle.com
Fri Feb 21 09:55:48 PST 2014
Synopsis: USN-2114-1 can now be patched using Ksplice
CVEs: CVE-2013-2929 CVE-2013-4592 CVE-2013-6378 CVE-2013-6380
Systems running Ubuntu 12.10 Quantal can now use Ksplice to patch
against the latest Ubuntu Security Notice, USN-2114-1.
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack on Ubuntu 12.10 Quantal
install these updates.
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.
Alternatively, you can install these updates by running:
# /usr/sbin/uptrack-upgrade -y
DESCRIPTION
* CVE-2013-6380: Denial-of-service in Adaptec RAID driver.
Incorrect memory allocations in the Adaptec RAID driver could result in
dereferencing an invalid pointer allowing a local user with the
CAP_SYS_ADMIN privilege to crash the system.
* CVE-2013-6378: Denial-of-service in Marvell 8xxx Libertas WLAN driver.
Incorrect validation of user supplied data in the Marvell 8xxx Libertas
WLAN driver could allow a privileged user to trigger an invalid pointer
dereference and crash the system.
* Memory corruption in block core on control group queue initialization failure.
Incorrect error handling could result in memory corruption and a kernel
crash when queue initialization fails.
* Resource leak in Xen blkback block driver during discard.
Incorrect reference counting could result in a failure to free the block
interface. This could cause device hotplug to fail.
* CVE-2013-4592: Denial-of-service in KVM IOMMU mappings.
A flaw was found in the way IOMMU memory mappings were handled when
moving memory slots. A malicious user on a KVM host who has the ability to
assign a device to a guest could use this flaw to crash the host.
* Memory leak in ext4 filesystem when expanding inode with extended attributes.
A flaw in the ext4 inode expanding code could result in a buffer header
memory leak. A local, unprivileged user could use this flaw to cause a
denial-of-service.
* Denial-of-service in loop block subsystem when unloading the loop module.
A logic error in the error path when allocating a block queue in the loop
module could result in a NULL pointer dereference. A local, privileged user
could use this flaw to cause a denial-of-service.
* NULL pointer dereference in GPMI Nand controller when DMA operations on-going.
A race condition in the GPMI Nand controller driver could result in a NULL
pointer dereference and kernel crash. A local, privileged user could use
this flaw to cause a denial-of-service.
* Deadlock in selinux/netlabel on connect().
Incorrect locking in the selinux/netlabel glue code could lead to a
deadlock. A local, unprivileged user could use this flaw to cause a
denial-of-service.
* Information leak in audit subsystem when getting status from audit netlink.
A missing field assignment in the receive loop of audit causes an
information leak. A local user with CAP_AUDIT_CONTROL could use this flaw
to obtain information on the running kernel.
* Out-of-bounds write in iscsi-target when computing checksums.
Incorrect length checking in iscsi-target code could lead to a one byte
out-of-bounds write. An attacker could use this to cause a
denial-of-service or potentially, escalate privileges.
* Incorrect credentials checking in iscsi-target with CHAP authentication.
A flaw in the username checking in iscsi-target CHAP authentication causes
all usernames with the correct username as prefix to be accepted.
* Denial-of-service in cpuset subsystem when changing cpuset.
Incorrect locking when changing cpuset of a running test could result in a
deadlock. A local, privileged user could use this flaw to cause a
denial-of-service.
* CVE-2013-2929: Incorrect permissions check in ptrace with dropped privileges.
The ptrace subsystem incorrectly checked the state of the fs.suid_dumpable
sysctl allowing a user to ptrace attach to a process if it had dropped
privileges to that user.
SUPPORT
Ksplice support is available at ksplice-support_ww at oracle.com.
More information about the Ksplice-Ubuntu-12.10-Updates
mailing list