[Ksplice][Ubuntu-15.10-Updates] New updates available via Ksplice (USN-2930-1)
Oracle Ksplice
ksplice-support_ww at oracle.com
Mon Mar 14 12:44:17 PDT 2016
Synopsis: USN-2930-1 can now be patched using Ksplice
CVEs: CVE-2015-7566 CVE-2015-8767 CVE-2016-0723 CVE-2016-2384
Systems running Ubuntu 15.10 Wily can now use Ksplice to patch against
the latest Ubuntu Security Notice, USN-2930-1.
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack on Ubuntu 15.10 Wily
install these updates.
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.
Alternatively, you can install these updates by running:
# /usr/sbin/uptrack-upgrade -y
DESCRIPTION
* CVE-2015-8767: Denial-of-service in SCTP heartbeat timeout.
Incorrect locking when accepting an SCTP connection during the 4-way
handshake could result in deadlock. A local user could use this flaw to
block SCTP connections.
* Buffer overflow in Analog Devices inertial measurement device driver.
Incorrect memory offset calculation in the driver for Analog Devices
inertial measurement devices leads to a buffer overflow during transmit.
* Data loss in USB Modem driver during suspend and resume.
Improper cleanup in the USB Modem driver leads to data loss during a
suspend and resume sequence.
* Crash in USB hub driver during device reset.
Improper memory cleanup during USB hub device reset can lead to a NULL
pointer dereference causing a crash.
* Crash in USB serial driver when malicious Treo device is connected.
Improper handling of USB endpoint probing during Treo device initialization
leads to a NULL pointer dereference.
* CVE-2015-7566: Denial-of-service in USB Handspring Visor driver.
Incomplete USB endpoint validation could result in a kernel crash when
probing a USB Handspring Visor device. A malicious USB device could use
this flaw to crash the system.
* Crash in SCSI driver during power management suspend and resume.
Performing a suspend while the SCSI driver is probing for devices may
crash or cause CD/DVD and hard disk devices to become unusable.
* CVE-2016-0723: Denial-of-service in TTY TIOCGETD ioctl().
A use-after-free when getting the line discipline for a TTY could allow
a local user to trigger a kernel crash.
* Memory corruption in ALSA dummy driver when switching timer.
Improper switching between high resolution timers and system timers while a
stream is open can lead to memory corruption.
* CVE-2016-2384: Privilege escalation in USB MIDI device driver.
The USB MIDI device driver does not correctly free memory when failing
to initialize an endpoint which can cause a use-after-free condition. A
local unprivileged user can use this flaw to trigger kernel code
execution.
* Use-after-free when removing virtio PCI devices.
A logic error in the virtio subsystem can trigger a use-after-free and
kernel panic when removing a virtio PCI device.
* Kernel panic when reading cpufreq governor.
Incorrect locking in the cpufreq driver can trigger a NULL pointer
dereference and kernel panic when reading from the governor sysfs file.
* Memory corruption in nf_table compatibility ioctls.
An integer overflow can trigger memory corruption when setting netfilter
table data via the compatibility ioctl interface.
* Memory corruption when parsing netfilter source chains.
A logic error when parsing netfilter source chains can allow local users
to corrupt kernel memory.
SUPPORT
Ksplice support is available at ksplice-support_ww at oracle.com.
More information about the Ksplice-Ubuntu-15.10-updates
mailing list