[Ksplice][Ubuntu 8.04 Updates] New updates available via Ksplice (USN-914-1)

Greg Price price at ksplice.com
Thu Mar 18 16:44:27 PDT 2010 

Synopsis: USN-914-1 can now be patched using Ksplice
CVEs: CVE-2010-0307 CVE-2010-0415 CVE-2010-0622

Systems running Ubuntu 8.04 Hardy can now use Ksplice to patch against
the latest Ubuntu Security Notice, USN-914-1.


INSTALLING THE UPDATES

We recommend that all Ksplice Uptrack Ubuntu 8.04 Hardy users install
these updates.  You can install these updates by running:

# uptrack-upgrade -y


DESCRIPTION

* CVE-2010-0415: Arbitrary information leak in sys_move_pages.

Ramon de Carvalho Valle discovered an issue in the sys_move_pages
interface affecting 64-bit kernels.  Local users can exploit this
issue to cause a denial of service (system crash) or gain access to
sensitive kernel memory.


* CVE-2010-0622: Denial of service with corrupted futex.

Jermome Marchand reported that the wake_futex_pi function in
kernel/futex.c did not properly handle certain unlock operations for a
Priority Inheritance (PI) futex, which allows local users to cause a
denial of service (kernel oops) and possibly have unspecified other
impact via modification of the futex value from user space.


* Fix kernel address space randomization on x86_64 systems.

Previously, the kernel did not account for the randomized stack size
when calculating the mmap_base address, so that the reserved region
for the stack could overlap with the mmap region.  This could result
in a growing stack overwriting data in the mmap region.


* CVE-2010-0307: Denial of service on x86_64 due to load_elf_binary.

Mathias Krause discovered that the load_elf_binary function in
fs/binfmt_elf.c did not ensure that the ELF interpreter is available
before a call to the SET_PERSONALITY macro, in a flaw related to the
flush_old_exec function.  This flaw allows local users to cause a
denial of service (system crash) via a 32-bit application that
attempts to execute a 64-bit application, which fails, and then
triggers a segmentation fault.  The issue is demonstrated by
"amd64_killer".


SUPPORT

Ksplice support is available at support at ksplice.com or +1 765-577-5423.

More information about the Ubuntu-8.04-Updates mailing list