[Ksplice][Ubuntu 8.04 Updates] New updates available via Ksplice (USN-1189-1)

Fri Aug 19 16:04:35 PDT 2011

Synopsis: USN-1189-1 can now be patched using Ksplice
CVEs: CVE-2011-1020 CVE-2011-1078 CVE-2011-1079 CVE-2011-1080 CVE-2011-1093 CVE-2011-1160 CVE-2011-1180 CVE-2011-1493 CVE-2011-2492

Systems running Ubuntu 8.04 Hardy can now use Ksplice to patch against the 
latest Ubuntu Security Notice, USN-1189-1.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack on Ubuntu 8.04 Hardy 
install these updates.  You can install these updates by running:

# /usr/sbin/uptrack-upgrade -y

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf, 
these updates will be installed automatically and you do not need to take 
any additional action.

DESCRIPTION

* CVE-2011-1020: Missing access restrictions in /proc subsystem.

The proc filesystem implementation did not restrict access to the /proc 
directory tree of a process after this process performs an exec of a 
setuid program, which allowed local users to obtain sensitive information 
or potentially cause other integrity issues.

* CVE-2011-1093: Remote Denial of Service in DCCP.

A flaw in the dccp_rcv_state_process() function could allow a remote 
attacker to cause a denial of service, even when the socket was already 
closed.

* CVE-2011-1078: Information leak in Bluetooth SCO module.

One byte of the 'struct sco_conninfo' data structure was not initialized 
before being copied to userspace, leading to a leak of potentially 
sensitive kernel memory.

* CVE-2011-1079: Buffer overflow in Bluetooth bnep module.

A missing null-termination check in a Bluetooth driver could cause a 
denial of service or an information leak.

* CVE-2011-1080: Information leak in netfilter.

Missing null-terminations check in the networking subsystem could cause a 
portion of kernel stack memory to be made visible to all processes on the 
system.

* CVE-2011-1160: Information leak in tpm driver.

A buffer was not initialized before being returned to userspace, leading 
to a leak of potentially sensitive kernel memory.

* CVE-2011-1180: Missing boundary checks in IrDA subsystem.

Several missing boundary checks were discovered in the IrDA subsystem, 
allowing an attacker in physical proximity to the system to cause memory 
corruption, leading to a denial of service, system instability or 
potentially other unspecified impact.

* CVE-2011-2492: Information leak in bluetooth implementation.

Structure padding in two structures in the Bluetooth implementation was 
not initialized properly before being copied to user-space, possibly 
allowing local, unprivileged users to leak kernel stack memory to 
user-space.

* CVE-2011-1493: Missing boundary checks in rose driver.

Several missing boundary checks were discovered in the rose driver, 
allowing a remote host to cause memory corruption or a kernel panic by 
sending malformed packets.

SUPPORT

Ksplice support is available at support at ksplice.com or +1 765-577-5423.