[Ksplice][Ubuntu 8.04 Updates] New updates available via Ksplice (USN-1291-1)
Tim Abbott
tim.abbott at oracle.com
Thu Dec 8 18:57:43 PST 2011
Synopsis: USN-1291-1 can now be patched using Ksplice
CVEs: CVE-2011-4077 CVE-2011-4132 CVE-2011-4330
Systems running Ubuntu 8.04 Hardy can now use Ksplice to patch against
the latest Ubuntu Security Notice, USN-1291-1.
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack on Ubuntu 8.04 Hardy
install these updates. You can install these updates by running:
# /usr/sbin/uptrack-upgrade -y
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any additional action.
DESCRIPTION
* CVE-2011-4077: Buffer overflow in xfs_readlink.
A flaw in the way the XFS filesystem implementation handled links with
pathnames larger than MAXPATHLEN allowed an attacker to mount a
malicious XFS image that could crash the system or result in privilege
escalation.
* CVE-2011-4132: Denial of service in Journaling Block Device layer.
A flaw in the way the Journaling Block Device (JBD) layer handled an
invalid log first block value allowed an attacker to mount a malicious
ext3 or ext4 image that would crash the system.
* CVE-2011-4330: Buffer overflow in HFS file name translation logic.
Clement Lecigne reported a flaw in the way the HFS filesystem
implementation handled file names larger than HFS_NAMELEN. A missing
length check in hfs_mac2asc could result in a buffer overflow.
SUPPORT
Ksplice support is available at ksplice-support_ww at oracle.com.
More information about the Ksplice-Ubuntu-8.04-Updates
mailing list