[Ksplice][Ubuntu 8.04 Updates] New updates available via Ksplice (USN-1146-1)

Thu Jun 9 17:39:48 PDT 2011

Synopsis: USN-1146-1 can now be patched using Ksplice
CVEs: CVE-2010-4655 CVE-2010-4656 CVE-2011-0463 CVE-2011-0695 CVE-2011-0712 CVE-2011-1017 CVE-2011-1593

Systems running Ubuntu 8.04 Hardy can now use Ksplice to patch against
the latest Ubuntu Security Notice, USN-1146-1.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack on Ubuntu 8.04 Hardy
install these updates.  You can install these updates by running:

# /usr/sbin/uptrack-upgrade -y

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any additional action.

DESCRIPTION

* CVE-2011-0695: Remote denial of service in InfiniBand setup.

A race condition was found in the way the Linux kernel's InfiniBand
implementation set up new connections. This could allow a remote user to
cause a denial of service.

* CVE-2011-0712: Buffer overflows in caiaq driver.

An attacker with physical access could gain elevated privileges via
pathways relating to buffer overflows in the caiaq audio driver.

* CVE-2011-0463: Information leak in OCFS2 holes crossing page boundaries.

The ocfs2_prepare_page_for_write function in fs/ocfs2/aops.c in the
Oracle Cluster File System 2 (OCFS2) did not properly handle holes
that cross page boundaries, which allowed local users to obtain
potentially sensitive information from uninitialized disk locations by
reading a file.

* CVE-2010-4655: Information leak via ethtool ioctl.

A missing initialization flaw was found in the ethtool_get_regs()
function in the Linux kernel's ethtool IOCTL handler.  A local user
who has the CAP_NET_ADMIN capability could use this flaw to cause an
information leak.  (CVE-2010-4655, Low)

* CVE-2010-4656: Privilege escalation in IO-Warrior USB driver.

A heap overflow flaw in the iowarrior_write() function could allow a
user with access to an IO-Warrior USB device, that supports more than
8 bytes per report, to cause a denial of service or escalate their
privileges.  (CVE-2010-4656, Moderate)

* CVE-2011-1017: Missing boundary checks in LDM partition table parsing.

When processing an LDM partition table, the kernel did not verify that
certain fields were within bounds, resulting in a possible heap
overflow.  A local attacker could potentially exploit this to cause a
denial of service or information leak.

* CVE-2011-1593: Missing bounds check in proc filesystem.

A local attacker could exploit a missing bounds check to read kernel
memory or cause a denial of service.

SUPPORT

Ksplice support is available at support at ksplice.com or +1 765-577-5423.