[Ksplice][Ubuntu 8.04 Updates] New updates available via Ksplice (USN-1507-1)
Jamie Iles
jamie.iles at oracle.com
Tue Jul 17 04:22:31 PDT 2012
Synopsis: USN-1507-1 can now be patched using Ksplice
CVEs: CVE-2012-1601 CVE-2012-2744
Systems running Ubuntu 8.04 Hardy can now use Ksplice to patch against
the latest Ubuntu Security Notice, USN-1507-1.
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack on Ubuntu 8.04 Hardy
install these updates.
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.
Alternatively, you can install these updates by running:
# /usr/sbin/uptrack-upgrade -y
DESCRIPTION
* CVE-2012-1601: Denial of service in KVM VCPU creation.
Inconsistent state in the creation of KVM virtual CPU's could
lead to NULL pointer dereferences. A unprivileged local user
could use this flaw to crash the system.
* CVE-2012-2744: Remote denial-of-service in IPv6 connection tracking.
A flaw in the IPv6 connection tracking netfilter module could allow a
remote attacker to trigger a NULL pointer dereference and
denial-of-service with specially crafted IPv6 packets.
SUPPORT
Ksplice support is available at ksplice-support_ww at oracle.com.
More information about the Ksplice-Ubuntu-8.04-Updates
mailing list