[Ksplice][Virtuozzo 4 Updates] New updates available via Ksplice (2.6.18-371.el5.028stab109.2)

[Jamie Iles]

Synopsis: 2.6.18-371.el5.028stab109.2 can now be patched using Ksplice
CVEs: CVE-2012-3511 CVE-2013-2141 CVE-2013-4162

Systems running Virtuozzo 4 or the OpenVZ RHEL 5 kernel can now use
Ksplice to patch against the latest Parallels Virtuozzo Containers
kernel security update, 2.6.18-371.el5.028stab109.2.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack on Virtuozzo 4 or
OpenVZ on RHEL 5 install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y

Ksplice will not be providing a zero downtime update for CVE-2012-4398.  This
issue is a denial-of-service that can be caused by triggering automatic kernel
module loading under high memory pressure.  Automatic module loading cannot be
triggered from within a container and is therefore only exploitable on the
hardware node of a VZ system.  

DESCRIPTION

* CVE-2013-2141: Information leak in tkill() and tgkill() system calls.

Due to a lack of proper initialisation, the tkill() and tgkill() system
calls may leak data from the kernel stack to an unprivileged local user.


* CVE-2013-4162: Denial-of-service with IPv6 sockets with UDP_CORK.

When pushing pending frames in IPv6 udp code, an incorrect function call can
be made. This allows local users to cause a denial of service (BUG and system
crash) via a crafted application that uses the UDP_CORK option in a
setsockopt system call.


* CVE-2012-3511: Use-after-free due to race condition in madvise.

A race condition between munmap and madvise can cause a use-after-free
in the memory management system.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.