[Ksplice][Virtuozzo 4.7 Updates] New updates available via Ksplice (CU-2.6.32-042stab039.10)
Tim Abbott
tim.abbott at oracle.com
Wed Nov 9 14:44:03 PST 2011
Synopsis: CU-2.6.32-042stab039.10 can now be patched using Ksplice
CVEs: CVE-2011-1160 CVE-2011-1745 CVE-2011-1746 CVE-2011-1833
CVE-2011-2022 CVE-2011-2484 CVE-2011-2496 CVE-2011-2521 CVE-2011-2723
CVE-2011-2898 CVE-2011-2918
Red Hat Security Advisory Severity: Important
Systems running Virtuozzo 4.7 or the OpenVZ RHEL 6 kernel can now use
Ksplice to patch against the latest Parallels Virtuozzo Containers 4.7
kernel security update, CU-2.6.32-042stab039.10.
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack on Virtuozzo 4.7 or
OpenVZ on RHEL 6 install these updates. You can install these updates
by running:
# /usr/sbin/uptrack-upgrade -y
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any additional action.
DESCRIPTION
* CVE-2011-1160: Information leak in tpm driver.
A buffer was not initialized before being returned to userspace,
leading to a leak of potentially sensitive kernel memory.
* CVE-2011-1745, CVE-2011-2022: Privilege escalation in AGP subsystem.
Flaws in the AGPGART driver implementation when handling certain
IOCTL commands could allow a local, unprivileged user to cause a
denial of service or escalate their privileges.
* CVE-2011-1746: Integer overflow in agp_allocate_memory.
An integer overflow flaw in agp_allocate_memory() could allow a
local, unprivileged user to cause a denial of service or escalate
their privileges.
* CVE-2011-2484: Denial of service in taskstats subsystem.
The add_del_listener function in kernel/taskstats.c in the Linux kernel
did not prevent multiple registrations of exit handlers, which allowed
local users to cause a denial of service (memory and CPU consumption),
and bypass the OOM Killer, via a crafted application.
* CVE-2011-2496: Local denial of service in mremap().
Robert Swiecki discovered that mremap() could be abused for local denial of
service by triggering a BUG_ON assert.
* CVE-2011-2521: Denial of service in performance counters
The performance counter subsystem incorrectly calculated the index of
fixed counter registerss, leading to local denial of service.
* CVE-2011-2723: Remote denial of service vulnerability in gro.
The skb_gro_header_slow function in the Linux kernel had a bug which
allowed a remote attacker to put certain gro fields in an inconsistent
state, resulting in a denial of service.
* CVE-2011-2898: Information leak in packet subsystem
Uninitialized struct padding in the packet subsystem led to an
information leak of two bytes of kernel memory to userspace.
* CVE-2011-2918: Denial of service in event overflows in perf.
Vince Weaver discovered that incorrect handling of software event
overflows in the perf analysis tool could lead to local denial of
service.
* CVE-2011-1833: Information disclosure in eCryptfs.
Vasiliy Kulikov of Openwall and Dan Rosenberg discovered that eCryptfs
incorrectly validated permissions on the requested source directory. A
local attacker could use this flaw to mount an arbitrary directory,
possibly leading to information disclosure.
SUPPORT
Ksplice support is available at support at ksplice.com or +1 765-577-5423.
More information about the Ksplice-VZ4.7-Updates
mailing list