[Ksplice][Virtuozzo 4.7 Updates] New updates available via Ksplice (CU-2.6.32-042stab063.2)
Jamie Iles
jamie.iles at oracle.com
Thu Nov 1 06:57:20 PDT 2012
Synopsis: CU-2.6.32-042stab063.2 can now be patched using Ksplice
CVEs: CVE-2012-3412
Systems running Virtuozzo 4.7 or the OpenVZ RHEL 6 kernel can now use
Ksplice to patch against the latest Parallels Virtuozzo Containers 4.7
kernel security update, CU-2.6.32-042stab063.2.
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack on Virtuozzo 4.7 or
OpenVZ on RHEL 6 install these updates.
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.
Alternatively, you can install these updates by running:
# /usr/sbin/uptrack-upgrade -y
DESCRIPTION
* CVE-2012-3412: Remote denial of service through TCP MSS option in SFC NIC.
A malicious remote user may trigger a denial-of-service in hosts using the SFC
NIC by reducing the size of the TCP MSS and causing the victim to run out
of resources while processing the packets.
* Kernel panic in TTY driver.
An invalid assumption in the TTY driver can lead to a kernel
panic (BUG_ON) when reading data from a TTY using the normal
line discipline.
SUPPORT
Ksplice support is available at ksplice-support_ww at oracle.com.
More information about the Ksplice-VZ4.7-Updates
mailing list