[Ksplice][Virtuozzo 4.7 Updates] New updates available via Ksplice (042stab084.14)
Oracle Ksplice
ksplice-support_ww at oracle.com
Mon Dec 30 17:45:35 PST 2013
Synopsis: 042stab084.14 can now be patched using Ksplice
CVEs: CVE-2013-2141 CVE-2013-4470
Systems running Virtuozzo 4.7 or the OpenVZ RHEL 6 kernel can now use
Ksplice to patch against the latest Parallels Virtuozzo Containers 4.7
kernel security update, 042stab084.14.
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack on Virtuozzo 4.7 or
OpenVZ on RHEL 6 install these updates.
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.
Alternatively, you can install these updates by running:
# /usr/sbin/uptrack-upgrade -y
DESCRIPTION
* CVE-2013-2141: Information leak in tkill() and tgkill() system calls.
Due to a lack of proper initialisation, the tkill() and tgkill() system
calls may leak data from the kernel stack to an unprivileged local user.
* CVE-2013-4470: Memory corruption in IPv4 and IPv6 networking corking with UFO.
The kernel IP stack does not correctly handle sending fragmented packets via a
device which has UDP Fragmentation Offload enabled leading to memory corruption
and a kernel panic.
SUPPORT
Ksplice support is available at ksplice-support_ww at oracle.com.
More information about the Ksplice-VZ4.7-Updates
mailing list