[Ksplice][Virtuozzo 4.7 Updates] New updates available via Ksplice (2.6.32-042stab081.3)

Oracle Ksplice ksplice-support_ww at oracle.com
Sun Sep 22 17:40:09 PDT 2013 

Synopsis: 2.6.32-042stab081.3 can now be patched using Ksplice
CVEs: CVE-2012-6544 CVE-2013-2146 CVE-2013-2206 CVE-2013-2232 CVE-2013-2237

Systems running Virtuozzo 4.7 or the OpenVZ RHEL 6 kernel can now use
Ksplice to patch against the latest Parallels Virtuozzo Containers 4.7
kernel security update, 2.6.32-042stab081.3.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack on Virtuozzo 4.7 or
OpenVZ on RHEL 6 install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* CVE-2013-2206: NULL pointer dereference in SCTP duplicate cookie handling.

A flaw was found in the way the Linux kernel's Stream Control
Transmission Protocol (SCTP) implementation handled duplicate cookies.
If a local user queried SCTP connection information at the same time a
remote attacker has initialized a crafted SCTP connection to the system,
it could trigger a NULL pointer dereference, causing the system to
crash.


* CVE-2013-2232: Memory corruption in IPv6 routing cache.

Connecting an IPv6 socket to an IPv4 destination can cause IPv4 routing
information to be placed in the IPv6 routing cache causing memory corruption
and a kernel panic.


* CVE-2012-6544: Information leak in Bluetooth L2CAP socket name.

A malicious user can disclose the contents of kernel memory by calling
getsockname() on an Bluetooth L2CAP socket.


* CVE-2013-2237: Information leak on IPSec key socket.

Incorrect initialization on policy flushing could leak kernel stack
bytes to userspace.


* CVE-2013-2146: Denial of service in access to reserved performance MSRs.

On systems with certain Intel processors, a local, unprivileged user could
use this flaw to cause a denial of service by leveraging the perf subsystem
to write into the reserved bits of the OFFCORE_RSP_0 and OFFCORE_RSP_1
model-specific registers.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.

More information about the Ksplice-VZ4.7-Updates mailing list