[El-errata] New updates available via Ksplice (ELSA-2013-0747-1)

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Fri Apr 19 04:47:16 PDT 2013 

Synopsis: ELSA-2013-0747-1 can now be patched using Ksplice
CVEs: CVE-2012-6537 CVE-2012-6542 CVE-2012-6546 CVE-2012-6547 CVE-2013-0216 CVE-2013-0231 CVE-2013-1826

Users with Oracle Linux Premier Support can now use Ksplice to patch
against the latest Oracle Security Advisory, ELSA-2013-0747-1.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack on EL 5 install these
updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* CVE-2012-6537: Kernel information leaks in network transformation subsystem.

This fixes several cases where xfrm_user code could lead kernel
memory to user space.


* CVE-2013-1826: NULL pointer dereference in XFRM buffer size mismatch.

Linux kernel built with XFRM framework support is vulnerable to a NULL pointer
dereference flaw. It occurs while accessing XFRM state via xfrm_state_netlink
routine.


* CVE-2012-6542: Information leak in LLC socket name.

A malicious user can disclose the contents of kernel memory by calling
getsockname() on an LLC socket.


* CVE-2012-6547: Kernel stack leak from TUN ioctls.

The __tun_chr_ioctl function in drivers/net/tun.c in the Linux kernel before
3.6 does not initialize a certain structure, which allows local users to
obtain sensitive information from kernel stack memory via a crafted
application.


* CVE-2012-6546: Information leak in ATM sockets.

An malicious user can disclose the contents of kernel memory by calling
getsockname() on an ATM socket.


* CVE-2013-0231: Denial-of-service in Xen PCI passthrough driver.

A flaw was found in the Xen PCI device back-end driver implementation in
the Linux kernel. A privileged guest user in a guest that has a PCI
passthrough device could use this flaw to cause a denial of service that
could potentially affect the entire system.


* CVE-2013-0216: Denial-of-service in Xen netback driver.

Failure to sanity check the ring producer/consumer
pointers could allow a guest to cause netback to loop for an
extended period preventing other work from occurring.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.

More information about the El-errata mailing list