[El-errata] New updates available via Ksplice (ELSA-2013-2538)

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Fri Jul 19 14:13:33 PDT 2013

Synopsis: ELSA-2013-2538 can now be patched using Ksplice
CVEs: CVE-2012-6548 CVE-2013-0914 CVE-2013-2634 CVE-2013-2852 
CVE-2013-3222 CVE-2013-3224 CVE-2013-3225 CVE-2013-3301

Users with Oracle Linux Premier Support can now use Ksplice to patch
against the latest Oracle Security Advisory, ELSA-2013-2538.


We recommend that all users of Ksplice Uptrack on EL 5 install these

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


* CVE-2013-0914: Information leak in signal handlers.

A logic error in the handling of signal handlers allows a child process to
leak information about the memory layout of parent processes.

* CVE-2013-2852: Invalid format string usage in Broadcom B43 wireless 

Format string vulnerability in the b43_request_firmware function
in the Broadcom B43 wireless driver in the Linux kernel through 3.9.4
allows local users to gain privileges by leveraging root access and
including format string specifiers in an fwpostfix modprobe parameter,
leading to improper construction of an error message.

* CVE-2013-3301: NULL pointer dereference in tracing sysfs files.

The tracing sysfs files did not correctly allow seeking on a file opened
for writing, allowing a priviliged user to crash the system.

* CVE-2012-6548: Information leak in UDF export.

A malicious can disclose the contents of kernel memory by exporting
a filehandle from a UDF filesystem.

* CVE-2013-2634, 2635: Kernel leak in data center bridging and netlink.

The dcb netlink interface and the rtnetlink interface leak stack memory in
various places.

* CVE-2013-3222: Kernel stack information leak in ATM sockets.

Missing data clearing operations could allow an unprivileged user to
leak kernel stack memory to userspace.

* CVE-2013-3224: Kernel stack information leak in Bluetooth sockets.

Receiving messages from a bluetooth socket whilst the socket is
simultaneously being shut down could leak kernel stack bytes to
userspace allowing a local user to gain information about the running

* CVE-2013-3225: Kernel stack information leak in Bluetooth rfcomm.

Missing data clearing operations could allow a local user to leak kernel
stack memory to userspace.


Ksplice support is available at ksplice-support_ww at oracle.com.

More information about the El-errata mailing list