[El-errata] New updates available via Ksplice (ELBA-2013-2580)

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Fri Nov 15 07:42:45 PST 2013


Synopsis: ELBA-2013-2580 can now be patched using Ksplice

Users with Oracle Linux Premier Support can now use Ksplice to patch
against the latest Oracle kernel update, ELBA-2013-2580.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack on EL 6 install these
updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* Denial-of-service in dtrace shutdown.

The dtrace subsystem does not rate limit error messages when shutting down,
allowing a local malicious user cause a denial-of-service by flooding the error
log with error messages.


* Invalid mmap in Xen Infiniband network driver.

The Xen network driver does not correctly map memory when initializing an
Infiniband device inside a Xen guest which cause the device to fail to initialize.


* Incorrect audit messages with no security module enabled.

Incorrect error checking could result in an erroneous error message
causing auditd to panic the system under strict security guidelines.


* I/O errors in multipath devices with WRITE SAME heuristics.

If an underlying device in a multipath device does not support WRITE
SAME then I/O errors could be triggered.  This can cause problems when
further layers such as LVM are stacked on top of a multipath device.


* Kernel panic in XOR module without CPU osxsave feature.

Inserting the xor module on a system with an emulated CPU that does not
support the osxsave feature would trigger an invalid opcode exception
and kernel panic.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.





More information about the El-errata mailing list