[El-errata] New updates available via Ksplice (ELBA-2013-2580)
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Fri Nov 15 07:42:45 PST 2013
Synopsis: ELBA-2013-2580 can now be patched using Ksplice
Users with Oracle Linux Premier Support can now use Ksplice to patch
against the latest Oracle kernel update, ELBA-2013-2580.
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack on EL 6 install these
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.
Alternatively, you can install these updates by running:
# /usr/sbin/uptrack-upgrade -y
* Denial-of-service in dtrace shutdown.
The dtrace subsystem does not rate limit error messages when shutting down,
allowing a local malicious user cause a denial-of-service by flooding the error
log with error messages.
* Invalid mmap in Xen Infiniband network driver.
The Xen network driver does not correctly map memory when initializing an
Infiniband device inside a Xen guest which cause the device to fail to initialize.
* Incorrect audit messages with no security module enabled.
Incorrect error checking could result in an erroneous error message
causing auditd to panic the system under strict security guidelines.
* I/O errors in multipath devices with WRITE SAME heuristics.
If an underlying device in a multipath device does not support WRITE
SAME then I/O errors could be triggered. This can cause problems when
further layers such as LVM are stacked on top of a multipath device.
* Kernel panic in XOR module without CPU osxsave feature.
Inserting the xor module on a system with an emulated CPU that does not
support the osxsave feature would trigger an invalid opcode exception
and kernel panic.
Ksplice support is available at ksplice-support_ww at oracle.com.
More information about the El-errata