[El-errata] New updates available via Ksplice (ELSA-2014-3103)

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Sat Dec 13 02:20:39 PST 2014 

Synopsis: ELSA-2014-3103 can now be patched using Ksplice
CVEs: CVE-2014-3182 CVE-2014-3186 CVE-2014-3688 CVE-2014-4027 CVE-2014-4652 CVE-2014-4656 CVE-2014-6410

Users with Oracle Linux Premier Support can now use Ksplice to patch
against the latest Oracle Security Advisory, ELSA-2014-3103.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack on EL 6 install these
updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* CVE-2014-3688: Remote denial-of-service in SCTP stack by memory exhaustion.

A flaw in the SCTP stack could allow a remote attacker to force a SCTP
server to allocate big amounts of memory and trigger the kernel
out-of-memory killer, leading to a denial-of-service.


* CVE-2014-3186: Memory corruption in PicoLCD USB driver.

The PicoLCD USB driver does not correctly validate event data allowing a
malicious USB device to trigger kernel memory corruption and potentially
gain elevated privileges.


* CVE-2014-4652: Arbitrary memory disclosure in ALSA user controls.

Lack of synchronization between reads and writes to ALSA user controls
could lead to a kernel memory disclosure.


* CVE-2014-4027: Information leak in iSCSI Target ramdisk transport.

Due to incorrect initialization of one of the data structures used by
the iSCSI Target ramdisk transport, local users could obtain sensitive
information from the ramdisk memory that they should not have access
to.


* CVE-2014-4656: ALSA Control ID overflow.

Missing range checks in ALSA control IDs could lead to an integer overflow.


* CVE-2014-3182: Invalid memory read in HID Logitech driver.

The Logitech Unifying receivers full support driver is vulnerable
to an out-of-bounds read flaw. It could occur if a device offers a
malicious HID report with arbitrary device_index.

A malicious user with physical access to the system could use this
flaw to crash the system resulting in a denial-of-service.


* CVE-2014-6410: Denial of service in UDF filesystem parsing.

The kernel UDF filesystem driver does not correctly validate indirect
inodes allowing a malicious user to cause a kernel panic by mounting a
UDF volume with deeply nested indirect inodes.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.

More information about the El-errata mailing list