[El-errata] New updates available via Ksplice (ELSA-2014-3073)

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Fri Sep 12 06:20:14 PDT 2014 

Synopsis: ELSA-2014-3073 can now be patched using Ksplice
CVEs: CVE-2014-0205 CVE-2014-3917 CVE-2014-5077

Users with Oracle Linux Premier Support can now use Ksplice to patch
against the latest Oracle Security Advisory, ELSA-2014-3073.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack on EL 6 install these
updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* CVE-2014-5077: Remote denial-of-service in SCTP on simultaneous connections.

Linux kernel built with the support for Stream Control Transmission
Protocol is vulnerable to a NULL pointer dereference flaw. It could occur
when simultaneous new connections are initiated between the same pair of
hosts. A remote user/program could use this flaw to crash the system kernel
resulting in denial-of-service.


* CVE-2014-0205: Use-after-free in futex refcounting.

A flaw was found in the way the Linux kernel's futex subsystem handled
reference counting when requeuing futexes during futex_wait(). A local,
unprivileged user could use this flaw to zero out the reference counter of
an inode or an mm struct that backs up the memory area of the futex, which
could lead to a use-after-free flaw, resulting in a system crash or,
potentially, privilege escalation.


* CVE-2014-3917: Denial-of-service and information leak in audit syscall subsystem.

Linux kernel built with the system-call auditing support is vulnerable to a
kernel crash or information disclosure flaw caused by out of bounds memory
access.  When system call audit rules are present on a system, an
unprivileged user could use this flaw to leak kernel memory or cause a
denial-of-service.


* Reduce usage of reserved percpu memory.

The kernel reserves a limited area of percpu memory for loadable modules
containing static percpu data and exhausting this can limit the ability
to load modules.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.

More information about the El-errata mailing list