[El-errata] New updates available via Ksplice (ELSA-2015-3042)

[Errata Announcements for Oracle Linux]

Synopsis: ELSA-2015-3042 can now be patched using Ksplice
CVEs: CVE-2014-9419 CVE-2014-9420 CVE-2014-9585

Users with Oracle Linux Premier Support can now use Ksplice to patch
against the latest Oracle Security Advisory, ELSA-2015-3042.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack on EL 6 install these
updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* CVE-2014-9419: Address leak on context switch bypasses ASLR.

A flaw in the context switch code could lead to leaking another thread's
local storage area.  A local, unprivileged user could use this flaw to gain
information about another process address space mappings and bypass address
space layout randomization.


* CVE-2014-9420: Infinite loop in isofs when parsing continuation entries.

A flaw in the iso9660 file system support could lead to an infinite
recursion loop when parsing continuation entries.  An unprivileged user
could use this flaw to crash the system resulting in a denial-of-service.


* CVE-2014-9585: Address space layout randomization bypass for VDSO address.

A flaw in the VDSO code loader leads to a 50% chance of having the VDSO
address placed at the end of a PMD. This could allow an attacker to bypass
ASLR protections more easily.


* Divide-by-zero in task scheduler with cpu power calculation.

A divide by zero with a 0 cpu power could result in a kernel crash under
rare conditions.


* Denial-of-service in OCFS2 file attributes.

Incorrect locking when setting a file attribute on an OCFS2 filesystem
could result in hitting a kernel assertion and crashing the system.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.