[El-errata] New updates available via Ksplice (ELSA-2015-3014)

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Sun Mar 15 08:45:19 PDT 2015


Synopsis: ELSA-2015-3014 can now be patched using Ksplice
CVEs: CVE-2014-7825 CVE-2014-7826 CVE-2014-8160 CVE-2014-8369

Users with Oracle Linux Premier Support can now use Ksplice to patch
against the latest Oracle Security Advisory, ELSA-2015-3014.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack on EL 6 install these
updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* Kernel panic in NVM Express PCI device driver.

The NVM Express PCI device driver does not correctly cancelling pending
IO operations when an error occurs which can lead to memory corruption
and a kernel panic.


* CVE-2014-7825, CVE-2014-7826: Perf DoS and local privilege escalation.

A missing validation of syscall id range allows an attacker to trigger a
kernel panic, or leverage it into gaining root privileges if root was
doing perf tracing at that time.


* Information leak in mac80211 when transferring fragmented packet.

A flaw in the mac80211 stack could result in leaking 8 bytes of plain text
in the air. An attacker, physically in the range of the WiFi network, could
use this flaw to obtain sensitive informations.


* CVE-2014-8160: iptables rules by-pass when the protocol module is not loaded.

A flaw in the generic conntrack sub-system allows protocols that do not
have a protocol handler kernel module loaded to pass through the iptables
firewall even if explicitly denied by rule.


* CVE-2014-8369: Denial-of-service in KVM page mapping.

Due to an incomplete fix for CVE-2014-3601, the KVM map pages function
miscalculates the number of pages to be un-pinned in case of a mapping
failure, which allows guest OS users to cause a denial-of-service by
corrupting the host memory.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.





More information about the El-errata mailing list