[El-errata] New updates available via Ksplice (ELSA-2016-3579)
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Mon Jun 27 23:18:06 PDT 2016
Synopsis: ELSA-2016-3579 can now be patched using Ksplice
CVEs: CVE-2016-4565
Users with Oracle Linux Premier Support can now use Ksplice to patch
against the latest Oracle Linux Security Advisory, ELSA-2016-3579.
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack on EL 5 install these
updates.
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.
Alternatively, you can install these updates by running:
# /usr/sbin/uptrack-upgrade -y
DESCRIPTION
* CVE-2016-4565: Privilege escalation in Infiniband ioctl.
The Infiniband ioctl interface does not correctly validate parameters
from userspace which can allow local users to corrupt kernel memory and
escalate privileges.
SUPPORT
Ksplice support is available at ksplice-support_ww at oracle.com.
More information about the El-errata
mailing list