[El-errata] New Ksplice updates for RHCK 7 (ELBA-2017:2581)

[Errata Announcements for Oracle Linux]

Synopsis: ELBA-2017:2581 can now be patched using Ksplice

Users with Oracle Linux Premier Support can now use Ksplice to patch
against the latest Oracle kernel update, ELBA-2017:2581.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running RHCK 7 install
these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* Memory leak in the Non Volatile Memory Express driver when releasing an IO buffer.

Failure to release the memory used by an IO buffer in the Non Volatile
Memory Express (NVMe) driver leads to a memory leak.  An attacker could use
this flaw to cause a denial-of-service through memory exhaustion.


* Use-after-free when disabling an IPSec tunnel.

Incorrect reference counting on a cryptographic algorithm object could lead
to a use-after-free and kernel panic.  A local user with the ability to
disable an IPsec tunnel between two nodes could use this flaw to cause a
denial-of-service.


* NULL pointer dereference in Chelsio Ethernet driver when setting up DMA queues.

A logic error in the Chelsio Ethernet (CXGB4) driver when setting up DMA
queues could lead to a NULL pointer dereference when the adapter is not in
offload mode.  A local user with the ability to change the adapter mode
could use this flaw to cause a denial-of-service.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.