[Ksplice][Debian 5.0 Updates] New updates available via Ksplice (DSA-1927-1)

Tim Abbott tabbott at ksplice.com
Thu Nov 5 15:55:40 PST 2009 

Synopsis: DSA-1927-1 can now be patched using Ksplice
CVEs: CVE-2009-3228 CVE-2009-3547 CVE-2009-3612 CVE-2009-3620 CVE-2009-3621 CVE-2009-3638

Systems running Debian 5.0 Lenny can now use Ksplice to patch against the 
latest Debian Security advisory, DSA-1927-1.

INSTALLING THE UPDATES

We recommend that all Ksplice Uptrack Debian 5.0 users install these 
updates.  You can install these updates by running:

# uptrack-upgrade -y

DESCRIPTION

* CVE-2009-3638: Integer overflow handling KVM_GET_SUPPORTED_CPUID requests.

An integer overflow in kvm_dev_ioctl_get_supported_cpuid function in
the KVM subsystem of the Linux kernel could potentially lead to a
local denial of service or privilege escalation.

* CVE-2009-3547: NULL pointer dereference opening pipes.

A race condition when opening a pipe could result in a NULL pointer
dereference, potentially resulting in a denial of service or privilege
escalation attack.

* CVE-2009-3621: Denial of service shutting down abstract-namespace sockets.

Local users can cause a denial of service (system hang) by creating an
abstract-namespace AF_UNIX listening socket, performing a shutdown
operation on this socket, and then performing a series of connect
operations to this socket.

* CVE-2009-3620: NULL pointer dereference in ATI Rage 128 driver.

The ATI Rage 128 (aka r128) driver in the Linux kernel does not
properly verify Concurrent Command Engine (CCE) state initialization,
which allows local users to cause a denial of service or privilege
escalation.

* CVE-2009-3612: Information leak in the netlink subsystem.

The tcf_fill_node function in net/sched/cls_api.c in the netlink
subsystem does not initialize a certain tcm__pad2 structure member,
which might allow local users to obtain sensitive information from
kernel memory.  NOTE: this issue exists because of a typo in the fix
for CVE-2005-4881.

* CVE-2009-3228: Information leak in the networking subsystem.

Padding data in a core network structure was not initialized properly
before being sent to user-space.  These flaws could lead to
information leaks.

SUPPORT

Ksplice support is available at support at ksplice.com or +1 765-577-5423.

More information about the Debian-5.0-Updates mailing list