[Ksplice][Debian 5.0 Updates] New updates available via Ksplice (DSA-2012-1)
Nelson Elhage
nelhage at ksplice.com
Fri Mar 12 09:41:04 PST 2010
Synopsis: DSA-2012-1 can now be patched using Ksplice
CVEs: CVE-2010-0622
Systems running Debian 5.0 Lenny can now use Ksplice to patch against
the latest Debian Security Advisory, DSA-2012-1.
INSTALLING THE UPDATES
We recommend that all Ksplice Uptrack Debian 5.0 Lenny users install
these updates. You can install these updates by running:
# uptrack-upgrade -y
DESCRIPTION
* CVE-2010-0622: Denial of Service with corrupted futex.
The wake_futex_pi function in kernel/futex.c did not properly handle
certain unlock operations for a Priority Inheritance (PI) futex, which
allows local users to cause a denial of service (OOPS) and possibly
have unspecified other impact via vectors involving modification of
the futex value from user space.
SUPPORT
Ksplice support is available at support at ksplice.com or +1 765-577-5423.
More information about the Debian-5.0-Updates
mailing list