[Ksplice][Debian 5.0 Updates] New updates available via Ksplice (Debian 5.0.9)

Tim Abbott tim.abbott at oracle.com
Sun Oct 2 11:33:48 PDT 2011 

Synopsis: Debian 5.0.9 can now be patched using Ksplice

Systems running Debian 5.0 Lenny can now use Ksplice to patch against
the latest Debian kernel update, Debian 5.0.9.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack on Debian 5.0 Lenny
install these updates.  You can install these updates by running:

# /usr/sbin/uptrack-upgrade -y

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any additional action.


DESCRIPTION

* Unexpected wakeup on ptrace detach.

Detaching from a traced process which is waiting on some kernel event could
cause an unexpected wakeup, resulting in an oops or other kernel 
misbehavior.


* Memory corruption in nfsd statistics update.

When the in-kernel NFS server fails to find an exported file in the 
readahead
cache, it can write past the end of the nfsd statistics array, 
corrupting the
following region in memory.


* Invalid memory access in OCFS2 connection tracking.

Under some circumstances, the function ocfs2_connection_find() can return an
invalid pointer rather than correctly reporting a NULL result.  When this
pointer is used by other code, a kernel oops or other misbehavior can 
result.


* Use-after-free bug in NFS async I/O.

Under certain conditions, an asynchronous I/O request to a NFS-mounted
filesystem would be served by two different kernel subsystems, resulting
in a use-after-free bug and a kernel crash or memory corruption.


* Denial of service in nfs_do_fsync.

The function nfs_do_fsync erroneously reports failure, causing system calls
like close() on an NFS-mounted file to hang indefinitely.


* Infinite loop in SAS error handling.

The error handler for Serial Attached SCSI devices could enter an infinite
loop, consuming all resources on at least one CPU.


* Data corruption on RAID recovery to hot-added device.

Linux software RAID arrays (md subsystem) with v1.x metadata can forget the
state of partial recovery onto a hot-added storage device, erroneously 
treating
the device as fully recovered.  This could lead to data corruption.


SUPPORT

Ksplice support is available at support at ksplice.com or +1 765-577-5423.

More information about the Ksplice-Debian-5.0-Updates mailing list