[Ksplice][Debian 6.0 Updates] New updates available via Ksplice (DSA-2389-1)

Tim Abbott tim.abbott at oracle.com
Wed Jan 18 15:18:03 PST 2012


Synopsis: DSA-2389-1 can now be patched using Ksplice
CVEs: CVE-2011-4077 CVE-2011-4110 CVE-2011-4127 CVE-2011-4622 CVE-2011-4914

Systems running Debian 6.0 Squeeze can now use Ksplice to patch
against the latest Debian Security Advisory, DSA-2389-1.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack on Debian 6.0 Squeeze
install these updates.  You can install these updates by running:

# /usr/sbin/uptrack-upgrade -y

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any additional action.


DESCRIPTION

* CVE-2011-4127: Privilege escalation in SCSI SG_IO ioctl.

Paolo Bonzini of Red Hat reported an issue in the ioctl passthrough
support for SCSI devices. Users with permission to access restricted
portions of a device (e.g. a partition or a logical volume) can obtain
access to the entire device by way of the SG_IO ioctl. This could be
exploited by a local user or privileged VM guest to achieve a
privilege escalation.


* CVE-2011-4077: Buffer overflow in xfs_readlink.

A flaw in the way the XFS filesystem implementation handled links with
pathnames larger than MAXPATHLEN allowed an attacker to mount a
malicious XFS image that could crash the system or result in privilege
escalation.


* CVE-2011-4110: Denial of service in kernel key management facilities.

A flaw in the way user-defined key types were handled allowed an
uprivileged local user to crash the system via a NULL pointer
dereference and kernel OOPS.


* CVE-2011-4622: NULL pointer deference in KVM interval timer emulation.

Starting PIT timers in the absence of irqchip support could cause a
NULL pointer dereference and kernel OOPs.


* CVE-2011-4914: Missing bounds checking in ROSE protocol.

Ben Hutchings reported various bounds checking issues within the ROSE
protocol support in the kernel. Remote users could possibly use this
to gain access to sensitive memory or cause a denial of service.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.




More information about the Ksplice-Debian-6.0-Updates mailing list