[Ksplice][Debian 6.0 Updates] New updates available via Ksplice (DSA-2443-1)
Nelson Elhage
nelson.elhage at oracle.com
Tue Mar 27 15:11:26 PDT 2012
Synopsis: DSA-2443-1 can now be patched using Ksplice
CVEs: CVE-2009-4307 CVE-2011-1833 CVE-2011-4347 CVE-2012-0045
CVE-2012-1090 CVE-2012-1097
Systems running Debian 6.0 Squeeze can now use Ksplice to patch
against the latest Debian Security Advisory, DSA-2443-1.
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack on Debian 6.0 Squeeze
install these updates. You can install these updates by running:
# /usr/sbin/uptrack-upgrade -y
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any additional action.
DESCRIPTION
* CVE-2009-4307: Divide-by-zero mounting an ext4 filesystem.
A divide-by-zero flaw was found in the ext4 file system code. A local
attacker could use this flaw to cause a denial of service by mounting
a specially-crafted ext4 file system.
* CVE-2011-1833: Information disclosure in eCryptfs.
Vasiliy Kulikov of Openwall and Dan Rosenberg discovered that eCryptfs
incorrectly validated permissions on the requested source directory. A
local attacker could use this flaw to mount an arbitrary directory,
possibly leading to information disclosure.
* Denial of service in Video4Linux2 ioctls.
An integer overflow in video_usercopy in the Video4Linux2 subsystem
may cause access to invalid memory.
* Memory corruption in the Direct Rendering Manager.
A race condition in the Direct Rendering Manager may allow an
unprivileged user to corrupt kernel memory.
* Buffer overflow in the relay filesystem.
The relayfs filesystem did not properly check for integer overflows
when processing certain user-provided lengths. An unprivileged user could
exploit this to overflow the relevant buffers and corrupt kernel memory.
* CVE-2012-1090: Denial of service in the CIFS filesystem reference counting.
Under certain circumstances, the CIFS filesystem would open files on
lookup. If the file was determined later to be a FIFO or any other
special file the file handle would be leaked, leading to reference
counting mismatch and a kernel OOPS on unmount.
An unprivileged local user could use this flaw to crash the system.
* CVE-2012-1097: NULL pointer dereference in the ptrace subsystem.
Under certain circumstances, ptrace-ing a process could lead to a NULL
pointer dereference and kernel panic.
* Denial of service truncating eCryptfs files.
On 32bit systems, when truncating a file, the integer holding the file size
could overflow, which would put the write operation in an infinite loop in
the kernel.
* CVE-2011-4347: Denial of service in KVM device assignment.
Several bugs that allowed unprivileged users to improperly assign
devices to KVM guests could result in a denial of service.
* CVE-2012-0045: Denial of service in KVM system call emulation.
A bug in the system call emulation for allowed local users on a 32-bit
KVM guest system to cause the guest system to panic.
SUPPORT
Ksplice support is available at ksplice-support_ww at oracle.com.
More information about the Ksplice-Debian-6.0-Updates
mailing list