[Ksplice][Debian 6.0 Updates] New updates available via Ksplice (DSA-2632-1)

Vegard Nossum vegard.nossum at oracle.com
Sat Mar 2 13:29:41 PST 2013


Synopsis: DSA-2632-1 can now be patched using Ksplice
CVEs: CVE-2013-0871

Systems running Debian 6.0 Squeeze can now use Ksplice to patch
against the latest Debian Security Advisory, DSA-2632-1.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack on Debian 6.0 Squeeze
install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* CVE-2013-0871: Privilege escalation in PTRACE_SETREGS.

A race condition in ptrace can lead to kernel stack corruption allowing
an attacker to control execution and possible escalate privileges.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.





More information about the Ksplice-Debian-6.0-Updates mailing list