[Ksplice][Debian 7.0 Updates] New updates available via Ksplice (DSA-2992-1)

[Oracle Ksplice]

Synopsis: DSA-2992-1 can now be patched using Ksplice
CVEs: CVE-2014-4667 CVE-2014-4943 CVE-2014-5077

Systems running Debian 7.0 Wheezy can now use Ksplice to patch against
the latest Debian Security Advisory, DSA-2992-1.

Please note that the Ksplice update for CVE-2014-5077 is not part of the distribution release, but our audit showed that a number of our customers were affected by the vulnerability so we felt it was important to ship early.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack on Debian 7.0 Wheezy
install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* CVE-2014-4943: Privilege escalation in PPP over L2TP setsockopt/getsockopt.

PPP over L2TP sockets incorrectly used UDP's getsockopt and setsockopt
as a fallback handler. Since UDP's implementation expects different
data structures, a local attacker could corrupt kernel memory and gain
root privileges.


* CVE-2014-5077: Remote denial-of-service in SCTP on simultaneous connections.

Linux kernel built with the support for Stream Control Transmission
Protocol is vulnerable to a NULL pointer dereference flaw. It could occur
when simultaneous new connections are initiated between the same pair of
hosts. A remote user/program could use this flaw to crash the system kernel
resulting in denial-of-service.


* CVE-2014-4667: Denial-of-service in SCTP stack when unpacking a COOKIE_ECHO chunk.

Incorrect reference counting in the error path of sctp_unpack_cookie()
could corrupt the backlog reference counter, preventing any future SCTP
association. A remote attacker could use this flaw to cause a
denial-of-service.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.