[Ksplice][Debian 7.0 Updates] New updates available via Ksplice (DSA-3128-1)

Oracle Ksplice ksplice-support_ww at oracle.com
Fri Jan 16 05:40:09 PST 2015 

Synopsis: DSA-3128-1 can now be patched using Ksplice
CVEs: CVE-2013-6885 CVE-2014-8133 CVE-2014-9419 CVE-2014-9529 CVE-2014-9584

Systems running Debian 7.0 Wheezy can now use Ksplice to patch against
the latest Debian Security Advisory, DSA-3128-1.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack on Debian 7.0 Wheezy
install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* CVE-2013-6885: Denial-of-service on AMD processors.

Under a highly specific and detailed set of internal timing conditions, a
locked instruction may trigger a timing sequence whereby the write to a
write combined memory type is not flushed, causing the locked instruction
to stall indefinitely. A local, unprivileged user could use this flaw to
cause a denial-of-service.


* CVE-2014-8133: Information leak in thread area of 32-bit KVM guests.

The espfix implementation which prevents kernel information leaking to
unprivileged guests can be bypassed by creating a custom thread area. A
local unprivileged user could potentially use this flaw to leak stack
addresses.


* CVE-2014-9529: Use-after-free when garbage collecting keys.

A logic error when garbage collecting cryptographic keys leads to a
user-after-free and kernel panic. A local user could use this flaw to crash
the kernel and cause a denial-of-service.


* CVE-2014-9584: Out-of-bounds memory access in ISO filesystem when printing ER records.

A missing input validation when printing ER records on the iso9660 driver
could lead to an out-of-bounds memory write, potentially leading to a
kernel panic.  A local attacker could use a corrupted ISO file to cause a
denial-of-service.


* CVE-2014-9419: Address leak on context switch bypasses ASLR.

A flaw in the context switch code could lead to leaking another thread's
local storage area.  A local, unprivileged user could use this flaw to gain
information about another process address space mappings and bypass address
space layout randomization.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.

More information about the Ksplice-Debian-7.0-Updates mailing list