[Ksplice][Debian 7.0 Updates] New updates available via Ksplice (DSA-3434-1)

[Oracle Ksplice]

Synopsis: DSA-3434-1 can now be patched using Ksplice
CVEs: CVE-2015-7513 CVE-2015-7550 CVE-2015-8543 CVE-2015-8569 CVE-2015-8575

Systems running Debian 7.0 Wheezy can now use Ksplice to patch against
the latest Debian Security Advisory, DSA-3434-1.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack on Debian 7.0 Wheezy
install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* CVE-2015-8575: Information leak in Bluetooth socket binding.

Lack of input validation when binding a Bluetooth socket could result in
kernel stack memory being leaked to userspace.  A local attacker could use
this flaw to gain information about the running kernel.


* CVE-2015-7550: Denial-of-service when reading and revoking a key concurrently.

A race condition in the cryptographic key management sub-system could lead
to a kernel crash when revoking and reading a key concurrently.  A local,
unprivileged user could use this flaw to cause a denial-of-service.


* CVE-2015-7513: Divide-by-zero in KVM when reloading the programmable interrupt timer.

A missing input sanitization when loading the programmable interrupt timer
counters from userspace could cause KVM to make a division by zero, causing
a kernel crash.  A local user with the capibility to run KVM machines could
use this flaw to cause a denial-of-service.


* CVE-2015-8569: Information leak in point-to-point protocol.

A lack of validating user input could cause kernel stack memory to be
leaked to userspace in the point-to-point bind() and connect() functions.
A local, unprivileged user could use this flaw to gain information about
the running kernel.


* CVE-2015-8543: Denial-of-service on out of range protocol for raw sockets.

It was discovered that a local user permitted to create raw sockets could
cause a denial-of-service by specifying an invalid protocol number for the
socket.


Ksplice will not be providing an update for Xen security                                        
advisories 155 and 157.  Fixing XSA-155 requires updates to the                                 
hypervisor and qemu which are not available through Ksplice.  Xen                               
hosts should reboot into an updated hypervisor, qemu and kernel                                 
to protect against this issue, and live migration may be used to                                
avoid disruption to guests.  Systems other than Xen Dom0s (i.e.                                 
systems not hosting Xen virtual machines) are not vulnerable and                                
do not need to be rebooted in order to remain secure.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.