[Ksplice-el7-updates] New updates available via Ksplice (RHSA-2014:1724)

[Oracle Ksplice]

Synopsis: RHSA-2014:1724 can now be patched using Ksplice
CVEs: CVE-2014-3611 CVE-2014-3645 CVE-2014-3646 CVE-2014-4653 CVE-2014-5077

Systems running Red Hat Enterprise Linux 7 can now use Ksplice to
patch against the latest Red Hat Security Advisory, RHSA-2014:1724.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack on RHEL 7 install these
updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* CVE-2014-5077: Remote denial-of-service in SCTP on simultaneous connections.

Linux kernel built with the support for Stream Control Transmission
Protocol is vulnerable to a NULL pointer dereference flaw. It could occur
when simultaneous new connections are initiated between the same pair of
hosts. A remote user/program could use this flaw to crash the system kernel
resulting in denial-of-service.


* Filesystem corruption during block bitmap verification in Ext4 filesystem.

If a filesystem is mounted with the 'errors=continue' option, the code
responsible for doing block bitmap verification will happily accept a
corrupted bitmap. The block allocator may subsequently use the corrupt
bitmap to reuse blocks covered by the bitmap, corrupting the data in
those blocks.


* CVE-2014-4653: Use after free in ALSA card controls.

Missing synchronization in ALSA card controls could lead to a control
being freed while being in use.


* CVE-2014-3611: Denial-of-service in KVM emulated programmable interval timer.

Incorrect locking in the KVM emulated programmable interval timer (PIT)
could crash the host kernel under specific conditions. A local attacker
could use this flaw to cause a denial-of-service in the host KVM.


* Use-after-free in process group scheduling when creating group.

Due to the way new groups are initialised, it is possible for another
thread to see a partially initialised group. This could lead to a
use-after-free error and a subsequent kernel crash.


* CVE-2014-3645 and CVE-2014-3646: KVM guest denial-of-service when using invalid opcodes.

The KVM host emulator does not gracefully handle a KVM guest using the
invept or invvpid opcodes, causing a guest VM exit without proper error
codes being propagated to userspace. A local, unprivileged guest user
could use this flaw to crash a KVM guest VM and cause a denial-of-service.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.