From andersk at ksplice.com  Sat Oct 23 18:50:34 2010
From: andersk at ksplice.com (Anders Kaseorg)
Date: Sat, 23 Oct 2010 21:50:34 -0400 (EDT)
Subject: [Ksplice][Fedora-13-Updates] New updates available via Ksplice
	(FEDORA-2010-16595)
Message-ID: <alpine.DEB.2.00.1010232149350.16651@dr-wily.mit.edu>

Synopsis: FEDORA-2010-16595 can now be patched using Ksplice
CVEs: CVE-2010-3432

Systems running Fedora 13 can now use Ksplice to patch against the
latest Fedora security update, FEDORA-2010-16595.


INSTALLING THE UPDATES

We recommend that all Ksplice Uptrack Fedora 13 users install these
updates.  You can install these updates by running:

# uptrack-upgrade -y


DESCRIPTION

* CVE-2010-3432: Remote denial of service vulnerability in SCTP.

The sctp_outq_flush() function can call sctp_packet_reset() on a
packet structure that has already been filled with chunks.  This
resets the packet length but does not remove the chunks from the list;
the SCTP code then re-initializes the packet, which because of the
incorrect length could overflow the skb, resulting in a kernel panic.


SUPPORT

Ksplice support is available at support at ksplice.com or +1 765-577-5423.