[Ksplice][Fedora-14-Updates] New updates available via Ksplice (FEDORA-2011-16346)
Tim Abbott
tim.abbott at oracle.com
Tue Nov 29 12:15:44 PST 2011
Synopsis: FEDORA-2011-16346 can now be patched using Ksplice
CVEs: CVE-2011-4110 CVE-2011-4132 CVE-2011-4326
Systems running Fedora 14 can now use Ksplice to patch against the
latest Fedora security update, FEDORA-2011-16346.
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack on Fedora 14 install
these updates. You can install these updates by running:
# /usr/sbin/uptrack-upgrade -y
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any additional action.
DESCRIPTION
* CVE-2011-4132: Denial of service in Journaling Block Device layer.
A flaw in the way the Journaling Block Device (JBD) layer handled an
invalid log first block value allowed an attacker to mount a malicious
ext3 or ext4 image that would crash the system.
* CVE-2011-4326: Denial of service in IPv6 UDP Fragmentation Offload.
A flaw was found in the way the Linux kernel handled fragmented IPv6
UDP datagrams over the bridge with UDP Fragmentation Offload (UFO)
functionality on. A remote attacker could use this flaw to cause a
denial of service.
* CVE-2011-4110: Denial of service in kernel key management facilities.
A flaw in the way user-defined key types were handled allowed an
uprivileged local user to crash the system via a NULL pointer
dereference and kernel OOPS.
SUPPORT
Ksplice support is available at support at ksplice.com or +1 765-577-5423.
More information about the Ksplice-Fedora-14-Updates
mailing list