[Ksplice][Fedora-14-Updates] New updates available via Ksplice (FEDORA-2011-16346)

[Tim Abbott]

Synopsis: FEDORA-2011-16346 can now be patched using Ksplice
CVEs: CVE-2011-4110 CVE-2011-4132 CVE-2011-4326

Systems running Fedora 14 can now use Ksplice to patch against the
latest Fedora security update, FEDORA-2011-16346.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack on Fedora 14 install
these updates.  You can install these updates by running:

# /usr/sbin/uptrack-upgrade -y

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any additional action.


DESCRIPTION

* CVE-2011-4132: Denial of service in Journaling Block Device layer.

A flaw in the way the Journaling Block Device (JBD) layer handled an
invalid log first block value allowed an attacker to mount a malicious
ext3 or ext4 image that would crash the system.


* CVE-2011-4326: Denial of service in IPv6 UDP Fragmentation Offload.

A flaw was found in the way the Linux kernel handled fragmented IPv6
UDP datagrams over the bridge with UDP Fragmentation Offload (UFO)
functionality on.  A remote attacker could use this flaw to cause a
denial of service.


* CVE-2011-4110: Denial of service in kernel key management facilities.

A flaw in the way user-defined key types were handled allowed an
uprivileged local user to crash the system via a NULL pointer
dereference and kernel OOPS.

SUPPORT

Ksplice support is available at support at ksplice.com or +1 765-577-5423.