[Ksplice][Fedora-14-Updates] New updates available via Ksplice (FEDORA-2011-14747)
Tim Abbott
tim.abbott at oracle.com
Mon Oct 31 11:01:54 PDT 2011
Synopsis: FEDORA-2011-14747 can now be patched using Ksplice
CVEs: CVE-2011-1161 CVE-2011-1162 CVE-2011-3353 CVE-2011-3638
Systems running Fedora 14 can now use Ksplice to patch against the
latest Fedora security update, FEDORA-2011-14747.
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack on Fedora 14 install
these updates. You can install these updates by running:
# /usr/sbin/uptrack-upgrade -y
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any additional action.
DESCRIPTION
* CVE-2011-3353: Buffer overflow in FUSE filesystem.
In the fuse filesystem, FUSE_NOTIFY_INVAL_ENTRY did not check the
length of the write so the message processing could overrun and result
in a BUG_ON() in fuse_copy_fill(). This flaw could be used by local
users able to mount FUSE filesystems to crash the system.
* CVE-2011-1161: Information leak in transmission logic of TPM driver.
A missing buffer size check in tpm_transmit could allow leaking of
potentially sensitive kernel memory.
* CVE-2011-1162: Information leak in TPM driver.
A buffer in tpm_read was not initialized before being returned to
userspace, leading to a leak of potentially sensitive kernel memory.
* CVE-2011-3638: Disk layout corruption bug in ext4 filesystem.
When splitting two extents in ext4_ext_convert_to_initialized(), an
extent was incorrectly not dirtied, resulting in the disk layout being
corrupted, which will eventually cause a kernel crash.
SUPPORT
Ksplice support is available at support at ksplice.com or +1 765-577-5423.
More information about the Ksplice-Fedora-14-Updates
mailing list