[Ksplice][Fedora-17-updates] New updates available via Ksplice (FEDORA-2012-18684)
Phil Turnbull
phil.turnbull at oracle.com
Thu Nov 22 11:31:15 PST 2012
Synopsis: FEDORA-2012-18684 can now be patched using Ksplice
CVEs: CVE-2012-4461
Systems running Fedora 17 can now use Ksplice to patch against the
latest Fedora kernel update, FEDORA-2012-18684.
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack on Fedora 17 install
these updates.
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.
Alternatively, you can install these updates by running:
# /usr/sbin/uptrack-upgrade -y
DESCRIPTION
* Use-after-free in Atheros Wireless driver.
A use-after-free condition can be triggered when the Atheros driver
tears down a wireless session leading to a kernel panic.
* Kernel panic in 802.11 frame parsing.
The generic 802.11 wireless driver does not correctly handle truncated
non-management frames leading to an out-of-bounds read and kernel
panic. This issue may be triggered by a remote attacker.
* Kernel panic in 802.11 EAPOL parsing.
The generic 802.11 wireless driver does not correctly handle truncated
EAP-over-LAN frames leading to an out-of-bounds read and kernel panic.
This issue may be triggered by a remote attacker.
* Memory leak in IPsec and IP fragment reassembly.
The kernel IPsec implementation and IPv4/IPv6 stack do not correctly
free memory leading to a memory leak when processing fragmented packets.
* Use-after-free in L2TP Ethernet session.
The kernel L2TP driver does not correctly handle failing to initialise
a L2TPv3 Ethernet session leading to a use-after-free and kernel panic.
* Memory corruption in USB audio driver.
Memory corruption can be triggered in the USB audio driver when
restarting a PCM audio stream leading to a kernel panic.
* Memory corruption in USB EHCI driver.
The USB EHCI driver does not properly construct isochronous USB requests
leading to memory corruption in the USB core driver under certain workloads.
* Kernel panic in USB serial driver.
The USB serial driver uses an incorrect offset when probing Keyspan
USB serial adapters leading to a kernel panic.
* CVE-2012-4461: Kernel panic KVM XSAVE support.
On machines without XSAVE instruction support a malicious guest can
cause a host kernel panic via the SET_SREGS ioctl.
SUPPORT
Ksplice support is available at ksplice-support_ww at oracle.com.
More information about the Ksplice-Fedora-17-Updates
mailing list