[Ksplice][Fedora-17-updates] New updates available via Ksplice (FEDORA-2013-7826)

[Vegard Nossum]

Synopsis: FEDORA-2013-7826 can now be patched using Ksplice

Systems running Fedora 17 can now use Ksplice to patch against the
latest Fedora kernel update, FEDORA-2013-7826.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack on Fedora 17 install
these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* Denial-of-service in Intel Last Branch Record (LBR) performance filter.

Unvalidated user input could allow a local user to cause the kernel to
read from a user supplied address causing a kernel panic.


* Kernel information leak in Intel Last Branch Record profiling.

Missing permission checks could allow an unprivileged user to extract
kernel address information using the Last Branch Record feature on Intel
devices.


* Kernel crash in IP virtual server SIP persistence engine.

Use of uninitialized memory in the SIP persistence engine could result
in a kernel crash.


* Use-after-free in netfilter ipset management.

Missing reference counting could result in a use-after-free and kernel
crash.


* Denial-of-service in netfilter connection tracking.

Use of uninitialized memory could result in a kernel crash in the
netfilter connection tracking module under user control.


* Memory leak in tree auditing subsystem.

Incorrect reference counting in error situations in the auditing subsystem
could lead to memory leaks. This could potentially be used by a local,
unprivileged user to cause a denial-of-service.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.