[Ksplice-Fedora-19-updates] New updates available via Ksplice (FEDORA-2013-22669)

Mon Dec 9 11:11:44 PST 2013

Synopsis: FEDORA-2013-22669 can now be patched using Ksplice
CVEs: CVE-2013-2929 CVE-2013-2930 CVE-2013-6378 CVE-2013-6380 CVE-2013-6382 CVE-2013-6405

Systems running Fedora 19 can now use Ksplice to patch against the
latest Fedora kernel update, FEDORA-2013-22669.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack on Fedora 19 install
these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y

DESCRIPTION

* CVE-2013-6378: Denial-of-service in Marvell 8xxx Libertas WLAN driver.

Incorrect validation of user supplied data in the Marvell 8xxx Libertas
WLAN driver could allow a privileged user to trigger an invalid pointer
dereference and crash the system.

* CVE-2013-6380: Denial-of-service in Adaptec RAID driver.

Incorrect memory allocations in the Adaptec RAID driver could result in
dereferencing an invalid pointer allowing a local user with the
CAP_SYS_ADMIN privilege to crash the system.

* CVE-2013-2930: Incorrect permissions check in perf ftrace feature.

Incorrect permissions checks could allow a local, unprivileged user to
enable ftrace through the perf subsystem.  This could allow the user to
gain information to bypass ASLR or crash the system.

* Kernel crash in compressed RAM block device (ZRAM) under memory pressure.

Missing allocation checks could result in a NULL pointer deference when
writing to the 'reset' sysfs attribute for a zram device, triggerable by
a privileged user.

* Use-after-free in Ralink rt2x00 device removal.

Incorrect checks for device presence could result in a use-after-free
and kernel crash when removing an active WiFi USB dongle from the
system.

* CVE-2013-2929: Incorrect permissions check in ptrace with dropped privileges.

The ptrace subsystem incorrectly checked the state of the fs.suid_dumpable
sysctl allowing a user to ptrace attach to a process if it had dropped
privileges to that user.

* Memory leak in QXL DRM driver releases.

Releases were incorrectly freed in the QXL DRM driver resulting in a
memory leak and eventual kernel crash on memory exhaustion.

* CVE-2013-6382: Denial-of-service in XFS filesystem ioctls.

Multiple buffer underflows in the XFS implementation in the Linux kernel
could allow local users with the CAP_SYS_ADMIN capability to cause a
denial of service (memory corruption) or possibly have unspecified other
impact.

* CVE-2013-6405: Information leak in recv() system calls.

Kernel stack information could be leaked to userspace when receving from
a socket and the sockaddr had not been updated.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.