[Ksplice-Fedora-19-updates] New updates available via Ksplice (FEDORA-2013-21807)

[Oracle Ksplice]

Synopsis: FEDORA-2013-21807 can now be patched using Ksplice

Systems running Fedora 19 can now use Ksplice to patch against the
latest Fedora kernel update, FEDORA-2013-21807.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack on Fedora 19 install
these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* Kernel BUG in SCTP traffic control.

With certain traffic control configurations, it is possible to hit an
assertion failure which should not be fatal.


* Buffer overrun in the tracing subsystem.

An incorrect bounds check in the kernel tracing subsystem could lead to
writing past the end of a buffer. A privileged local user can use this
flaw to crash the kernel or potentially gain additional privileges.


* Use of uninitialized memory in USB hub configuration.

In low memory situations, due to incorrect error handling, configuring
a USB hub could lead to use of uninitialized memory and a kernel crash.
A person with physical access to the machine could use this flaw to
cause denial of service.


* Kernel panic in UDP/IPv6 fragmentation offloading.

Erroneous size calculations in the UDP fragmentation offloading code
could lead to a kernel panic. A remote user could potentially exploit
this bug to cause denial of service.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.