[Ksplice-Fedora-19-updates] New updates available via Ksplice (FEDORA-2013-18285)

[Oracle Ksplice]

Synopsis: FEDORA-2013-18285 can now be patched using Ksplice

Systems running Fedora 19 can now use Ksplice to patch against the
latest Fedora kernel update, FEDORA-2013-18285.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack on Fedora 19 install
these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* Resource leak in CIFS client under low memory conditions.

The kernel CIFS client does not free file resources when opening a file on a CIFS
share fails, leading to a kernel memory leak and kernel panic.


* NULL pointer dereference in USB device controller removal.

The USB gadget driver does not validate a pointer when removing a USB gadget
device leading to a NULL pointer dereference and kernel panic.


* Information leak in DRM MODE_GETFB ioctl.

A missing capability check in the MODE_GETFB ioctl allows processes with hardware-
accelerated rendering to arbitrarily read and write the current screen framebuffer.


* Use-after-free in filesystem data integrity tracking.

The kernel data integrity tracking mechanism incorrectly uses a freed pointer
when closing files leading to a use-after-free condition and kernel panic.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.