[Ksplice-Fedora-19-updates] New updates available via Ksplice (FEDORA-2014-9449)
Oracle Ksplice
ksplice-support_ww at oracle.com
Tue Aug 19 09:21:07 PDT 2014
Synopsis: FEDORA-2014-9449 can now be patched using Ksplice
CVEs: CVE-2014-5206 CVE-2014-5207
Systems running Fedora 19 can now use Ksplice to patch against the
latest Fedora kernel update, FEDORA-2014-9449.
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack on Fedora 19 install
these updates.
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.
Alternatively, you can install these updates by running:
# /usr/sbin/uptrack-upgrade -y
DESCRIPTION
* Memory leak in binary tree destruction.
Missing memory pool destruction when destroying a binary tree resulted
in a memory leak. Repeatedly creating and destroying a binary tree may
eventually trigger an out-of-memory condition and kernel crash.
* Deadlock in clockevent delta modification.
Circular locking when printing a kernel log message during the
modification of a clockevent timer could result in deadlock and a kernel
hang.
* Use-after-free in out-of-free conditions in memory control groups.
Missing locking could result in a use-after-free condition after
removing a notification eventfd from a memory control group under low
memory conditions.
* Divide-by-zero during page writeback under memory pressure.
Missing validation could result in a divide-by-zero when performing
writeback on a system under memory pressure.
* NULL pointer dereference in IDT Tsi721 PCI Express SRIO Controller.
Missing error handling could result in a NULL pointer dereference when
managing descriptors in a Tsi721 device.
* NULL pointer dereference in 802.11 event tracing.
A missing NULL pointer check could result in a NULL pointer dereference
when tracing the 802.11 wireless subsystem.
* CVE-2014-5206, CVE-2014-5207: Privilege escalation on remount with user namespaces.
Incorrect handling of bind-mounts in a user-namespace could allow an
unprivileged local user to remount a filesystem to make a read-only
filesystem writable or to allow creation of setuid binaries or device
nodes. This could be used to escalate privileges.
* Kernel crash in Broadcom BNX2X driver during TCP offload.
Incorrect unmapping of transmitted packets could result in a kernel
crash when a TCP packet was tunneled using TCP segment offloading.
* Denial-of-service in network sendmsg() calls.
Missing validation of msg_namelen on a sendmsg call could result in a
NULL pointer dereference. A local, unprivileged user could use this
flaw to cause a denial-of-service.
* Invalid memory access in network vectored I/O.
Incorrect handling of a zero length I/O vector could result in
dereferencing an invalid pointer. Under specific conditions this could
result in a kernel crash.
* Deadlock in SCTP packet transmission.
Incorrect locking during SCTP packet transmission could result in
deadlock and a kernel hang.
SUPPORT
Ksplice support is available at ksplice-support_ww at oracle.com.
More information about the Ksplice-Fedora-19-Updates
mailing list