[Ksplice-Fedora-19-updates] New updates available via Ksplice (FEDORA-2013-23935)
Oracle Ksplice
ksplice-support_ww at oracle.com
Tue Jan 7 07:04:11 PST 2014
Synopsis: FEDORA-2013-23935 can now be patched using Ksplice
Systems running Fedora 19 can now use Ksplice to patch against the
latest Fedora kernel update, FEDORA-2013-23935.
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack on Fedora 19 install
these updates.
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.
Alternatively, you can install these updates by running:
# /usr/sbin/uptrack-upgrade -y
DESCRIPTION
* Memory corruption when freeing DRM imported buffers.
The kernel DRM subsystem does not correctly handle imported buffers in the
Graphics Extension Manager leading to memory corruption and a kernel panic.
* Memory corruption XFS filesystem resizing.
The kernel XFS filesystem driver uses an incorrect offset when resizing V4
filesystem images leading to memory corruption and a kernel panic.
* Use-after-free in NFS duplicate request cache.
Under certain circumstances the kernel NFS server will incorrectly reuse a
Duplicate Request Cache entry leading to a use-after-free condition and kernel
panic.
* Use-after-free in memory control group swapin.
A race condition between destroying a memory control group and swapping in a page
can trigger a use-after-free condition and kernel panic.
* Memory corruption in Intel WiFi driver debugfs.
The debugfs interface to the Intel WiFi driver does not validate station IDs when
writing to the 'sta_drain' file leading to an out-of-bounds read and possible
memory corruption.
* Memory leak in Marvell Wifi-Ex driver.
When re-connecting to an ad-hoc network the Marvell WiFi driver does not free
memory leading to a kernel memory leak and subsequent kernel panic.
* Memory corruption in btrfs IOC_SEND ioctl.
An incorrect access check when processing a BTRFS_IOC_SEND ioctl can allow a local
privileged user to trigger kernel memory corruption and cause a kernel panic.
* Denial-of-service when deleting btrfs subvolumes.
A reference count is not correctly updated if a process is killed when deleting a
subvolume on a btrfs filesystem. This makes it impossible to unmount the
filesystem and leaks kernel resources.
* Use-after-free in block device persistent storage.
A reference counting error in the implementation of on-disk persistent data
structures on block devices can trigger a use-after-free condition and cause a
kernel panic.
* Memory corruption in block device persistent meta-data storage.
A missing error check when allocating meta-data for an on-disk persistent data
structure can trigger memory corruption and a kernel panic.
* Memory corruption in block device TABLE_LOAD ioctl.
The kernel block device driver does not correctly handle large a large number of
targets in the DM_TABLE_LOAD_CMD ioctl leading to memory corruption and a kernel
panic.
* Denial-of-service in NFSv4 client session delegation.
An incorrect assumption in the kernel NFSv4 client can cause the kernel to stop
processing all server responses when handling delegation responses.
* Kernel panic in btrfs defragmentation.
An invalid optimization in the btrfs defragmentation implementation does not
correctly handle existing snapshots leading to a kernel panic.
* Memory leak when reading btrfs extent map.
If an invalid extent map is found when mounting a btrfs filesystem, the extent
map is not freed causing a kernel memory leak and subsequent kernel panic.
* Incorrect default ACLs on btrfs directories.
When creating a directory on a btrfs filesystem which inherits default ACLs from
its parent, an incorrect error check causes the ACLs to be discarded from the
newly created directory.
* Memory corruption in btrfs ordered extents.
Missing synchronization in the btrfs filesystem can trigger memory corruption
when removing ordered extents leading to a kernel panic.
* Kernel panic in btrfs balance operation.
When running a balance operation and defragmentation operation concurrently, an
incorrect assumption in the btrfs filesystem driver can trigger a kernel panic.
SUPPORT
Ksplice support is available at ksplice-support_ww at oracle.com.
More information about the Ksplice-Fedora-19-Updates
mailing list