[Ksplice-Fedora-20-updates] New updates available via Ksplice (FEDORA-2014-1726)

Mon Feb 3 10:35:12 PST 2014

Synopsis: FEDORA-2014-1726 can now be patched using Ksplice

Systems running Fedora 20 can now use Ksplice to patch against the
latest Fedora kernel update, FEDORA-2014-1726.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack on Fedora 20 install
these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y

DESCRIPTION

* Use-after-free in GFS2 filesystem with parallel close/chown.

Incorrect reference counting in the GFS2 chown syscall could lead to a
use-after-free. A local, privileged user, could use this flaw to cause a
denial-of-service.

* Data corruption on NFS mounts during writeback.

Incorrect handling of inode writeback could result in data corruption of
NFS mounted filesystems under specific conditions.

* NULL pointer dereference in selinux code when checking inode permission.

A race condition in the selinux code could lead to a NULL pointer
dereference and kernel panic. A local, unprivileged user could use this
flaw by opening and closing files in parallel to cause a denial-of-service.

* Denial-of-service in transparent huge subsystems when copying huge page.

Incorrect logic in the transparent huge page subsystem could lead to a
general protection fault and kernel panic. A local, unprivileged user could
use this flaw to cause a denial-of-service.

* Data corruption on NILFS2 with a filesystem nearly full.

Incorrect logic in the NILFS2 filesystem code could result in data
corruption under specific conditions.

* NULL pointer dereference in Raid10 subsystem during recovery.

Incorrect locking in the Raid10 subsystem could result in a use-after-free
and NULL pointer dereference. A local, privileged user could a specially
crafted block device to cause a denial-of-service.

* Denial-of-service in Raid10 subsystem when handling known bad blocks.

Incorrect calculation of the number of sectors handled in RAID10 could
potentially lead to a kernel crash. A local, privileged user could use a
specially crafted block device to cause a denial of service.

* Deadlock in Intel graphic card driver when setting hardware state.

Incorrect locking in the Intel graphic card driver could result in a
deadlock under specific conditions. An attacker could use this flaw to
cause a denial-of-service.

* Denial-of-service in power management when Intel graphic driver fails on init.

Missing removal of power management callbacks in the Intel graphic driver
initialization error path could result in a kernel crash.

* Denial-of-service in Atheros 9k driver when updating supported rates.

Incorrect locking in the Atheros 9k driver could result in a sleep while in
atomic kernel crash. An attacker could use this flaw to cause a
denial-of-service.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.