[Ksplice-Fedora-20-updates] New updates available via Ksplice (FEDORA-2014-2952)

[Oracle Ksplice]

Synopsis: FEDORA-2014-2952 can now be patched using Ksplice

Systems running Fedora 20 can now use Ksplice to patch against the
latest Fedora kernel update, FEDORA-2014-2952.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack on Fedora 20 install
these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* User-after-free in NFSv4 filesystem code when closing a session.

A flaw in the NFSv4 filesystem code could lead to a use-after-free when
closing a session potentially resulting in a kernel crash. A local,
privileged user could use this flaw to cause a denial-of-service.


* Race condition in swap subsystem between swapon()/swapoff().

A race condition in the swap subsystem could lead to a use-after-free and
potentially kernel crash. A local, privileged user could use this flaw to
cause a denial-of-service.


* Deadlock in memory management subsystem when setting page_dirty bit.

Incorrect locking in the memory management could lead to a deadlock when
setting the dirty bit. An attacker could use this flaw to cause a
denial-of-service.


* Information leak in MxL111SF USB DTV receiver.

An information leak flaw was found in the MxL111SF USB DTV receiver which,
under certain conditions, could print uninitialized values from the
stack. An attacker could use this flaw to obtain informations about the
running kernel.


* Race condition in video buffer between open() and close().

A race condition in the video buffer subsystem could lead to a deadlock
when video_vm_open()/close() are called concurrently. A local, privileged
user could use this flaw to cause a denial-of-service.


* NULL pointer dereference in CX24417 DVD-S/S2 tuner module.

A flaw in the CX24117 driver code could lead to a NULL pointer dereference
under specific conditions, resulting in a kernel crash. An attacker could
use this flaw to cause a denial-of-service.


* Integer overflow in the b-tree implementation of the block device subsystem.

Incorrect input validation in the b-tree implementation of the block device
subsystem could lead to an integer overflow, resulting in a kernel
crash. An attacker could user this flaw to cause a denial-of-service.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.