[Ksplice-Fedora-20-updates] New updates available via Ksplice (FEDORA-2014-3094)

Oracle Ksplice ksplice-support_ww at oracle.com
Mon Mar 3 03:44:22 PST 2014 

Synopsis: FEDORA-2014-3094 can now be patched using Ksplice

Systems running Fedora 20 can now use Ksplice to patch against the
latest Fedora kernel update, FEDORA-2014-3094.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack on Fedora 20 install
these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* Denial-of-service in VFS subsystem when allocating a file descriptor.

A flaw in the VFS subsystem could result in OOM killer being triggered and
potentially result in a denial-of-service. An attacker could use this flaw
to cause a denial-of-service.


* Memory leak in NFS when creating symlinks.

Incorrect reference counting in the management of symlinks in the NFS
driver code leads to a memory leak. A local, unprivileged user could use
this flaw to exhaust the memory on the system and cause a
denial-of-service.


* Information leak in mac80211 when transferring fragmented packet.

A flaw in the mac80211 stack could result in leaking 8 bytes of plain text
in the air. An attacker, physically in the range of the WiFi network, could
use this flaw to obtain sensitive informations.


* NULL pointer dereference in SPI generic driver when transferring one message.

A flaw in the SPI generic driver code when transferring one message results
in a double free and NULL pointer dereference. A local, privileged user
could use this flaw to cause a denial-of-service.


* Kernel panic in SiRF serial driver on data receival.

Incorrect locking in the SiRF serial driver could result in unlocking twice
the same spinlock, leading to a kernel panic. A local, privileged user
could use this flaw to cause a denial-of-service.


* Out of bounds memory access in raw char device driver upon binding.

Incorrect input validation in the raw character device driver could lead to
out of bounds memory access, potentially leading to kernel crash. A local,
privileged user could use this flaw to cause a denial-of-service.


* Wrong permissions check in lustre driver when retrieving user quota.

A logic error in the lustre driver code forbids a user from retrieving his
own quota, but will let him retrieve quota for any other users.


* NULL pointer dereference in impedance analyzer driver initialization.

An incorrect check after an allocation leads to a NULL pointer dereference
and kernel crash. A local, privileged user could use this flaw to cause a
denial-of-service.


* Memory leak in Intel management engine interface in the suspend path.

A race condition in the Intel management engine interface driver could lead
to a memory leak during the suspend/resume path. A local, privileged user
could use this flaw to cause a denial-of-service.


* Soft lockup in block lib driver when discarding a device.

A race condition in the block lib driver could result in soft lock under
specific conditions. A local, privileged user could use this flaw to cause
a denial-of-service.


* Signed underflow in the Intel many integrated core host driver.

A logic error in the Intel many integrated core host driver could lead to a
signed underflow error, potentially leading to a kernel crash. A local,
privileged user could use this flaw to cause a denial-of-service.


* NULL pointer dereference in MAX17040 fuel gauge driver on probing.

A missing check in the MAX17040 fuel gauge driver could result in a NULL
pointer dereference. A local, privileged user could use this flaw to cause
a denial-of-service.


* Use-after-free in target core module subsystem.

A use-after-free in the target core driver could result in a kernel
crash. An attacker could use this flaw to cause a denial-of-service.


* Denial-of-service in the EDAC core subsystem when setting a 0 timeout.

A lack of input validation in the EDAC core subsystem allowed a timeout of
0, which leads to a kernel crash. A local, privileged user could use this
flaw to cause a denial-of-service.


* Deadlock in EHCI USB2 controller driver when handling an interrupt.

Incorrect locking in the EHCI driver code could lead to a deadlock,
resulting in a denial-of-service under specific conditions.


* Denial-of-service in block subsystem when switching elevators.

A race condition in the request iterator for block devices could lead to a
kernel crash. A local, privileged user could use this flaw to cause a
denial-of-service.


* Denial-of-service in ftrace subsystem when using function graph caller.

A race condition in the ftrace subsystem could lead to a kernel crash under
specific conditions. A local, privileged user could use this flaw to cause
a denial-of-service.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.

More information about the Ksplice-Fedora-20-Updates mailing list