[Ksplice-Fedora-20-updates] New updates available via Ksplice (FEDORA-2014-3442)

Oracle Ksplice ksplice-support_ww at oracle.com
Thu Mar 6 23:53:54 PST 2014 

Synopsis: FEDORA-2014-3442 can now be patched using Ksplice
CVEs: CVE-2014-0049 CVE-2014-0100 CVE-2014-0101 CVE-2014-0102

Systems running Fedora 20 can now use Ksplice to patch against the
latest Fedora kernel update, FEDORA-2014-3442.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack on Fedora 20 install
these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* CVE-2014-0102: Denial-of-service in keyring cycle detector.

A logic error in the keyring subsystem could lead to a kernel BUG. A local,
unprivileged user could user this flaw to cause a denial-of-service.


* CVE-2014-0049: Code execution in KVM mmio emulator.

A logic error in the KVM code could lead to out of bounds memory accesses,
resulting in a kernel crash or potentially allowing a local user to write
in the host memory. A local, privileged user could use this flaw to elevate
privileges and execute arbitrary code in kernel mode.


* Denial-of-service in TTY subsystem when using low_latency.

Incorrect locking in the TTY subsystem could lead to a deadlock. A local,
unprivileged user could use this flaw to cause a denial-of-service.


* CVE-2014-0100: Remote denial-of-service in the IPv4 fragmentation code.

A race condition in the IPv4 fragmentation code could result in a
use-after-free and kernel crash. A remote user could use this flaw to cause
a denial-of-service.


* CVE-2014-0101: NULL pointer dereference in SCTP protocol.

A flaw was found in the way Linux kernel processed authenticated
COOKIE_ECHO chunks in SCTP protocol. A remote attacker could use this flaw
to cause a denial-of-service by sending a maliciously prepared SCTP
handshake in order to trigger a NULL pointer dereference on the server.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.

More information about the Ksplice-Fedora-20-Updates mailing list