[Ksplice-Fedora-20-updates] New updates available via Ksplice (FEDORA-2014-11031)

[Oracle Ksplice]

Synopsis: FEDORA-2014-11031 can now be patched using Ksplice
CVEs: CVE-2014-3181 CVE-2014-3186 CVE-2014-6410

Systems running Fedora 20 can now use Ksplice to patch against the
latest Fedora kernel update, FEDORA-2014-11031.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack on Fedora 20 install
these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* Kernel panic in keyring garbage collection.

The kernel does not correctly handle removing a large amount of
cryptographic keys from the kernel keyring which can lead to a NULL
pointer dereference and kernel panic.


* CVE-2014-3181: Memory corruption in Apple Magic Mouse USB driver.

The Apple Magic Mouse USB driver does not correctly validate event data
allowing a malicious USB device to trigger kernel memory corruption and
potentially gain elevated privileges.


* CVE-2014-3186: Memory corruption in PicoLCD USB driver.

The PicoLCD USB driver does not correctly validate event data allowing a
malicious USB device to trigger kernel memory corruption and potentially
gain elevated privileges.


* CVE-2014-6410: Denial of service in UDF filesystem parsing.

The kernel UDF filesystem driver does not correctly validate indirect
inodes allowing a malicious user to cause a kernel panic by mounting a
UDF volume with deeply nested indirect inodes.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.