[Ksplice-Fedora-21-updates] New updates available via Ksplice (FEDORA-2015-3599)

Tue Mar 17 08:41:57 PDT 2015

Synopsis: FEDORA-2015-3599 can now be patched using Ksplice

Systems running Fedora 21 can now use Ksplice to patch against the
latest Fedora kernel update, FEDORA-2015-3599.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack on Fedora 21 install
these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y

DESCRIPTION

* Insufficient randomness in random device mixing function.

The mixing function in the kernel random number generator incorrectly
mixed random data sourced from timer interrupts which reduces the
entropy of the kernel random number generator.

* Consistency check bypass in Xen SCSI backend driver.

A race condition in the Xen SCSI backend driver can allow guests to
bypass certain consistency checks which could trigger a crash in the
host.

* Kernel panic when reading pagemap procfs file.

Incorrect locking when reading the /proc/pid/pagemap procfs file can
trigger a kernel assertion and kernel panic. A unprivileged local user
can use this flaw to a denial of service.

* Denial of service when decoding NFSv4.1 sequence operations.

The kernel NFSv4.1 client tries to free invalid memory when decoding NFS
sequence operations which can trigger a kernel panic. This flaw can be
triggered by remote users.

* Security bypass in kernel pseudo terminal subsystem.

The kernel pseudo-terminal (PTY) subsystem does not enforce restrictions
on which users can signal processes which allows local unprivileged
users to send arbitrary signals to privileged process.

* Use-after-free in USB Host Controller Device driver.

Incorrect memory management in he USB Host Controller Driver (HCD) can
trigger a use-after-free condition and kernel panic.

* Denial of service in XFS quota management.

The kernel XFS filesystem driver does not reset quota metadata when
removing and creating files which can trigger an assertion failure and
kernel panic. A local user able to write to an XFS filesystem could use
this flaw to trigger a denial of service.

* Memory corruption when mounting malformed JFFS2 disk images.

The kernel JFFS2 filesystem driver does no validate the eraseblock which
can trigger an assertion and kernel panic.

* Use-after-free when disconnecting CephFS client.

A race condition when closing a connection to a CephFS service can
trigger a use-after-free condition and kernel panic.

* Memory corruption when mounting malformed UDF disk images.

The kernel UDF filesystem driver, used by some CD-ROMs and DVDs, does
not validate overly long extended attributes which can trigger kernel
memory corruption and a kernel panic.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.