[Ksplice-Fedora-26-updates] New Ksplice updates for Fedora 26 (FEDORA-2017-f9f3d80442)
Oracle Ksplice
ksplice-support_ww at oracle.com
Wed Dec 6 19:21:16 PST 2017
Synopsis: FEDORA-2017-f9f3d80442 can now be patched using Ksplice
Systems running Fedora 26 can now use Ksplice to patch against the
latest Fedora kernel update, FEDORA-2017-f9f3d80442.
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack running Fedora 26
install these updates.
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.
Alternatively, you can install these updates by running:
# /usr/sbin/uptrack-upgrade -y
DESCRIPTION
* Divide-by-zero in TCP New Vegas congestion control packet ack.
In rare cases, a logic flaw in the TCP New Vegas congestion control
algorithm could allow a divide-by-zero when acknowledging a packet,
causing a denial-of-service.
* Divide-by-zero when probing USB network devices.
USB network devices using the Communications Device Class or Qualcomm
MSM Interface protocols could potentially maliciously cause a
denial-of-service by presenting invalid functional descriptors and
causing a divide-by-zero.
* Denial-of-service when receiving from QMI WWAN device in raw IP mode.
Missing initialization code could cause a kernel oops and
denial-of-service when receiving packets from a QMI WWAN device in raw
IP mode.
* Memory leak in TCP generic segmentation offload with unusual buffers.
When disassembling a TCP generic segmentation offload buffer, some of the
resulting buffers might incorrectly be leaked if their sizes were not as
expected.
* Use-after-free in VLAN event handling due to incorrect reference counting.
Incorrect reference counting of a VLAN information structure could allow
a race condition, potentially allowing the structure to be freed while
still in use and causing memory corruption.
* Denial-of-service in Mellanox mlx5 ethernet page reuse code.
In rare cases, failing to allocate a DMA page could cause the page
structure to be double-freed, corrupting memory or causing a
denial-of-service.
* Information leak via IPv6 SCTP scope ids.
The IPv6 SCTP driver fails to initialize the scope_id field of the ipv6
address in some cases, potentially leaking information from the kernel
stack onto the network.
* Information leak via Trusted Platform Module communications buffer.
When transmitting a TPM command, the length of the buffer is not
properly checked, potentially allowing the buffer to contain
uninitialized data.
* Kernel information leak via mincore syscall.
When checking if memory pages are present via the mincore syscall,
walk_huge_tlbrange() does not properly check for missing pages in the
TLB range, potentially allowing mincore to return uninitialized data.
* Deadlock in OCFS2 when modifying attributes.
A lock ordering issue when modifying file attributes on the OCFS2
filesystem could in rare cases cause a deadlock and denial-of-service.
* Denial-of-service in page extension lookup code.
When allocating space for memory page extensions, certain edge cases are
not properly checked unless CONFIG_DEBUG_VM is enabled. This could lead
to an unhandled page fault and denial-of-service.
* Information leak via fsync in Coda filesystem.
Calling fsync on the Coda filesystem causes a larger-than-necessary
buffer to be copied to userspace via upcall, potentially leaking kernel
information to userspace.
* Double-free in Hauppauge HD video recorder probe.
Incorrect error handling when tearing down from a failed probe in the
Hauppauge HD video recorder driver could cause memory to be freed
multiple times, resulting in memory corruption or a denial-of-service.
SUPPORT
Ksplice support is available at ksplice-support_ww at oracle.com.
More information about the Ksplice-Fedora-26-Updates
mailing list