[Ksplice-Fedora-26-updates] New Ksplice updates for Fedora 26 ( FEDORA-2017-3202aed903)

[Oracle Ksplice]

Synopsis:  FEDORA-2017-3202aed903 can now be patched using Ksplice
CVEs: CVE-2017-14497

Systems running Fedora 26 can now use Ksplice to patch against the
latest Fedora kernel update,  FEDORA-2017-3202aed903.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running Fedora 26
install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* Denial-of-service when validating UDP packet.

Incorrect handling of incoming UDP packet with bad checksum results in
an infinite loop in the networking subsystem. A remote attacker can
exploit this to cause denial-of-service.


* Denial-of-service in Kernel Connection Multiplexer (KCM) subsystem.

Attaching a KCM socket to another non-TCP KCM socket results in a
deadlock. An unprivileged local user can exploit this to cause denial of
service.


* CVE-2017-14497: Buffer overflow when setting options of AF_PACKET socket.

Missing check when setting options of AF_PACKET socket could lead to a
buffer overflow caused by user inputs. A local attacker could use this
flaw to cause a denial-of-service.


* Denial-of-service when reading negative key.

Invalid memory access when reading key negative from kernel key management
facility results in a crash. An unprivileged local user can exploit this
to cause denial-of-service.


* Denial-of-service in Mellanox core driver.

Type confusion in Mellanox core driver results in out-of-bound memory
access when transmitting small packets. A malicious local user may
exploit this to cause denial-of-service.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.