[Ksplice-Fedora-26-updates] New Ksplice updates for Fedora 26 ( FEDORA-2017-3202aed903)
Oracle Ksplice
ksplice-support_ww at oracle.com
Wed Oct 4 06:09:53 PDT 2017
Synopsis: FEDORA-2017-3202aed903 can now be patched using Ksplice
CVEs: CVE-2017-14497
Systems running Fedora 26 can now use Ksplice to patch against the
latest Fedora kernel update, FEDORA-2017-3202aed903.
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack running Fedora 26
install these updates.
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.
Alternatively, you can install these updates by running:
# /usr/sbin/uptrack-upgrade -y
DESCRIPTION
* Denial-of-service when validating UDP packet.
Incorrect handling of incoming UDP packet with bad checksum results in
an infinite loop in the networking subsystem. A remote attacker can
exploit this to cause denial-of-service.
* Denial-of-service in Kernel Connection Multiplexer (KCM) subsystem.
Attaching a KCM socket to another non-TCP KCM socket results in a
deadlock. An unprivileged local user can exploit this to cause denial of
service.
* CVE-2017-14497: Buffer overflow when setting options of AF_PACKET socket.
Missing check when setting options of AF_PACKET socket could lead to a
buffer overflow caused by user inputs. A local attacker could use this
flaw to cause a denial-of-service.
* Denial-of-service when reading negative key.
Invalid memory access when reading key negative from kernel key management
facility results in a crash. An unprivileged local user can exploit this
to cause denial-of-service.
* Denial-of-service in Mellanox core driver.
Type confusion in Mellanox core driver results in out-of-bound memory
access when transmitting small packets. A malicious local user may
exploit this to cause denial-of-service.
SUPPORT
Ksplice support is available at ksplice-support_ww at oracle.com.
More information about the Ksplice-Fedora-26-Updates
mailing list