[Ksplice-Fedora-27-updates] New Ksplice updates for Fedora 27 (FEDORA-2018-bccbdbe5c3 )
Oracle Ksplice
ksplice-support_ww at oracle.com
Fri Apr 6 10:54:27 PDT 2018
Synopsis: FEDORA-2018-bccbdbe5c3 can now be patched using Ksplice
Systems running Fedora 27 can now use Ksplice to patch against the
latest Fedora kernel update, FEDORA-2018-bccbdbe5c3 .
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack running Fedora 27
install these updates.
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.
Alternatively, you can install these updates by running:
# /usr/sbin/uptrack-upgrade -y
DESCRIPTION
* Denial-of-service with Bluetooth HCI send failure.
A logic error in the Bluetooth code could allow a double free to occur in
cases of a HCI send failure, leading to possible memory corruption or a
kernel crash. A local user could exploit this to cause a denial-of-service.
* Memory leak in Snapdragon SoC driver when failing to get pages.
A logic error in the Snapdragon SoC driver causes a memory leak when
the get pages code fails. This could be exploited to cause a
denial-of-service.
* Memory leak in MMC Extended CSD retrieval.
A missing free in the MMC code could lead to a memory leak after retrieving
the Extended CSD for a card. This could be used to cause a denial-of-service.
* NULL pointer dereference in AC100 RTC driver interrupts.
A race condition in the AC100 RTC driver could lead to a NULL pointer
dereference and kernel panic. This could cause a denial-of-service.
* Denial-of-service in Infiniband MLX5 Shared Receive Queue creation.
A failure to validate user input when creating a SRQ in the MLX5 driver
could lead to an integer overflow. A local user could use this flaw to
cause a denial-of-service.
* Information leak in Infiniband VMware Paravirtualized RDMA user ABI.
A failure to properly initialize user structures in the ABI functions for
the Infiniband vmw_pvdma code could result in uninitialized memory being
returned to the user, leading to a kernel information leak.
* Denial-of-service in RDMA UCMA IP multicast join request.
A failure to validate user input in the RDMA User Connection Manager Access
(UCMA) code could lead to an invalid pointer access and subsequent kernel
memory corruption or panic. This could be used to cause a denial-of-service.
SUPPORT
Ksplice support is available at ksplice-support_ww at oracle.com.
More information about the Ksplice-Fedora-27-Updates
mailing list