[Ksplice][RHEL 5 Updates] New updates available via Ksplice (RHSA-2012:1174-1)

[Sasha Levin]

Synopsis: RHSA-2012:1174-1 can now be patched using Ksplice
CVEs: CVE-2012-2313

Systems running Red Hat Enterprise Linux 5 can now use Ksplice to
patch against the latest Red Hat Security Advisory, RHSA-2012:1174-1.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack on RHEL 5 install these
updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* ext4 filesystem corruption on fallocate.

Attempting to fallocate() a file over 4GB with insufficient space on an
ext4 filesystem could result in corruption of the filesystem image.


* CVE-2012-2313: Privilege escalation in the dl2k NIC.

The D-LINK dl2k network card was missing permission checks in the ioctl
handling function. This would allow an unprivileged user to reconfigure
the low-level link device and trigger a denial-of-service.


* Kernel panic when overcommiting memory with NFSd.

When using shmem objects over NFSd and overcommiting, the kernel may
panic due to a NULL pointer dereference in the memory management
subsystem.


* Arithmetic overflow in clock source calculations on 32 bit kernels.

An insufficiently designed calculation in the CPU accelerator in the
previous kernel caused an arithmetic overflow in the sched_clock()
function when system uptime exceeded 208.5 days. This overflow led to
a kernel panic on the systems using the Time Stamp Counter (TSC) or
Virtual Machine Interface (VMI) clock source. This update corrects the
aforementioned calculation so that this arithmetic overflow and kernel
panic can no longer occur under these circumstances.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.