[Ksplice][Ubuntu 10.04 Updates] New updates available via Ksplice (USN-1468-1)
Jessica McKellar
jessica.mckellar at oracle.com
Thu Jun 21 13:09:13 PDT 2012
Synopsis: USN-1468-1 can now be patched using Ksplice
CVEs: CVE-2012-2133
Systems running Ubuntu 10.04 Lucid can now use Ksplice to patch
against the latest Ubuntu Security Notice, USN-1468-1.
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack on Ubuntu 10.04 Lucid
install these updates.
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.
Alternatively, you can install these updates by running:
# /usr/sbin/uptrack-upgrade -y
DESCRIPTION
* CVE-2012-2133: Use-after-free in hugetlbfs quota handling.
A use after free bug in the kernel hugetlb code can allow an authenticated,
unprivileged local attacker to crash the system (and possibly gain higher
privileges) if huge pages are enabled in the system.
SUPPORT
Ksplice support is available at ksplice-support_ww at oracle.com.
More information about the Ksplice-Ubuntu-10.04-Updates
mailing list