[Ksplice][Ubuntu-10.10-Updates] New updates available via Ksplice (USN-1183-1)

Keegan McAllister keegan at ksplice.com
Thu Aug 4 15:34:37 PDT 2011


Synopsis: USN-1183-1 can now be patched using Ksplice
CVEs: CVE-2010-4076 CVE-2010-4077 CVE-2011-1090 CVE-2011-1163
CVE-2011-1577 CVE-2011-1598 CVE-2011-1746

Systems running Ubuntu 10.10 Maverick can now use Ksplice to patch
against the latest Ubuntu Security Notice, USN-1183-1.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack on Ubuntu 10.10
Maverick install these updates.  You can install these updates by
running:

# /usr/sbin/uptrack-upgrade -y

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any additional action.


DESCRIPTION

* CVE-2011-1746: Integer overflow in agp_allocate_memory.

An integer overflow flaw in agp_allocate_memory() could allow a
local, unprivileged user to cause a denial of service or escalate
their privileges.


* CVE-2011-1577: Missing boundary checks in EFI partition table parsing.

Timo Warns reported an issue in the Linux implementation for GUID
partitions.  Users with physical access can gain access to sensitive
kernel memory by adding a storage device with a specially crafted
corrupted invalid partition table.


* CVE-2011-1163: Kernel information leak parsing malformed OSF partition tables.

A buffer overflow flaw in the DEC Alpha OSF partition implementation
in the Linux kernel could allow a local attacker to cause an
information leak by mounting a disk that contains specially-crafted
partition tables.


* CVE-2011-1598: Denial of service in CAN/BCM protocol.

Dave Jones reported an issue in the Broadcast Manager Controller Area
Network (CAN/BCM) protocol that may allow local users to cause a NULL
pointer dereference, resulting in a denial of service.


* CVE-2011-1090: Denial of service in NFSv4 client.

An inconsistency was found in the interaction between the Linux kernel's
method for allocating NFSv4 (Network File System version 4) ACL data and
the method by which it was freed. This inconsistency led to a kernel panic
which could be triggered by a local, unprivileged user with files owned by
said user on an NFSv4 share.


* Improved fix for CVE-2010-4077.

Ubuntu provided an improved patch for the CVE-2010-4077 security issue.


* Improved fix for CVE-2010-4076.

Ubuntu provided an improved patch for the CVE-2010-4076 security issue.

SUPPORT

Ksplice support is available at support at ksplice.com or +1 765-577-5423.



More information about the Ubuntu-10.10-Updates mailing list