[Ksplice][Ubuntu-10.10-Updates] New updates available via Ksplice (USN-1090-1)

[Reid Barton]

Synopsis: USN-1090-1 can now be patched using Ksplice
CVEs: CVE-2010-4075 CVE-2010-4077 CVE-2010-4175 CVE-2010-4668

Systems running Ubuntu 10.10 Maverick can now use Ksplice to patch
against the latest Ubuntu Security Notice, USN-1090-1.


INSTALLING THE UPDATES

We recommend that all Ksplice Uptrack Ubuntu 10.10 Maverick users
install these updates.  You can install these updates by running:

# /usr/sbin/uptrack-upgrade -y

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any additional action.


DESCRIPTION

* Denial of service in nfs_do_fsync.

The function nfs_do_fsync erroneously reports failure, causing system calls
like close() on an NFS-mounted file to hang indefinitely.


* CVE-2010-4668: Kernel panic in block subsystem.

By submitting certain I/O requests with 0 length, a local user could cause
a denial of service (kernel panic).


* CVE-2010-4077: Kernel information leak in nozomi driver.

The TIOCGICOUNT device ioctl allows unprivileged users to read
uninitialized stack memory, because the "reserved" member of the
serial_icounter_struct struct declared on the stack is not altered or
zeroed before being copied back to the user.


* Improved fix for CVE-2010-4175.

Ubuntu provided a revised patch for CVE-2010-4175 for Maverick
kernels.


* CVE-2010-4075: Kernel information leak in serial driver.

The TIOCGICOUNT device ioctl in the serial driver allows unprivileged
users to read uninitialized kernel memory.


SUPPORT

Ksplice support is available at support at ksplice.com or +1 765-577-5423.