[Ksplice][Ubuntu-10.10-Updates] New updates available via Ksplice (USN-1272-1)

Jessica McKellar jessica.mckellar at oracle.com
Mon Nov 21 13:44:27 PST 2011

Synopsis: USN-1272-1 can now be patched using Ksplice
CVEs: CVE-2011-2183 CVE-2011-2491 CVE-2011-2496 CVE-2011-2517

Systems running Ubuntu 10.10 Maverick can now use Ksplice to patch
against the latest Ubuntu Security Notice, USN-1272-1.


We recommend that all users of Ksplice Uptrack on Ubuntu 10.10
Maverick install these updates.  You can install these updates by

# /usr/sbin/uptrack-upgrade -y

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any additional action.


* CVE-2011-2517: Buffer overflow in 802.11 netlink interface.

The nl80211_trigger_scan function failed to check for a valid SSID
length, leading to denial of service via buffer overflow.

* Improved fix to CVE-2011-2496: Denial of Service in mremap.

Ubuntu's original patch for CVE-2011-2496 did not include related
boundary checks in the code for automatic stack expansion.

* CVE-2011-2183: NULL pointer dereference in ksmd.

Andrea Righi reported a case where an exiting task can race against
ksmd::scan_get_next_rmap_item and trigger a NULL pointer dereference
in ksmd.

* CVE-2011-2491: Local denial of service in NLM subsystem.

A flaw in the client-side NLM implementation could allow a local,
unprivileged user to cause a denial of service.

* CVE-2011-1585: Denial of service in CIFS password handling.

The kernel's CIFS implementation would sometimes dereference a NULL
pointer representing a missing password.


Ksplice support is available at support at ksplice.com or +1 765-577-5423.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://oss.oracle.com/pipermail/ksplice-ubuntu-10.10-updates/attachments/20111121/45e77052/attachment.html 

More information about the Ksplice-Ubuntu-10.10-Updates mailing list