[Ksplice][Ubuntu-11.04-Updates] New updates available via Ksplice (2.6.38-13.56)
Jamie Iles
jamie.iles at oracle.com
Tue Feb 28 08:58:21 PST 2012
Synopsis: 2.6.38-13.56 can now be patched using Ksplice
CVEs: CVE-2011-2518 CVE-2011-4097 CVE-2012-0207
Systems running Ubuntu 11.04 Natty can now use Ksplice to patch
against the latest Ubuntu kernel update, 2.6.38-13.56.
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack on Ubuntu 11.04 Natty
install these updates. You can install these updates by running:
# /usr/sbin/uptrack-upgrade -y
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any additional action.
DESCRIPTION
* CVE-2012-0207: Denial of service bug in IGMP.
The IGMP subsystem's compatibility handling of v2 packets had a bug in
the computation of a delay field which could result in division by
zero (causing a kernel panic).
* CVE-2011-2518: NULL pointer dereference in Tomoyo security module.
The Tomoyo security module did not check the device name parameter when
checking permissions for a mount operation and so an unprivileged user
could trigger a NULL pointer dereference by passing a NULL source to
mount(2).
* CVE-2011-4097: Integer overflow of points in oom_badness.
On 64-bit architectures, a task could cause a local denial of service
from an integer overflow if a portion of its OOM score exceeded a
certain value.
SUPPORT
Ksplice support is available at ksplice-support_ww at oracle.com.
More information about the Ksplice-Ubuntu-11.04-Updates
mailing list