[Ksplice][Ubuntu-11.04-Updates] New updates available via Ksplice (USN-1345-1)
Jessica McKellar
jessica.mckellar at oracle.com
Tue Jan 24 11:43:49 PST 2012
Synopsis: USN-1345-1 can now be patched using Ksplice
CVEs: CVE-2011-1162 CVE-2011-2203 CVE-2011-4110
Systems running Ubuntu 11.04 Natty can now use Ksplice to patch
against the latest Ubuntu Security Notice, USN-1345-1.
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack on Ubuntu 11.04 Natty
install these updates. You can install these updates by running:
# /usr/sbin/uptrack-upgrade -y
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any additional action.
DESCRIPTION
* CVE-2011-1162: Information leak in TPM driver.
A buffer in tpm_read was not initialized before being returned to
userspace, leading to a leak of potentially sensitive kernel memory.
* CVE-2011-2203: Null pointer dereference mounting HFS filesystems.
A NULL pointer dereference flaw was found in the Linux kernel's HFS
file system implementation. A local attacker could use this flaw to
cause a denial of service by mounting a disk that contains a
specially-crafted HFS file system with a corrupted MDB extent
record.
* CVE-2011-4110: Denial of service in kernel key management facilities.
A flaw in the way user-defined key types were handled allowed an
unprivileged local user to crash the system via a NULL pointer
dereference and kernel OOPS.
SUPPORT
Ksplice support is available at ksplice-support_ww at oracle.com.
More information about the Ksplice-Ubuntu-11.04-Updates
mailing list