[Ksplice][Ubuntu-11.10-Updates] New updates available via Ksplice (USN-1607-1)
Jamie Iles
jamie.iles at oracle.com
Fri Oct 12 08:46:44 PDT 2012
Synopsis: USN-1607-1 can now be patched using Ksplice
CVEs: CVE-2012-2137
Systems running Ubuntu 11.10 Oneiric can now use Ksplice to patch
against the latest Ubuntu Security Notice, USN-1607-1.
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack on Ubuntu 11.10 Oneiric
install these updates.
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.
Alternatively, you can install these updates by running:
# /usr/sbin/uptrack-upgrade -y
DESCRIPTION
* CVE-2012-2137: Buffer overflow in KVM MSI routing entry handler.
A buffer overflow flaw was found in the setup_routing_entry() function in the
KVM subsystem of the Linux kernel in the way the Message Signaled Interrupts
(MSI) routing entry was handled. A local, unprivileged user could use this flaw
to cause a denial of service or, possibly, escalate their privileges.
* Inode leak in eCryptfs file renaming.
Inodes are not being properly removed when they are the target of
a rename() system call, causing extra disk space to be consumed.
* Race condition in eCryptfs can cause hangs when accessing the filesystem.
A race condition when releasing files can cause errors when
accessing a eCryptfs filesystem leading to system hangs.
* Race-condition in VFS file operations.
A race condition when performing scatter-gather IO on a file can lead
to data corruption.
* Kernel panic in hugetlbfs.
A race condition between processes sharing huge page mappings can cause
a kernel panic.
* Unreported error can cause unusable mount in NFS.
An unreported error can cause a mount to seem to succeed but have
completely unusable values for block sizes, maxfilesize, etc.
* Kernel panic in Parallel NFS.
A kernel panic (BUG_ON) can be triggered when releasing file data because
of a broken assumption in the Parallel NFS implementation.
* Use-after-free in audit.
A delayed destroy can cause a user-after-free error in
audit_tree.
* Race condition in SUNRPC.
A race condition can cause data corruption when closing a SUNRPC socket.
* NULL pointer dereference in USB ACM.
A NULL pointer dereference can be triggered when probing a device that
provides an ACM endpoint.
* NUMA memory policy kernel panic.
A kernel panic can be triggered when querying a task's NUMA memory policy
via procfs.
* SCSI MegaRAID kernel panic.
A kernel panic can be triggered when the MegaRAID driver is loaded but
no adapters are present on the system.
* UDF data corruption fix.
Files stored in ICB (inode) can be partially overwritten with all
zeros.
* NULL pointer dereference in DCCP sockets.
A NULL pointer dereference can be triggered by querying or setting the
socket options of a DCCP socket that has no associated CCID.
SUPPORT
Ksplice support is available at ksplice-support_ww at oracle.com.
More information about the Ksplice-Ubuntu-11.10-Updates
mailing list