[Ksplice][Ubuntu-12.04-Updates] New updates available via Ksplice	(USN-2066-1)
    Oracle Ksplice 
    ksplice-support_ww at oracle.com
       
    Fri Jan  3 09:07:09 PST 2014
    
    
  
Synopsis: USN-2066-1 can now be patched using Ksplice
CVEs: CVE-2013-4299 CVE-2013-4470 CVE-2013-4592 CVE-2013-6378
Systems running Ubuntu 12.04 Precise can now use Ksplice to patch
against the latest Ubuntu Security Notice, USN-2066-1.
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack on Ubuntu 12.04 Precise
install these updates.
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.
Alternatively, you can install these updates by running:
# /usr/sbin/uptrack-upgrade -y
DESCRIPTION
* CVE-2013-4592: Denial-of-service in KVM IOMMU mappings.
A flaw was found in the way IOMMU memory mappings were handled when
moving memory slots. A malicious user on a KVM host who has the ability to
assign a device to a guest could use this flaw to crash the host.
* CVE-2013-6378: Denial-of-service in Marvell 8xxx Libertas WLAN driver.
Incorrect validation of user supplied data in the Marvell 8xxx Libertas
WLAN driver could allow a privileged user to trigger an invalid pointer
dereference and crash the system.
* Memory corruption in Broadcom bnx2x GSO.
The Broadcom driver for NetXtremeII devices does not correctly handle cloned
packet data when GSO is enabled leading to memory corruption and a kernel panic.
* Use-after-free in IP TIME_WAIT sockets.
Incorrect reference counting in the kernel IP stack when handling receiving data
on TIME_WAIT sockets can trigger a use-after-free condition and cause a kernel
panic.
* Information leak in netlink connector.
When sending messages through the netlink connector, some elements of the message
are not initialised causing the contents of kernel memory to be exposed to
userspace.
* Deadlock in L2TP PPP packet transmission.
Invalid locking when transmitting packets over a L2TP PPP connection can trigger
a kernel deadlock when two processes send packets over the same connection.
* Information leak in FarSync network driver ioctl.
The SIOCWANDEV ioctl in the FarSync T-Series network driver does not initialise
memory before returning data to userspace, causing the contents of kernel memory
to be leaked to userspace.
* Kernel panic in netlink kernel/userspace connector.
An incorrect length check when processing netlink messages in the kernel/
userspace connector can cause an out-of-bounds access and kernel panic.
* Information leak in wanXL IF_GET_IFACE ioctl.
The SBE wanXL network driver does not initialise memory when handling the
IF_GET_IFACE ioctl causing the contents of kernel memory to be leaked to
userspace.
* Denial-of-service in IPv4 CIPSO header validation.
The kernel IPv4 stack does not correctly handle malformed CIPSO headers in IPv4
packets leading to an infinite loop and kernel panic.
* CVE-2013-4470: Memory corruption in IPv4 and IPv6 networking corking with UFO.
The kernel IP stack does not correctly handle sending fragmented packets via a
device which has UDP Fragmentation Offload enabled leading to memory corruption
and a kernel panic.
* Buffer overrun in the tracing subsystem.
An incorrect bounds check in the kernel tracing subsystem could lead to
writing past the end of a buffer. A privileged local user can use this
flaw to crash the kernel or potentially gain additional privileges.
* Deadlock in JFS inode allocation.
When failing to allocate new inodes on a JFS filesystem, the JFS filesystem
driver incorrectly unlocks inodes leading to a deadlock and kernel panic.
* Denial-of-service in ext4 extended attribute error handling.
Missing memory freeing in the error path of extended attribute handling
could cause a memory leak and denial of service under specific
circumstances.
* Denial-of-service in 802.11 radiotap packet parsing.
The kernel 802.11 radiotap interface does not correctly handle malformed packets
allowing a remote attacker to trigger an out-of-bounds read leading to a kernel
panic.
* CVE-2013-4299: Information leak in device mapper persistent snapshots.
An information leak flaw was found in the way Linux kernel's device
mapper subsystem, under certain conditions, interpreted data written to
snapshot block devices. An attacker could use this flaw to read data
from disk blocks in free space, which are normally inaccessible.
* Memory leak in ecrypt filesystem initialization.
When initializing a ecrypt filesystem the ecryptfs driver does not free memory
when decrypting the session key causing a kernel memory leak.
* Memory corruption in DRM ioctl.
The DRM driver incorrectly allocated memory when processing a ioctl from userspace
allowing a malicious local user to trigger kernel memory corruption and gain elevated
privileges.
* NULL pointer dereference in pSCSI device initialization.
A NULL pointer dereference and kernel panic can be triggered when the pass-
through SCSI driver fails to lookup a host.
* Missing capability check in AAC RAID compatibility ioctl.
A missing capability check in the AAC RAID compatibility ioctl allows local users
to gain elevated privileges.
SUPPORT
Ksplice support is available at ksplice-support_ww at oracle.com.
  
    
    
More information about the Ksplice-Ubuntu-12.04-Updates
mailing list