[Ksplice][Ubuntu-12.04-Updates] New updates available via Ksplice (3.2.0-77.112)

Wed Feb 25 11:54:00 PST 2015

Synopsis: 3.2.0-77.112 can now be patched using Ksplice
CVEs: CVE-2013-7421 CVE-2014-7970 CVE-2014-8160 CVE-2014-9529 CVE-2014-9584 CVE-2014-9585 CVE-2014-9644 CVE-2015-0239

Systems running Ubuntu 12.04 Precise can now use Ksplice to patch
against the latest Ubuntu kernel update, 3.2.0-77.112.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack on Ubuntu 12.04 Precise
install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y

DESCRIPTION

* CVE-2014-9584: Out-of-bounds memory access in ISO filesystem when printing ER records.

A missing input validation when printing ER records on the iso9660 driver
could lead to an out-of-bounds memory write, potentially leading to a
kernel panic.  A local attacker could use a corrupted ISO file to cause a
denial-of-service.

* CVE-2014-9529: Use-after-free when garbage collecting keys.

A logic error when garbage collecting cryptographic keys leads to a
user-after-free and kernel panic. A local user could use this flaw to crash
the kernel and cause a denial-of-service.

* CVE-2014-8160: iptables rules by-pass when the protocol module is not loaded.

A flaw in the generic conntrack sub-system allows protocols that do not
have a protocol handler kernel module loaded to pass through the iptables
firewall even if explicitly denied by rule.

* CVE-2014-9585: Address space layout randomization bypass for VDSO address.

A flaw in the VDSO code loader leads to a 50% chance of having the VDSO
address placed at the end of a PMD. This could allow an attacker to bypass
ASLR protections more easily.

* CVE-2015-0239: Privilege escalation in KVM sysenter emulation.

The KVM emulation of the sysenter instruction does not validate 16-bit
code segments which can allow a local attacker to potentially elevate
privileges.

* CVE-2014-7970: Memory corruption when using pivot_root.

A flaw in the pivot_root syscall leads to a corruption of the mount tree
when calling with a directory outside a chroot. A local user could use this
flaw to cause a memory corruption and likely a denial-of-service.

* CVE-2013-7421: Arbitrary module loading by users in crypto API.

The kernel crypto API does not restrict which kernel modules can be
loaded automatically which allows users to load arbitrary kernel
modules. This allows an unprivileged user to increase the attack surface
of the kernel.

* CVE-2014-9644: Arbitrary module loading by users in crypto template API.

The kernel crypto API does not restrict which kernel modules can be
loaded automatically when requesting a crypto template which allows
users to load arbitrary kernel modules. This allows an unprivileged user
to increase the attack surface of the kernel.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.