[Ksplice][Ubuntu-14.04-Updates] New updates available via Ksplice (USN-2643-1)

[Oracle Ksplice]

Synopsis: USN-2643-1 can now be patched using Ksplice
CVEs: CVE-2015-1328

Systems running Ubuntu 14.04 Trusty can now use Ksplice to patch
against the latest Ubuntu Security Notice, USN-2643-1.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack on Ubuntu 14.04 Trusty
install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* CVE-2015-1328: Privilege escalation in overlayfs.

The overlayfs filesystem does not correctly check file permissions when
creating new files in the upper filesystem directory. This can be exploited
by an unprivileged process to allow the mounting of overlayfs inside
unprivileged mount namespaces.

Important note: this update won't apply unless you have unmounted all
overlayfs.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.