[Ksplice][Ubuntu-16.10-Updates] New Ksplice updates for Ubuntu 16.10 Yakkety (4.8.0-38.41)
Oracle Ksplice
ksplice-support_ww at oracle.com
Wed Feb 22 01:15:24 PST 2017
Synopsis: 4.8.0-38.41 can now be patched using Ksplice
CVEs: CVE-2016-9588
Systems running Ubuntu 16.10 Yakkety can now use Ksplice to patch
against the latest Ubuntu kernel update, 4.8.0-38.41.
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack running Ubuntu 16.10
Yakkety install these updates.
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.
Alternatively, you can install these updates by running:
# /usr/sbin/uptrack-upgrade -y
DESCRIPTION
* Missing mutex lock in Hyper-V channel free causes denial of service.
Missing synchronization surrounding the removal of channels from a
hyper-v bus could cause memory corruption and a denial-of-service.
* Double-closing block device while listing devices causes denial-of-service.
If a block device is closed while other block devices are being
enumerated with iterate_bdevs(), a NULL data member can be dereferenced,
causing a crash and denial-of-service.
* Memory leak in system trace module open path.
A missing free in the error path of stm_char_open() would leak memory,
causing performance degradation and an eventual denial-of-service.
* CVE-2016-9588: Denial-of-service in Intel nested VMX exception handling.
Failure to handle exceptions thrown by an L2 guest could result in
kernel crash. A malicious guest could use this flaw to crash the
virtualization host.
* Denial-of-service caused by use-after-free in fsnotify.
When iterating through a list of inodes to unmount, fsnotify could
potentially free a node while iterating through the list. This could
cause a kernel crash, but usually manifests as an infinite loop, causing
a denial-of-service.
* Memory leak in Infiniband RDMA-over-Ethernet driver.
A missing free in rqe_qp_cleanup leaks a socket and associated memory,
potentially causing performance degradation and an eventual
denial-of-service.
* Memory corruption in Infiniband RDMA-over-ethernet driver.
Missing synchronization code allowed possible memory corruption when
using Infiniband RDMA, potentially causing a crash and
denial-of-service.
* Denial-of-service in DRV260x haptic input driver.
Incorrectly specifying the parent device on a DRV260x haptic device
could cause a kernel crash and denial-of-service.
* Bad copy exposes memory in Intel iWARP driver statistics reporting.
A bad memory copy operation in the Intel iWARP driver copies stack memory
onto the stats reporting structure, potentially exposing kernel memory via
the stats interface.
* Connection spoofing in Ceph filesystem connect.
When establishing a Ceph connection, the authorizer reply is not
actually verified as authentic, potentially allowing an attacker to
spoof another connection.
* Denial-of-service due to deadlock in pNFS read resend and layout return.
Incorrect lock ordering could cause a deadlock and denial-of-service
when using pNFS with layouts and replaying failed file reads.
* Denial-of-service when using GPADL as Hyper-V guest.
A logic error when using GPADL (Guest Physical Address Descriptor List)
could lead to a memory leak. A local attacker could use this flaw to
exhaust memory and cause a denial-of-service.
* Denial-of-service when writing to huge pages of another process.
A missing check when writing to read-only regions of memory backed by
transparent huge pages cause an infinite loop. A local attacker could
use this flaw to cause a denial-of-service.
* Denial-of-service when opening Hyper-V channel.
A too short timeout when waiting for message completion on channel
opening could lead to an infinite loop. An attacker could use this flaw
to cause a denial-of-service.
SUPPORT
Ksplice support is available at ksplice-support_ww at oracle.com.
More information about the Ksplice-Ubuntu-16.10-updates
mailing list