From tabbott at ksplice.com Sat Sep 18 21:48:49 2010 From: tabbott at ksplice.com (Tim Abbott) Date: Sun, 19 Sep 2010 00:48:49 -0400 (EDT) Subject: [Ksplice][Ubuntu 9.04 Updates] New updates available via Ksplice (USN-988-1) Message-ID: Synopsis: USN-988-1 can now be patched using Ksplice CVEs: CVE-2010-3081 CVE-2010-3301 Systems running Ubuntu 9.04 Jaunty can now use Ksplice to patch against the latest Ubuntu Security Notice, USN-988-1. INSTALLING THE UPDATES We recommend that all Ksplice Uptrack Ubuntu 9.04 Jaunty users install these updates. You can install these updates by running: # uptrack-upgrade -y DESCRIPTION * CVE-2010-3301: Privilege escalation in 32-bit syscall entry via ptrace. The system call entry path for 32-bit processes on 64-bit systems validated only the low 32 bits of a 64-bit system call number. A local user could make a crafted system call with ptrace to execute arbitrary code in the kernel and obtain privileges. * CVE-2010-3081: Privilege escalation through stack underflow in compat. A flaw was found in the 32-bit compatibility layer for 64-bit systems. User-space memory was allocated insecurely when translating system call inputs to 64-bit. A stack pointer underflow could occur when using the "compat_alloc_user_space" method with an arbitrary length input, as in getsockopt. SUPPORT Ksplice support is available at support at ksplice.com or +1 765-577-5423.