[El-errata] New updates available via Ksplice (ELSA-2015-2152)

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Fri Nov 27 16:58:31 PST 2015


Synopsis: ELSA-2015-2152 can now be patched using Ksplice
CVEs: CVE-2015-5283 CVE-2015-7613

Users with Oracle Linux Premier Support can now use Ksplice to patch
against the latest Oracle Security Advisory, ELSA-2015-2152.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack on EL 6 install these
updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* CVE-2015-5283: Denial-of-service when creating SCTP sockets before the module has loaded.

A local user could use this flaw to cause a denial of service on the system
by triggering a kernel panic when creating multiple sockets in parallel
while the system did not have the SCTP module loaded.


* CVE-2015-7613: Privilege escalation in IPC object initialization.

Incorrect initialization of IPC objects could result in memory
corruption when creating message queues or shared memory.  A local,
unprivileged user could use this flaw to escalate privileges.


* Networking failure on soft reboot in Intel 10GbE PCIe driver.

Incorrect reset handling on device shutdown or enabling could fail to
reinitialize the PHY resulting in network failures.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.





More information about the El-errata mailing list