Search...

Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-2016-1)

2013-11-09T00:00:00

ID UBUNTU_USN-2016-1.NASL
Type nessus
Reporter Tenable
Modified 2016-10-26T00:00:00

Description

Dan Carpenter discovered an information leak in the HP Smart Aray and Compaq SMART2 disk-array driver in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from kernel memory. (CVE-2013-2147)

Kees Cook discovered flaw in the Human Interface Device (HID) subsystem when CONFIG_HID_ZEROPLUS is enabled. A physically proximate attacker could leverage this flaw to cause a denial of service via a specially crafted device. (CVE-2013-2889)

Kees Cook discovered another flaw in the Human Interface Device (HID) subsystem of the Linux kernel when any of CONFIG_LOGITECH_FF, CONFIG_LOGIG940_FF, or CONFIG_LOGIWHEELS_FF are enabled. A physcially proximate attacker can leverage this flaw to cause a denial of service vias a specially crafted device. (CVE-2013-2893)

Kees Cook discovered yet another flaw in the Human Interface Device (HID) subsystem of the Linux kernel when CONFIG_HID_MULTITOUCH is enabled. A physically proximate attacker could leverage this flaw to cause a denial of service (OOPS) via a specially crafted device. (CVE-2013-2897)

A flaw was discovered in the Linux kernel's dm snapshot facility. A remote authenticated user could exploit this flaw to obtain sensitive information or modify/corrupt data. (CVE-2013-4299).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

                                        
                                            #
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-2016-1. The text 
# itself is copyright (C) Canonical, Inc. See 
# &lt;http://www.ubuntu.com/usn/&gt;. Ubuntu(R) is a registered 
# trademark of Canonical, Inc.
#

include("compat.inc");

if (description)
{
  script_id(70800);
  script_version("$Revision: 1.4 $");
  script_cvs_date("$Date: 2016/10/26 14:16:25 $");

  script_cve_id("CVE-2013-2147", "CVE-2013-2889", "CVE-2013-2893", "CVE-2013-2897", "CVE-2013-4299");
  script_bugtraq_id(62042, 62044, 62050, 63183);
  script_xref(name:"USN", value:"2016-1");

  script_name(english:"Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-2016-1)");
  script_summary(english:"Checks dpkg output for updated package.");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Ubuntu host is missing a security-related patch."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Dan Carpenter discovered an information leak in the HP Smart Aray and
Compaq SMART2 disk-array driver in the Linux kernel. A local user
could exploit this flaw to obtain sensitive information from kernel
memory. (CVE-2013-2147)

Kees Cook discovered flaw in the Human Interface Device (HID)
subsystem when CONFIG_HID_ZEROPLUS is enabled. A physically proximate
attacker could leverage this flaw to cause a denial of service via a
specially crafted device. (CVE-2013-2889)

Kees Cook discovered another flaw in the Human Interface Device (HID)
subsystem of the Linux kernel when any of CONFIG_LOGITECH_FF,
CONFIG_LOGIG940_FF, or CONFIG_LOGIWHEELS_FF are enabled. A physcially
proximate attacker can leverage this flaw to cause a denial of service
vias a specially crafted device. (CVE-2013-2893)

Kees Cook discovered yet another flaw in the Human Interface Device
(HID) subsystem of the Linux kernel when CONFIG_HID_MULTITOUCH is
enabled. A physically proximate attacker could leverage this flaw to
cause a denial of service (OOPS) via a specially crafted device.
(CVE-2013-2897)

A flaw was discovered in the Linux kernel's dm snapshot facility. A
remote authenticated user could exploit this flaw to obtain sensitive
information or modify/corrupt data. (CVE-2013-4299).

Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected linux-image-2.6-ec2 package."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-ec2");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:10.04:-:lts");

  script_set_attribute(attribute:"patch_publication_date", value:"2013/11/08");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/11/09");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"Ubuntu Security Notice (C) 2013-2016 Canonical, Inc. / NASL script (C) 2013-2016 Tenable Network Security, Inc.");
  script_family(english:"Ubuntu Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");

  exit(0);
}


include("audit.inc");
include("ubuntu.inc");
include("misc_func.inc");

if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/Ubuntu/release");
if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
release = chomp(release);
if (! ereg(pattern:"^(10\.04)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 10.04", "Ubuntu " + release);
if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" &gt;!&lt; cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);

flag = 0;

if (ubuntu_check(osver:"10.04", pkgname:"linux-image-2.6.32-358-ec2", pkgver:"2.6.32-358.71")) flag++;

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_WARNING,
    extra      : ubuntu_report_get()
  );
  exit(0);
}
else
{
  tested = ubuntu_pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "linux-image-2.6-ec2");
}

JSON Vulners Source

Initial Source

{"hash": "03504371004d0b5906386830e2648cda9ae5d9a34c711a8eef7b3a65a149bc73", "naslFamily": "Ubuntu Local Security Checks", "id": "UBUNTU_USN-2016-1.NASL", "lastseen": "2017-10-29T13:35:14", "viewCount": 1, "hashmap": [{"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "4291c5629785cfeb6aaf3ef90a773b0b", "key": "cpe"}, {"hash": "c3ded3328b71b949baffc76a3d257fdd", "key": "cvelist"}, {"hash": "61a37396f8fc8545e5dc3fd73288ce16", "key": "cvss"}, {"hash": "ba5db5a3d987040b6e1579a34669ac98", "key": "description"}, {"hash": "8c5fa981b7ef285b3f22691e4fd84f41", "key": "href"}, {"hash": "1d731490b777bc15c5d9375993128995", "key": "modified"}, {"hash": "c9b7d00377a789a14c9bb9dab6c7168c", "key": "naslFamily"}, {"hash": "a1967e6de4ca99fb2635d94b99453928", "key": "pluginID"}, {"hash": "b7fd0bad9a3db89554b13b658b53fddb", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "097b6cc7dae71b3152c02c382c19cd39", "key": "sourceData"}, {"hash": "f101d2fcaf0c67cc5eb8c97cc228765b", "key": "title"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}], "bulletinFamily": "scanner", "cpe": ["cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-ec2"], "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "edition": 3, "enchantments": {"vulnersScore": 2.1}, "type": "nessus", "description": "Dan Carpenter discovered an information leak in the HP Smart Aray and Compaq SMART2 disk-array driver in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from kernel memory. (CVE-2013-2147)\n\nKees Cook discovered flaw in the Human Interface Device (HID) subsystem when CONFIG_HID_ZEROPLUS is enabled. A physically proximate attacker could leverage this flaw to cause a denial of service via a specially crafted device. (CVE-2013-2889)\n\nKees Cook discovered another flaw in the Human Interface Device (HID) subsystem of the Linux kernel when any of CONFIG_LOGITECH_FF, CONFIG_LOGIG940_FF, or CONFIG_LOGIWHEELS_FF are enabled. A physcially proximate attacker can leverage this flaw to cause a denial of service vias a specially crafted device. (CVE-2013-2893)\n\nKees Cook discovered yet another flaw in the Human Interface Device (HID) subsystem of the Linux kernel when CONFIG_HID_MULTITOUCH is enabled. A physically proximate attacker could leverage this flaw to cause a denial of service (OOPS) via a specially crafted device.\n(CVE-2013-2897)\n\nA flaw was discovered in the Linux kernel's dm snapshot facility. A remote authenticated user could exploit this flaw to obtain sensitive information or modify/corrupt data. (CVE-2013-4299).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "title": "Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-2016-1)", "history": [{"bulletin": {"hash": "5dbf1c56af68f74abf47750e9b1bb7bcd5a50d9010c5cb7a30e6687a1d3865ef", "naslFamily": "Ubuntu Local Security Checks", "edition": 1, "lastseen": "2016-09-26T17:23:44", "viewCount": 0, "hashmap": [{"hash": "f101d2fcaf0c67cc5eb8c97cc228765b", "key": "title"}, {"hash": "708697c63f7eb369319c6523380bdf7a", "key": "bulletinFamily"}, {"hash": "5ebefc09f1b29d9e0dad2276c1ad05e8", "key": "modified"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "8686eb1fb0cb79f9557f6fd57f6b695f", "key": "sourceData"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "b7fd0bad9a3db89554b13b658b53fddb", "key": "published"}, {"hash": "a1967e6de4ca99fb2635d94b99453928", "key": "pluginID"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "ba5db5a3d987040b6e1579a34669ac98", "key": "description"}, {"hash": "c9b7d00377a789a14c9bb9dab6c7168c", "key": "naslFamily"}, {"hash": "8c5fa981b7ef285b3f22691e4fd84f41", "key": "href"}, {"hash": "c3ded3328b71b949baffc76a3d257fdd", "key": "cvelist"}, {"hash": "aaebfb5069db2f8782052c1690568a90", "key": "cvss"}], "bulletinFamily": "exploit", "history": [], "id": "UBUNTU_USN-2016-1.NASL", "type": "nessus", "description": "Dan Carpenter discovered an information leak in the HP Smart Aray and Compaq SMART2 disk-array driver in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from kernel memory. (CVE-2013-2147)\n\nKees Cook discovered flaw in the Human Interface Device (HID) subsystem when CONFIG_HID_ZEROPLUS is enabled. A physically proximate attacker could leverage this flaw to cause a denial of service via a specially crafted device. (CVE-2013-2889)\n\nKees Cook discovered another flaw in the Human Interface Device (HID) subsystem of the Linux kernel when any of CONFIG_LOGITECH_FF, CONFIG_LOGIG940_FF, or CONFIG_LOGIWHEELS_FF are enabled. A physcially proximate attacker can leverage this flaw to cause a denial of service vias a specially crafted device. (CVE-2013-2893)\n\nKees Cook discovered yet another flaw in the Human Interface Device (HID) subsystem of the Linux kernel when CONFIG_HID_MULTITOUCH is enabled. A physically proximate attacker could leverage this flaw to cause a denial of service (OOPS) via a specially crafted device.\n(CVE-2013-2897)\n\nA flaw was discovered in the Linux kernel's dm snapshot facility. A remote authenticated user could exploit this flaw to obtain sensitive information or modify/corrupt data. (CVE-2013-4299).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "title": "Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-2016-1)", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "objectVersion": "1.2", "cvelist": ["CVE-2013-2147", "CVE-2013-2897", "CVE-2013-4299", "CVE-2013-2889", "CVE-2013-2893"], "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2016-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(70800);\n script_version(\"$Revision: 1.3 $\");\n script_cvs_date(\"$Date: 2016/05/25 16:34:54 $\");\n\n script_cve_id(\"CVE-2013-2147\", \"CVE-2013-2889\", \"CVE-2013-2893\", \"CVE-2013-2897\", \"CVE-2013-4299\");\n script_bugtraq_id(62042, 62044, 62050, 63183);\n script_xref(name:\"USN\", value:\"2016-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-2016-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Dan Carpenter discovered an information leak in the HP Smart Aray and\nCompaq SMART2 disk-array driver in the Linux kernel. A local user\ncould exploit this flaw to obtain sensitive information from kernel\nmemory. (CVE-2013-2147)\n\nKees Cook discovered flaw in the Human Interface Device (HID)\nsubsystem when CONFIG_HID_ZEROPLUS is enabled. A physically proximate\nattacker could leverage this flaw to cause a denial of service via a\nspecially crafted device. (CVE-2013-2889)\n\nKees Cook discovered another flaw in the Human Interface Device (HID)\nsubsystem of the Linux kernel when any of CONFIG_LOGITECH_FF,\nCONFIG_LOGIG940_FF, or CONFIG_LOGIWHEELS_FF are enabled. A physcially\nproximate attacker can leverage this flaw to cause a denial of service\nvias a specially crafted device. (CVE-2013-2893)\n\nKees Cook discovered yet another flaw in the Human Interface Device\n(HID) subsystem of the Linux kernel when CONFIG_HID_MULTITOUCH is\nenabled. A physically proximate attacker could leverage this flaw to\ncause a denial of service (OOPS) via a specially crafted device.\n(CVE-2013-2897)\n\nA flaw was discovered in the Linux kernel's dm snapshot facility. A\nremote authenticated user could exploit this flaw to obtain sensitive\ninformation or modify/corrupt data. (CVE-2013-4299).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected linux-image-2.6.32-358-ec2 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6.32-358-ec2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/11/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/11/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2013-2016 Canonical, Inc. / NASL script (C) 2013-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(10\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-358-ec2\", pkgver:\"2.6.32-358.71\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-2.6.32-358-ec2\");\n}\n", "published": "2013-11-09T00:00:00", "pluginID": "70800", "references": [], "reporter": "Tenable", "modified": "2016-05-25T00:00:00", "href": "https://www.tenable.com/plugins/index.php?view=single&id=70800"}, "lastseen": "2016-09-26T17:23:44", "edition": 1, "differentElements": ["modified", "sourceData"]}, {"bulletin": {"hash": "bc1a0883745b23d2a8fb1be695bb3dcfe6c51df6207d3852c15216f812df3057", "naslFamily": "Ubuntu Local Security Checks", "edition": 2, "lastseen": "2016-10-26T21:23:53", "enchantments": {}, "hashmap": [{"hash": "f101d2fcaf0c67cc5eb8c97cc228765b", "key": "title"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "1d731490b777bc15c5d9375993128995", "key": "modified"}, {"hash": "b7fd0bad9a3db89554b13b658b53fddb", "key": "published"}, {"hash": "a1967e6de4ca99fb2635d94b99453928", "key": "pluginID"}, {"hash": "097b6cc7dae71b3152c02c382c19cd39", "key": "sourceData"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "ba5db5a3d987040b6e1579a34669ac98", "key": "description"}, {"hash": "c9b7d00377a789a14c9bb9dab6c7168c", "key": "naslFamily"}, {"hash": "8c5fa981b7ef285b3f22691e4fd84f41", "key": "href"}, {"hash": "61a37396f8fc8545e5dc3fd73288ce16", "key": "cvss"}, {"hash": "c3ded3328b71b949baffc76a3d257fdd", "key": "cvelist"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "bulletinFamily": "scanner", "cpe": [], "history": [], "id": "UBUNTU_USN-2016-1.NASL", "type": "nessus", "description": "Dan Carpenter discovered an information leak in the HP Smart Aray and Compaq SMART2 disk-array driver in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from kernel memory. (CVE-2013-2147)\n\nKees Cook discovered flaw in the Human Interface Device (HID) subsystem when CONFIG_HID_ZEROPLUS is enabled. A physically proximate attacker could leverage this flaw to cause a denial of service via a specially crafted device. (CVE-2013-2889)\n\nKees Cook discovered another flaw in the Human Interface Device (HID) subsystem of the Linux kernel when any of CONFIG_LOGITECH_FF, CONFIG_LOGIG940_FF, or CONFIG_LOGIWHEELS_FF are enabled. A physcially proximate attacker can leverage this flaw to cause a denial of service vias a specially crafted device. (CVE-2013-2893)\n\nKees Cook discovered yet another flaw in the Human Interface Device (HID) subsystem of the Linux kernel when CONFIG_HID_MULTITOUCH is enabled. A physically proximate attacker could leverage this flaw to cause a denial of service (OOPS) via a specially crafted device.\n(CVE-2013-2897)\n\nA flaw was discovered in the Linux kernel's dm snapshot facility. A remote authenticated user could exploit this flaw to obtain sensitive information or modify/corrupt data. (CVE-2013-4299).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "viewCount": 1, "title": "Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-2016-1)", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "objectVersion": "1.2", "cvelist": ["CVE-2013-2147", "CVE-2013-2897", "CVE-2013-4299", "CVE-2013-2889", "CVE-2013-2893"], "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2016-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(70800);\n script_version(\"$Revision: 1.4 $\");\n script_cvs_date(\"$Date: 2016/10/26 14:16:25 $\");\n\n script_cve_id(\"CVE-2013-2147\", \"CVE-2013-2889\", \"CVE-2013-2893\", \"CVE-2013-2897\", \"CVE-2013-4299\");\n script_bugtraq_id(62042, 62044, 62050, 63183);\n script_xref(name:\"USN\", value:\"2016-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-2016-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Dan Carpenter discovered an information leak in the HP Smart Aray and\nCompaq SMART2 disk-array driver in the Linux kernel. A local user\ncould exploit this flaw to obtain sensitive information from kernel\nmemory. (CVE-2013-2147)\n\nKees Cook discovered flaw in the Human Interface Device (HID)\nsubsystem when CONFIG_HID_ZEROPLUS is enabled. A physically proximate\nattacker could leverage this flaw to cause a denial of service via a\nspecially crafted device. (CVE-2013-2889)\n\nKees Cook discovered another flaw in the Human Interface Device (HID)\nsubsystem of the Linux kernel when any of CONFIG_LOGITECH_FF,\nCONFIG_LOGIG940_FF, or CONFIG_LOGIWHEELS_FF are enabled. A physcially\nproximate attacker can leverage this flaw to cause a denial of service\nvias a specially crafted device. (CVE-2013-2893)\n\nKees Cook discovered yet another flaw in the Human Interface Device\n(HID) subsystem of the Linux kernel when CONFIG_HID_MULTITOUCH is\nenabled. A physically proximate attacker could leverage this flaw to\ncause a denial of service (OOPS) via a specially crafted device.\n(CVE-2013-2897)\n\nA flaw was discovered in the Linux kernel's dm snapshot facility. A\nremote authenticated user could exploit this flaw to obtain sensitive\ninformation or modify/corrupt data. (CVE-2013-4299).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected linux-image-2.6-ec2 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-ec2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/11/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/11/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2013-2016 Canonical, Inc. / NASL script (C) 2013-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(10\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-358-ec2\", pkgver:\"2.6.32-358.71\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-2.6-ec2\");\n}\n", "published": "2013-11-09T00:00:00", "pluginID": "70800", "references": [], "reporter": "Tenable", "modified": "2016-10-26T00:00:00", "href": "https://www.tenable.com/plugins/index.php?view=single&id=70800"}, "lastseen": "2016-10-26T21:23:53", "edition": 2, "differentElements": ["cpe"]}], "objectVersion": "1.3", "cvelist": ["CVE-2013-2147", "CVE-2013-2897", "CVE-2013-4299", "CVE-2013-2889", "CVE-2013-2893"], "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2016-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(70800);\n script_version(\"$Revision: 1.4 $\");\n script_cvs_date(\"$Date: 2016/10/26 14:16:25 $\");\n\n script_cve_id(\"CVE-2013-2147\", \"CVE-2013-2889\", \"CVE-2013-2893\", \"CVE-2013-2897\", \"CVE-2013-4299\");\n script_bugtraq_id(62042, 62044, 62050, 63183);\n script_xref(name:\"USN\", value:\"2016-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-2016-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Dan Carpenter discovered an information leak in the HP Smart Aray and\nCompaq SMART2 disk-array driver in the Linux kernel. A local user\ncould exploit this flaw to obtain sensitive information from kernel\nmemory. (CVE-2013-2147)\n\nKees Cook discovered flaw in the Human Interface Device (HID)\nsubsystem when CONFIG_HID_ZEROPLUS is enabled. A physically proximate\nattacker could leverage this flaw to cause a denial of service via a\nspecially crafted device. (CVE-2013-2889)\n\nKees Cook discovered another flaw in the Human Interface Device (HID)\nsubsystem of the Linux kernel when any of CONFIG_LOGITECH_FF,\nCONFIG_LOGIG940_FF, or CONFIG_LOGIWHEELS_FF are enabled. A physcially\nproximate attacker can leverage this flaw to cause a denial of service\nvias a specially crafted device. (CVE-2013-2893)\n\nKees Cook discovered yet another flaw in the Human Interface Device\n(HID) subsystem of the Linux kernel when CONFIG_HID_MULTITOUCH is\nenabled. A physically proximate attacker could leverage this flaw to\ncause a denial of service (OOPS) via a specially crafted device.\n(CVE-2013-2897)\n\nA flaw was discovered in the Linux kernel's dm snapshot facility. A\nremote authenticated user could exploit this flaw to obtain sensitive\ninformation or modify/corrupt data. (CVE-2013-4299).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected linux-image-2.6-ec2 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-ec2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/11/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/11/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2013-2016 Canonical, Inc. / NASL script (C) 2013-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(10\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-358-ec2\", pkgver:\"2.6.32-358.71\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-2.6-ec2\");\n}\n", "published": "2013-11-09T00:00:00", "pluginID": "70800", "references": [], "reporter": "Tenable", "modified": "2016-10-26T00:00:00", "href": "https://www.tenable.com/plugins/index.php?view=single&id=70800"}

{"result": {"cve": [{"id": "CVE-2013-2147", "type": "cve", "title": "CVE-2013-2147", "description": "The HP Smart Array controller disk-array driver and Compaq SMART2 controller disk-array driver in the Linux kernel through 3.9.4 do not initialize certain data structures, which allows local users to obtain sensitive information from kernel memory via (1) a crafted IDAGETPCIINFO command for a /dev/ida device, related to the ida_locked_ioctl function in drivers/block/cpqarray.c or (2) a crafted CCISS_PASSTHRU32 command for a /dev/cciss device, related to the cciss_ioctl32_passthru function in drivers/block/cciss.c.", "published": "2013-06-07T10:03:19", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2147", "cvelist": ["CVE-2013-2147"], "lastseen": "2018-01-09T15:22:52"}, {"id": "CVE-2013-2897", "type": "cve", "title": "CVE-2013-2897", "description": "Multiple array index errors in drivers/hid/hid-multitouch.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_MULTITOUCH is enabled, allow physically proximate attackers to cause a denial of service (heap memory corruption, or NULL pointer dereference and OOPS) via a crafted device.", "published": "2013-09-16T09:01:44", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2897", "cvelist": ["CVE-2013-2897"], "lastseen": "2018-01-09T15:22:54"}, {"id": "CVE-2013-4299", "type": "cve", "title": "CVE-2013-4299", "description": "Interpretation conflict in drivers/md/dm-snap-persistent.c in the Linux kernel through 3.11.6 allows remote authenticated users to obtain sensitive information or modify data via a crafted mapping to a snapshot block device.", "published": "2013-10-24T06:53:09", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4299", "cvelist": ["CVE-2013-4299"], "lastseen": "2018-01-09T15:22:57"}, {"id": "CVE-2013-2889", "type": "cve", "title": "CVE-2013-2889", "description": "drivers/hid/hid-zpff.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_ZEROPLUS is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device.", "published": "2013-09-16T09:01:44", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2889", "cvelist": ["CVE-2013-2889"], "lastseen": "2018-01-09T15:22:54"}, {"id": "CVE-2013-2893", "type": "cve", "title": "CVE-2013-2893", "description": "The Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_LOGITECH_FF, CONFIG_LOGIG940_FF, or CONFIG_LOGIWHEELS_FF is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device, related to (1) drivers/hid/hid-lgff.c, (2) drivers/hid/hid-lg3ff.c, and (3) drivers/hid/hid-lg4ff.c.", "published": "2013-09-16T09:01:44", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2893", "cvelist": ["CVE-2013-2893"], "lastseen": "2018-01-09T15:22:54"}], "nessus": [{"id": "UBUNTU_USN-1996-1.NASL", "type": "nessus", "title": "Ubuntu 12.10 : linux vulnerability (USN-1996-1)", "description": "Dan Carpenter discovered an information leak in the HP Smart Aray and Compaq SMART2 disk-array driver in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from kernel memory.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2013-10-22T00:00:00", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=70542", "cvelist": ["CVE-2013-2147"], "lastseen": "2017-10-29T13:36:59"}, {"id": "UBUNTU_USN-1994-1.NASL", "type": "nessus", "title": "Ubuntu 12.04 LTS : linux-lts-quantal vulnerability (USN-1994-1)", "description": "Dan Carpenter discovered an information leak in the HP Smart Aray and Compaq SMART2 disk-array driver in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from kernel memory.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2013-10-22T00:00:00", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=70540", "cvelist": ["CVE-2013-2147"], "lastseen": "2017-10-29T13:42:40"}, {"id": "UBUNTU_USN-2017-1.NASL", "type": "nessus", "title": "Ubuntu 12.04 LTS : linux vulnerabilities (USN-2017-1)", "description": "A denial of service flaw was discovered in the Btrfs file system in the Linux kernel. A local user could cause a denial of service by creating a large number of files with names that have the same CRC32 hash value. (CVE-2012-5374)\n\nA denial of service flaw was discovered in the Btrfs file system in the Linux kernel. A local user could cause a denial of service (prevent file creation) for a victim, by creating a file with a specific CRC32C hash value in a directory important to the victim.\n(CVE-2012-5375)\n\nDan Carpenter discovered an information leak in the HP Smart Aray and Compaq SMART2 disk-array driver in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from kernel memory. (CVE-2013-2147).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2013-11-09T00:00:00", "cvss": {"score": 4.0, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=70801", "cvelist": ["CVE-2013-2147", "CVE-2012-5375", "CVE-2012-5374"], "lastseen": "2017-10-29T13:39:28"}, {"id": "UBUNTU_USN-2015-1.NASL", "type": "nessus", "title": "Ubuntu 10.04 LTS : linux vulnerabilities (USN-2015-1)", "description": "Dan Carpenter discovered an information leak in the HP Smart Aray and Compaq SMART2 disk-array driver in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from kernel memory. (CVE-2013-2147)\n\nKees Cook discovered flaw in the Human Interface Device (HID) subsystem when CONFIG_HID_ZEROPLUS is enabled. A physically proximate attacker could leverage this flaw to cause a denial of service via a specially crafted device. (CVE-2013-2889)\n\nKees Cook discovered another flaw in the Human Interface Device (HID) subsystem of the Linux kernel when any of CONFIG_LOGITECH_FF, CONFIG_LOGIG940_FF, or CONFIG_LOGIWHEELS_FF are enabled. A physcially proximate attacker can leverage this flaw to cause a denial of service vias a specially crafted device. (CVE-2013-2893)\n\nKees Cook discovered yet another flaw in the Human Interface Device (HID) subsystem of the Linux kernel when CONFIG_HID_MULTITOUCH is enabled. A physically proximate attacker could leverage this flaw to cause a denial of service (OOPS) via a specially crafted device.\n(CVE-2013-2897)\n\nA flaw was discovered in the Linux kernel's dm snapshot facility. A remote authenticated user could exploit this flaw to obtain sensitive information or modify/corrupt data. (CVE-2013-4299).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2013-11-09T00:00:00", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=70799", "cvelist": ["CVE-2013-2147", "CVE-2013-2897", "CVE-2013-4299", "CVE-2013-2889", "CVE-2013-2893"], "lastseen": "2017-10-29T13:42:00"}, {"id": "FEDORA_2013-10689.NASL", "type": "nessus", "title": "Fedora 19 : kernel-3.9.5-301.fc19 (2013-10689)", "description": "Update to latest upstream stable release, Linux v3.9.5.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2013-07-12T00:00:00", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=67284", "cvelist": ["CVE-2013-2852", "CVE-2013-2147", "CVE-2013-2148", "CVE-2013-2851", "CVE-2013-2140", "CVE-2013-2164"], "lastseen": "2017-10-29T13:36:07"}, {"id": "REDHAT-RHSA-2013-1166.NASL", "type": "nessus", "title": "RHEL 5 : kernel (RHSA-2013:1166)", "description": "Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThis update fixes the following security issues :\n\n* A flaw was found in the way the Linux kernel's Stream Control Transmission Protocol (SCTP) implementation handled duplicate cookies.\nIf a local user queried SCTP connection information at the same time a remote attacker has initialized a crafted SCTP connection to the system, it could trigger a NULL pointer dereference, causing the system to crash. (CVE-2013-2206, Important)\n\n* It was found that the fix for CVE-2012-3552 released via RHSA-2012:1540 introduced an invalid free flaw in the Linux kernel's TCP/IP protocol suite implementation. A local, unprivileged user could use this flaw to corrupt kernel memory via crafted sendmsg() calls, allowing them to cause a denial of service or, potentially, escalate their privileges on the system. (CVE-2013-2224, Important)\n\n* An invalid pointer dereference flaw was found in the Linux kernel's TCP/IP protocol suite implementation. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system by using sendmsg() with an IPv6 socket connected to an IPv4 destination. (CVE-2013-2232, Moderate)\n\n* Information leak flaws in the Linux kernel could allow a privileged, local user to leak kernel memory to user-space. (CVE-2013-2164, CVE-2013-2147, CVE-2013-2234, CVE-2013-2237, Low)\n\nThis update also fixes several bugs. Documentation for these changes will be available shortly from the Technical Notes document linked to in the References section.\n\nUsers should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "published": "2013-08-21T00:00:00", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=69413", "cvelist": ["CVE-2013-2234", "CVE-2013-2206", "CVE-2013-2147", "CVE-2013-2232", "CVE-2013-2237", "CVE-2013-2224", "CVE-2013-2164"], "lastseen": "2017-10-29T13:40:55"}, {"id": "UBUNTU_USN-2023-1.NASL", "type": "nessus", "title": "Ubuntu 13.04 : linux vulnerabilities (USN-2023-1)", "description": "An information leak was discovered in the handling of ICMPv6 Router Advertisement (RA) messages in the Linux kernel's IPv6 network stack.\nA remote attacker could exploit this flaw to cause a denial of service (excessive retries and address-generation outage), and consequently obtain sensitive information. (CVE-2013-0343)\n\nDan Carpenter discovered an information leak in the HP Smart Aray and Compaq SMART2 disk-array driver in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from kernel memory. (CVE-2013-2147)\n\nKees Cook discovered flaw in the Human Interface Device (HID) subsystem when CONFIG_HID_ZEROPLUS is enabled. A physically proximate attacker could leverage this flaw to cause a denial of service via a specially crafted device. (CVE-2013-2889)\n\nKees Cook discovered another flaw in the Human Interface Device (HID) subsystem of the Linux kernel when any of CONFIG_LOGITECH_FF, CONFIG_LOGIG940_FF, or CONFIG_LOGIWHEELS_FF are enabled. A physcially proximate attacker can leverage this flaw to cause a denial of service vias a specially crafted device. (CVE-2013-2893)\n\nKees Cook discovered a flaw in the Human Interface Device (HID) subsystem of the Linux kernel when CONFIG_HID_LENOVO_TPKBD is enabled.\nA physically proximate attacker could exploit this flaw to cause a denial of service via a specially crafted device. (CVE-2013-2894)\n\nKees Cook discovered another flaw in the Human Interface Device (HID) subsystem of the Linux kernel when CONFIG_HID_LOGITECH_DJ is enabled.\nA physically proximate attacker could cause a denial of service (OOPS) or obtain sensitive information from kernel memory via a specially crafted device. (CVE-2013-2895)\n\nKees Cook discovered yet another flaw in the Human Interface Device (HID) subsystem of the Linux kernel when CONFIG_HID_MULTITOUCH is enabled. A physically proximate attacker could leverage this flaw to cause a denial of service (OOPS) via a specially crafted device.\n(CVE-2013-2897)\n\nWannes Rombouts reported a vulnerability in the networking tuntap interface of the Linux kernel. A local user with the CAP_NET_ADMIN capability could leverage this flaw to gain full admin privileges.\n(CVE-2013-4343).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2013-11-09T00:00:00", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=70805", "cvelist": ["CVE-2013-2894", "CVE-2013-2147", "CVE-2013-2897", "CVE-2013-0343", "CVE-2013-2895", "CVE-2013-4343", "CVE-2013-2889", "CVE-2013-2893"], "lastseen": "2017-10-29T13:44:33"}, {"id": "UBUNTU_USN-2020-1.NASL", "type": "nessus", "title": "Ubuntu 12.04 LTS : linux-lts-raring vulnerabilities (USN-2020-1)", "description": "An information leak was discovered in the handling of ICMPv6 Router Advertisement (RA) messages in the Linux kernel's IPv6 network stack.\nA remote attacker could exploit this flaw to cause a denial of service (excessive retries and address-generation outage), and consequently obtain sensitive information. (CVE-2013-0343)\n\nDan Carpenter discovered an information leak in the HP Smart Aray and Compaq SMART2 disk-array driver in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from kernel memory. (CVE-2013-2147)\n\nKees Cook discovered flaw in the Human Interface Device (HID) subsystem when CONFIG_HID_ZEROPLUS is enabled. A physically proximate attacker could leverage this flaw to cause a denial of service via a specially crafted device. (CVE-2013-2889)\n\nKees Cook discovered another flaw in the Human Interface Device (HID) subsystem of the Linux kernel when any of CONFIG_LOGITECH_FF, CONFIG_LOGIG940_FF, or CONFIG_LOGIWHEELS_FF are enabled. A physcially proximate attacker can leverage this flaw to cause a denial of service vias a specially crafted device. (CVE-2013-2893)\n\nKees Cook discovered a flaw in the Human Interface Device (HID) subsystem of the Linux kernel when CONFIG_HID_LENOVO_TPKBD is enabled.\nA physically proximate attacker could exploit this flaw to cause a denial of service via a specially crafted device. (CVE-2013-2894)\n\nKees Cook discovered another flaw in the Human Interface Device (HID) subsystem of the Linux kernel when CONFIG_HID_LOGITECH_DJ is enabled.\nA physically proximate attacker could cause a denial of service (OOPS) or obtain sensitive information from kernel memory via a specially crafted device. (CVE-2013-2895)\n\nKees Cook discovered yet another flaw in the Human Interface Device (HID) subsystem of the Linux kernel when CONFIG_HID_MULTITOUCH is enabled. A physically proximate attacker could leverage this flaw to cause a denial of service (OOPS) via a specially crafted device.\n(CVE-2013-2897)\n\nWannes Rombouts reported a vulnerability in the networking tuntap interface of the Linux kernel. A local user with the CAP_NET_ADMIN capability could leverage this flaw to gain full admin privileges.\n(CVE-2013-4343).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2013-11-09T00:00:00", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=70803", "cvelist": ["CVE-2013-2894", "CVE-2013-2147", "CVE-2013-2897", "CVE-2013-0343", "CVE-2013-2895", "CVE-2013-4343", "CVE-2013-2889", "CVE-2013-2893"], "lastseen": "2017-10-29T13:43:45"}, {"id": "FEDORA_2013-9123.NASL", "type": "nessus", "title": "Fedora 17 : kernel-3.9.8-100.fc17 (2013-9123)", "description": "Rebase to 3.9.8 now that 3.8 is no longer maintained.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2013-07-12T00:00:00", "cvss": {"score": 7.9, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=67351", "cvelist": ["CVE-2013-2852", "CVE-2013-2147", "CVE-2013-2148", "CVE-2013-2851", "CVE-2013-2850", "CVE-2013-2140", "CVE-2013-2164"], "lastseen": "2017-10-29T13:35:36"}, {"id": "FEDORA_2013-10695.NASL", "type": "nessus", "title": "Fedora 18 : kernel-3.9.5-201.fc18 (2013-10695)", "description": "Update to the latest upstream stable release, Linux v3.9.5\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2013-07-12T00:00:00", "cvss": {"score": 7.9, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=67285", "cvelist": ["CVE-2013-2852", "CVE-2013-2147", "CVE-2013-2148", "CVE-2013-2851", "CVE-2013-2850", "CVE-2013-2140", "CVE-2013-2164"], "lastseen": "2017-10-29T13:35:22"}], "openvas": [{"id": "OPENVAS:841608", "type": "openvas", "title": "Ubuntu Update for linux-ti-omap4 USN-1997-1", "description": "Check for the Version of linux-ti-omap4", "published": "2013-10-29T00:00:00", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=841608", "cvelist": ["CVE-2013-2147"], "lastseen": "2018-01-23T13:09:50"}, {"id": "OPENVAS:841610", "type": "openvas", "title": "Ubuntu Update for linux-ti-omap4 USN-1999-1", "description": "Check for the Version of linux-ti-omap4", "published": "2013-10-29T00:00:00", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=841610", "cvelist": ["CVE-2013-2147"], "lastseen": "2017-12-04T11:21:52"}, {"id": "OPENVAS:1361412562310841597", "type": "openvas", "title": "Ubuntu Update for linux-lts-quantal USN-1994-1", "description": "Check for the Version of linux-lts-quantal", "published": "2013-10-29T00:00:00", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841597", "cvelist": ["CVE-2013-2147"], "lastseen": "2018-04-06T11:23:12"}, {"id": "OPENVAS:1361412562310841610", "type": "openvas", "title": "Ubuntu Update for linux-ti-omap4 USN-1999-1", "description": "Check for the Version of linux-ti-omap4", "published": "2013-10-29T00:00:00", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841610", "cvelist": ["CVE-2013-2147"], "lastseen": "2018-04-09T11:23:17"}, {"id": "OPENVAS:1361412562310841595", "type": "openvas", "title": "Ubuntu Update for linux USN-1996-1", "description": "Check for the Version of linux", "published": "2013-10-29T00:00:00", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841595", "cvelist": ["CVE-2013-2147"], "lastseen": "2018-04-09T11:23:37"}, {"id": "OPENVAS:841597", "type": "openvas", "title": "Ubuntu Update for linux-lts-quantal USN-1994-1", "description": "Check for the Version of linux-lts-quantal", "published": "2013-10-29T00:00:00", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=841597", "cvelist": ["CVE-2013-2147"], "lastseen": "2018-01-18T11:09:27"}, {"id": "OPENVAS:1361412562310841608", "type": "openvas", "title": "Ubuntu Update for linux-ti-omap4 USN-1997-1", "description": "Check for the Version of linux-ti-omap4", "published": "2013-10-29T00:00:00", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841608", "cvelist": ["CVE-2013-2147"], "lastseen": "2018-04-06T11:21:51"}, {"id": "OPENVAS:841595", "type": "openvas", "title": "Ubuntu Update for linux USN-1996-1", "description": "Check for the Version of linux", "published": "2013-10-29T00:00:00", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=841595", "cvelist": ["CVE-2013-2147"], "lastseen": "2017-12-04T11:22:00"}, {"id": "OPENVAS:841630", "type": "openvas", "title": "Ubuntu Update for linux-ti-omap4 USN-2018-1", "description": "Check for the Version of linux-ti-omap4", "published": "2013-11-18T00:00:00", "cvss": {"score": 4.0, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=841630", "cvelist": ["CVE-2013-2147", "CVE-2012-5375", "CVE-2012-5374"], "lastseen": "2017-12-04T11:21:28"}, {"id": "OPENVAS:1361412562310841617", "type": "openvas", "title": "Ubuntu Update for linux USN-2017-1", "description": "Check for the Version of linux", "published": "2013-11-18T00:00:00", "cvss": {"score": 4.0, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841617", "cvelist": ["CVE-2013-2147", "CVE-2012-5375", "CVE-2012-5374"], "lastseen": "2018-04-09T11:24:19"}], "ubuntu": [{"id": "USN-1994-1", "type": "ubuntu", "title": "Linux kernel (Quantal HWE) vulnerability", "description": "Dan Carpenter discovered an information leak in the HP Smart Array and Compaq SMART2 disk-array driver in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from kernel memory.", "published": "2013-10-22T00:00:00", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://usn.ubuntu.com/1994-1/", "cvelist": ["CVE-2013-2147"], "lastseen": "2018-03-29T18:19:23"}, {"id": "USN-1999-1", "type": "ubuntu", "title": "Linux kernel (OMAP4) vulnerability", "description": "Dan Carpenter discovered an information leak in the HP Smart Array and Compaq SMART2 disk-array driver in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from kernel memory.", "published": "2013-10-22T00:00:00", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://usn.ubuntu.com/1999-1/", "cvelist": ["CVE-2013-2147"], "lastseen": "2018-03-29T18:20:25"}, {"id": "USN-1996-1", "type": "ubuntu", "title": "Linux kernel vulnerability", "description": "Dan Carpenter discovered an information leak in the HP Smart Array and Compaq SMART2 disk-array driver in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from kernel memory.", "published": "2013-10-22T00:00:00", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://usn.ubuntu.com/1996-1/", "cvelist": ["CVE-2013-2147"], "lastseen": "2018-03-29T18:18:15"}, {"id": "USN-1997-1", "type": "ubuntu", "title": "Linux kernel (OMAP4) vulnerability", "description": "Dan Carpenter discovered an information leak in the HP Smart Array and Compaq SMART2 disk-array driver in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from kernel memory.", "published": "2013-10-22T00:00:00", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://usn.ubuntu.com/1997-1/", "cvelist": ["CVE-2013-2147"], "lastseen": "2018-03-29T18:19:38"}, {"id": "USN-2017-1", "type": "ubuntu", "title": "Linux kernel vulnerabilities", "description": "A denial of service flaw was discovered in the Btrfs file system in the Linux kernel. A local user could cause a denial of service by creating a large number of files with names that have the same CRC32 hash value. (CVE-2012-5374)\n\nA denial of service flaw was discovered in the Btrfs file system in the Linux kernel. A local user could cause a denial of service (prevent file creation) for a victim, by creating a file with a specific CRC32C hash value in a directory important to the victim. (CVE-2012-5375)\n\nDan Carpenter discovered an information leak in the HP Smart Array and Compaq SMART2 disk-array driver in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from kernel memory. (CVE-2013-2147)", "published": "2013-11-08T00:00:00", "cvss": {"score": 4.0, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://usn.ubuntu.com/2017-1/", "cvelist": ["CVE-2013-2147", "CVE-2012-5375", "CVE-2012-5374"], "lastseen": "2018-03-29T18:21:24"}, {"id": "USN-2018-1", "type": "ubuntu", "title": "Linux kernel (OMAP4) vulnerabilities", "description": "A denial of service flaw was discovered in the Btrfs file system in the Linux kernel. A local user could cause a denial of service by creating a large number of files with names that have the same CRC32 hash value. (CVE-2012-5374)\n\nA denial of service flaw was discovered in the Btrfs file system in the Linux kernel. A local user could cause a denial of service (prevent file creation) for a victim, by creating a file with a specific CRC32C hash value in a directory important to the victim. (CVE-2012-5375)\n\nDan Carpenter discovered an information leak in the HP Smart Array and Compaq SMART2 disk-array driver in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from kernel memory. (CVE-2013-2147)", "published": "2013-11-08T00:00:00", "cvss": {"score": 4.0, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://usn.ubuntu.com/2018-1/", "cvelist": ["CVE-2013-2147", "CVE-2012-5375", "CVE-2012-5374"], "lastseen": "2018-03-29T18:17:39"}, {"id": "USN-2015-1", "type": "ubuntu", "title": "Linux kernel vulnerabilities", "description": "Dan Carpenter discovered an information leak in the HP Smart Array and Compaq SMART2 disk-array driver in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from kernel memory. (CVE-2013-2147)\n\nKees Cook discovered flaw in the Human Interface Device (HID) subsystem when CONFIG_HID_ZEROPLUS is enabled. A physically proximate attacker could leverage this flaw to cause a denial of service via a specially crafted device. (CVE-2013-2889)\n\nKees Cook discovered another flaw in the Human Interface Device (HID) subsystem of the Linux kernel when any of CONFIG_LOGITECH_FF, CONFIG_LOGIG940_FF, or CONFIG_LOGIWHEELS_FF are enabled. A physcially proximate attacker can leverage this flaw to cause a denial of service vias a specially crafted device. (CVE-2013-2893)\n\nKees Cook discovered yet another flaw in the Human Interface Device (HID) subsystem of the Linux kernel when CONFIG_HID_MULTITOUCH is enabled. A physically proximate attacker could leverage this flaw to cause a denial of service (OOPS) via a specially crafted device. (CVE-2013-2897)\n\nA flaw was discovered in the Linux kernel\u2019s dm snapshot facility. A remote authenticated user could exploit this flaw to obtain sensitive information or modify/corrupt data. (CVE-2013-4299)", "published": "2013-11-08T00:00:00", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://usn.ubuntu.com/2015-1/", "cvelist": ["CVE-2013-2147", "CVE-2013-2897", "CVE-2013-4299", "CVE-2013-2889", "CVE-2013-2893"], "lastseen": "2018-03-29T18:17:26"}, {"id": "USN-2016-1", "type": "ubuntu", "title": "Linux kernel (EC2) vulnerabilities", "description": "Dan Carpenter discovered an information leak in the HP Smart Array and Compaq SMART2 disk-array driver in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from kernel memory. (CVE-2013-2147)\n\nKees Cook discovered flaw in the Human Interface Device (HID) subsystem when CONFIG_HID_ZEROPLUS is enabled. A physically proximate attacker could leverage this flaw to cause a denial of service via a specially crafted device. (CVE-2013-2889)\n\nKees Cook discovered another flaw in the Human Interface Device (HID) subsystem of the Linux kernel when any of CONFIG_LOGITECH_FF, CONFIG_LOGIG940_FF, or CONFIG_LOGIWHEELS_FF are enabled. A physcially proximate attacker can leverage this flaw to cause a denial of service vias a specially crafted device. (CVE-2013-2893)\n\nKees Cook discovered yet another flaw in the Human Interface Device (HID) subsystem of the Linux kernel when CONFIG_HID_MULTITOUCH is enabled. A physically proximate attacker could leverage this flaw to cause a denial of service (OOPS) via a specially crafted device. (CVE-2013-2897)\n\nA flaw was discovered in the Linux kernel\u2019s dm snapshot facility. A remote authenticated user could exploit this flaw to obtain sensitive information or modify/corrupt data. (CVE-2013-4299)", "published": "2013-11-08T00:00:00", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://usn.ubuntu.com/2016-1/", "cvelist": ["CVE-2013-2147", "CVE-2013-2897", "CVE-2013-4299", "CVE-2013-2889", "CVE-2013-2893"], "lastseen": "2018-03-29T18:21:20"}, {"id": "USN-2020-1", "type": "ubuntu", "title": "Linux kernel (Raring HWE) vulnerabilities", "description": "An information leak was discovered in the handling of ICMPv6 Router Advertisement (RA) messages in the Linux kernel\u2019s IPv6 network stack. A remote attacker could exploit this flaw to cause a denial of service (excessive retries and address-generation outage), and consequently obtain sensitive information. (CVE-2013-0343)\n\nDan Carpenter discovered an information leak in the HP Smart Array and Compaq SMART2 disk-array driver in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from kernel memory. (CVE-2013-2147)\n\nKees Cook discovered flaw in the Human Interface Device (HID) subsystem when CONFIG_HID_ZEROPLUS is enabled. A physically proximate attacker could leverage this flaw to cause a denial of service via a specially crafted device. (CVE-2013-2889)\n\nKees Cook discovered another flaw in the Human Interface Device (HID) subsystem of the Linux kernel when any of CONFIG_LOGITECH_FF, CONFIG_LOGIG940_FF, or CONFIG_LOGIWHEELS_FF are enabled. A physcially proximate attacker can leverage this flaw to cause a denial of service vias a specially crafted device. (CVE-2013-2893)\n\nKees Cook discovered a flaw in the Human Interface Device (HID) subsystem of the Linux kernel when CONFIG_HID_LENOVO_TPKBD is enabled. A physically proximate attacker could exploit this flaw to cause a denial of service via a specially crafted device. (CVE-2013-2894)\n\nKees Cook discovered another flaw in the Human Interface Device (HID) subsystem of the Linux kernel when CONFIG_HID_LOGITECH_DJ is enabled. A physically proximate attacker could cause a denial of service (OOPS) or obtain sensitive information from kernel memory via a specially crafted device. (CVE-2013-2895)\n\nKees Cook discovered yet another flaw in the Human Interface Device (HID) subsystem of the Linux kernel when CONFIG_HID_MULTITOUCH is enabled. A physically proximate attacker could leverage this flaw to cause a denial of service (OOPS) via a specially crafted device. (CVE-2013-2897)\n\nMiroslav Vadkerti discovered a flaw in how the permissions for network sysctls are handled in the Linux kernel. An unprivileged local user could exploit this flaw to have privileged access to files in /proc/sys/net/. (CVE-2013-4270)\n\nWannes Rombouts reported a vulnerability in the networking tuntap interface of the Linux kernel. A local user with the CAP_NET_ADMIN capability could leverage this flaw to gain full admin privileges. (CVE-2013-4343)", "published": "2013-11-08T00:00:00", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://usn.ubuntu.com/2020-1/", "cvelist": ["CVE-2013-2894", "CVE-2013-4270", "CVE-2013-2147", "CVE-2013-2897", "CVE-2013-0343", "CVE-2013-2895", "CVE-2013-4343", "CVE-2013-2889", "CVE-2013-2893"], "lastseen": "2018-03-29T18:18:32"}, {"id": "USN-2023-1", "type": "ubuntu", "title": "Linux kernel vulnerabilities", "description": "An information leak was discovered in the handling of ICMPv6 Router Advertisement (RA) messages in the Linux kernel\u2019s IPv6 network stack. A remote attacker could exploit this flaw to cause a denial of service (excessive retries and address-generation outage), and consequently obtain sensitive information. (CVE-2013-0343)\n\nDan Carpenter discovered an information leak in the HP Smart Array and Compaq SMART2 disk-array driver in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from kernel memory. (CVE-2013-2147)\n\nKees Cook discovered flaw in the Human Interface Device (HID) subsystem when CONFIG_HID_ZEROPLUS is enabled. A physically proximate attacker could leverage this flaw to cause a denial of service via a specially crafted device. (CVE-2013-2889)\n\nKees Cook discovered another flaw in the Human Interface Device (HID) subsystem of the Linux kernel when any of CONFIG_LOGITECH_FF, CONFIG_LOGIG940_FF, or CONFIG_LOGIWHEELS_FF are enabled. A physcially proximate attacker can leverage this flaw to cause a denial of service vias a specially crafted device. (CVE-2013-2893)\n\nKees Cook discovered a flaw in the Human Interface Device (HID) subsystem of the Linux kernel when CONFIG_HID_LENOVO_TPKBD is enabled. A physically proximate attacker could exploit this flaw to cause a denial of service via a specially crafted device. (CVE-2013-2894)\n\nKees Cook discovered another flaw in the Human Interface Device (HID) subsystem of the Linux kernel when CONFIG_HID_LOGITECH_DJ is enabled. A physically proximate attacker could cause a denial of service (OOPS) or obtain sensitive information from kernel memory via a specially crafted device. (CVE-2013-2895)\n\nKees Cook discovered yet another flaw in the Human Interface Device (HID) subsystem of the Linux kernel when CONFIG_HID_MULTITOUCH is enabled. A physically proximate attacker could leverage this flaw to cause a denial of service (OOPS) via a specially crafted device. (CVE-2013-2897)\n\nMiroslav Vadkerti discovered a flaw in how the permissions for network sysctls are handled in the Linux kernel. An unprivileged local user could exploit this flaw to have privileged access to files in /proc/sys/net/. (CVE-2013-4270)\n\nWannes Rombouts reported a vulnerability in the networking tuntap interface of the Linux kernel. A local user with the CAP_NET_ADMIN capability could leverage this flaw to gain full admin privileges. (CVE-2013-4343)", "published": "2013-11-08T00:00:00", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://usn.ubuntu.com/2023-1/", "cvelist": ["CVE-2013-2894", "CVE-2013-4270", "CVE-2013-2147", "CVE-2013-2897", "CVE-2013-0343", "CVE-2013-2895", "CVE-2013-4343", "CVE-2013-2889", "CVE-2013-2893"], "lastseen": "2018-03-29T18:20:33"}], "centos": [{"id": "CESA-2013:1166", "type": "centos", "title": "kernel security update", "description": "**CentOS Errata and Security Advisory** CESA-2013:1166\n\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* A flaw was found in the way the Linux kernel's Stream Control\nTransmission Protocol (SCTP) implementation handled duplicate cookies. If a\nlocal user queried SCTP connection information at the same time a remote\nattacker has initialized a crafted SCTP connection to the system, it could\ntrigger a NULL pointer dereference, causing the system to crash.\n(CVE-2013-2206, Important)\n\n* It was found that the fix for CVE-2012-3552 released via RHSA-2012:1540\nintroduced an invalid free flaw in the Linux kernel's TCP/IP protocol suite\nimplementation. A local, unprivileged user could use this flaw to corrupt\nkernel memory via crafted sendmsg() calls, allowing them to cause a denial\nof service or, potentially, escalate their privileges on the system.\n(CVE-2013-2224, Important)\n\n* An invalid pointer dereference flaw was found in the Linux kernel's\nTCP/IP protocol suite implementation. A local, unprivileged user could use\nthis flaw to crash the system or, potentially, escalate their privileges on\nthe system by using sendmsg() with an IPv6 socket connected to an IPv4\ndestination. (CVE-2013-2232, Moderate)\n\n* Information leak flaws in the Linux kernel could allow a privileged,\nlocal user to leak kernel memory to user-space. (CVE-2013-2164,\nCVE-2013-2147, CVE-2013-2234, CVE-2013-2237, Low)\n\nThis update also fixes several bugs. Documentation for these changes will\nbe available shortly from the Technical Notes document linked to in the\nReferences section.\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues. The system must be rebooted for this\nupdate to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2013-August/019910.html\n\n**Affected packages:**\nkernel\nkernel-PAE\nkernel-PAE-devel\nkernel-debug\nkernel-debug-devel\nkernel-devel\nkernel-doc\nkernel-headers\nkernel-xen\nkernel-xen-devel\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2013-1166.html", "published": "2013-08-21T14:07:08", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2013-August/019910.html", "cvelist": ["CVE-2013-2234", "CVE-2013-2206", "CVE-2013-2147", "CVE-2013-2232", "CVE-2013-2237", "CVE-2012-3552", "CVE-2013-2224", "CVE-2013-2164"], "lastseen": "2017-10-03T18:26:55"}, {"id": "CESA-2013:1436", "type": "centos", "title": "kernel, perf, python security update", "description": "**CentOS Errata and Security Advisory** CESA-2013:1436\n\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel's TCP/IP protocol suite\nimplementation handled IPv6 sockets that used the UDP_CORK option. A local,\nunprivileged user could use this flaw to cause a denial of\nservice. (CVE-2013-4162, Moderate)\n\n* An information leak flaw was found in the way Linux kernel's device\nmapper subsystem, under certain conditions, interpreted data written to\nsnapshot block devices. An attacker could use this flaw to read data from\ndisk blocks in free space, which are normally inaccessible. (CVE-2013-4299,\nModerate)\n\nRed Hat would like to thank Hannes Frederic Sowa for reporting\nCVE-2013-4162; and Fujitsu for reporting CVE-2013-4299.\n\nThis update also fixes several bugs. Documentation for these changes will\nbe available shortly from the Technical Notes document linked to in the\nReferences section.\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2013-October/019976.html\n\n**Affected packages:**\nkernel\nkernel-debug\nkernel-debug-devel\nkernel-devel\nkernel-doc\nkernel-firmware\nkernel-headers\nperf\npython-perf\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2013-1436.html", "published": "2013-10-17T16:14:23", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2013-October/019976.html", "cvelist": ["CVE-2013-4162", "CVE-2013-4299"], "lastseen": "2017-10-03T18:24:50"}, {"id": "CESA-2013:1449", "type": "centos", "title": "kernel security update", "description": "**CentOS Errata and Security Advisory** CESA-2013:1449\n\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel handled the creation of\ntemporary IPv6 addresses. If the IPv6 privacy extension was enabled\n(/proc/sys/net/ipv6/conf/eth0/use_tempaddr is set to '2'), an attacker on\nthe local network could disable IPv6 temporary address generation, leading\nto a potential information disclosure. (CVE-2013-0343, Moderate)\n\n* An information leak flaw was found in the way Linux kernel's device\nmapper subsystem, under certain conditions, interpreted data written to\nsnapshot block devices. An attacker could use this flaw to read data from\ndisk blocks in free space, which are normally inaccessible. (CVE-2013-4299,\nModerate)\n\n* An off-by-one flaw was found in the way the ANSI CPRNG implementation in\nthe Linux kernel processed non-block size aligned requests. This could lead\nto random numbers being generated with less bits of entropy than expected\nwhen ANSI CPRNG was used. (CVE-2013-4345, Moderate)\n\n* An information leak flaw was found in the way Xen hypervisor emulated the\nOUTS instruction for 64-bit paravirtualized guests. A privileged guest user\ncould use this flaw to leak hypervisor stack memory to the guest.\n(CVE-2013-4368, Moderate)\n\nRed Hat would like to thank Fujitsu for reporting CVE-2013-4299, Stephan\nMueller for reporting CVE-2013-4345, and the Xen project for reporting\nCVE-2013-4368.\n\nThis update also fixes the following bug:\n\n* A bug in the GFS2 code prevented glock work queues from freeing\nglock-related memory while the glock memory shrinker repeatedly queued a\nlarge number of demote requests, for example when performing a simultaneous\nbackup of several live GFS2 volumes with a large file count. As a\nconsequence, the glock work queues became overloaded which resulted in a\nhigh CPU usage and the GFS2 file systems being unresponsive for a\nsignificant amount of time. A patch has been applied to alleviate this\nproblem by calling the yield() function after scheduling a certain amount\nof tasks on the glock work queues. The problem can now occur only with\nextremely high work loads. (BZ#1014714)\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2013-October/019981.html\n\n**Affected packages:**\nkernel\nkernel-PAE\nkernel-PAE-devel\nkernel-debug\nkernel-debug-devel\nkernel-devel\nkernel-doc\nkernel-headers\nkernel-xen\nkernel-xen-devel\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2013-1449.html", "published": "2013-10-23T00:10:49", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2013-October/019981.html", "cvelist": ["CVE-2013-4345", "CVE-2013-4368", "CVE-2013-0343", "CVE-2013-4299"], "lastseen": "2017-10-03T18:25:19"}, {"id": "CESA-2013:1645", "type": "centos", "title": "kernel, perf, python security update", "description": "**CentOS Errata and Security Advisory** CESA-2013:1645\n\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* A flaw was found in the way the Linux kernel's IPv6 implementation\nhandled certain UDP packets when the UDP Fragmentation Offload (UFO)\nfeature was enabled. A remote attacker could use this flaw to crash the\nsystem or, potentially, escalate their privileges on the system.\n(CVE-2013-4387, Important)\n\n* A flaw was found in the way the Linux kernel handled the creation of\ntemporary IPv6 addresses. If the IPv6 privacy extension was enabled\n(/proc/sys/net/ipv6/conf/eth0/use_tempaddr set to '2'), an attacker on the\nlocal network could disable IPv6 temporary address generation, leading to a\npotential information disclosure. (CVE-2013-0343, Moderate)\n\n* A flaw was found in the way the Linux kernel handled HID (Human Interface\nDevice) reports with an out-of-bounds Report ID. An attacker with physical\naccess to the system could use this flaw to crash the system or,\npotentially, escalate their privileges on the system. (CVE-2013-2888,\nModerate)\n\n* An off-by-one flaw was found in the way the ANSI CPRNG implementation in\nthe Linux kernel processed non-block size aligned requests. This could lead\nto random numbers being generated with less bits of entropy than expected\nwhen ANSI CPRNG was used. (CVE-2013-4345, Moderate)\n\n* It was found that the fix for CVE-2012-2375 released via RHSA-2012:1580\naccidentally removed a check for small-sized result buffers. A local,\nunprivileged user with access to an NFSv4 mount with ACL support could use\nthis flaw to crash the system or, potentially, escalate their privileges on\nthe system . (CVE-2013-4591, Moderate)\n\n* A flaw was found in the way IOMMU memory mappings were handled when\nmoving memory slots. A malicious user on a KVM host who has the ability to\nassign a device to a guest could use this flaw to crash the host.\n(CVE-2013-4592, Moderate)\n\n* Heap-based buffer overflow flaws were found in the way the Zeroplus and\nPantherlord/GreenAsia game controllers handled HID reports. An attacker\nwith physical access to the system could use these flaws to crash the\nsystem or, potentially, escalate their privileges on the system.\n(CVE-2013-2889, CVE-2013-2892, Moderate)\n\n* Two information leak flaws were found in the logical link control (LLC)\nimplementation in the Linux kernel. A local, unprivileged user could use\nthese flaws to leak kernel stack memory to user space. (CVE-2012-6542,\nCVE-2013-3231, Low)\n\n* A heap-based buffer overflow in the way the tg3 Ethernet driver parsed\nthe vital product data (VPD) of devices could allow an attacker with\nphysical access to a system to cause a denial of service or, potentially,\nescalate their privileges. (CVE-2013-1929, Low)\n\n* Information leak flaws in the Linux kernel could allow a privileged,\nlocal user to leak kernel memory to user space. (CVE-2012-6545,\nCVE-2013-1928, CVE-2013-2164, CVE-2013-2234, Low)\n\n* A format string flaw was found in the Linux kernel's block layer.\nA privileged, local user could potentially use this flaw to escalate their\nprivileges to kernel level (ring0). (CVE-2013-2851, Low)\n\nRed Hat would like to thank Stephan Mueller for reporting CVE-2013-4345,\nand Kees Cook for reporting CVE-2013-2851.\n\nThis update also fixes several hundred bugs and adds enhancements. Refer to\nthe Red Hat Enterprise Linux 6.5 Release Notes for information on the most\nsignificant of these changes, and the Technical Notes for further\ninformation, both linked to in the References.\n\nAll Red Hat Enterprise Linux 6 users are advised to install these updated\npackages, which correct these issues, and fix the bugs and add the\nenhancements noted in the Red Hat Enterprise Linux 6.5 Release Notes and\nTechnical Notes. The system must be rebooted for this update to take\neffect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-cr-announce/2013-November/000976.html\n\n**Affected packages:**\nkernel\nkernel-abi-whitelists\nkernel-debug\nkernel-debug-devel\nkernel-devel\nkernel-doc\nkernel-firmware\nkernel-headers\nperf\npython-perf\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2013-1645.html", "published": "2013-11-26T13:32:01", "cvss": {"score": 6.2, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.centos.org/pipermail/centos-cr-announce/2013-November/000976.html", "cvelist": ["CVE-2013-2234", "CVE-2013-4345", "CVE-2012-2375", "CVE-2013-3231", "CVE-2013-2892", "CVE-2013-4592", "CVE-2012-6545", "CVE-2012-6542", "CVE-2013-1929", "CVE-2013-2851", "CVE-2013-4387", "CVE-2013-0343", "CVE-2013-1928", "CVE-2013-2888", "CVE-2013-2164", "CVE-2013-2889", "CVE-2013-4591"], "lastseen": "2017-10-03T18:25:34"}], "redhat": [{"id": "RHSA-2013:1166", "type": "redhat", "title": "(RHSA-2013:1166) Important: kernel security and bug fix update", "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* A flaw was found in the way the Linux kernel's Stream Control\nTransmission Protocol (SCTP) implementation handled duplicate cookies. If a\nlocal user queried SCTP connection information at the same time a remote\nattacker has initialized a crafted SCTP connection to the system, it could\ntrigger a NULL pointer dereference, causing the system to crash.\n(CVE-2013-2206, Important)\n\n* It was found that the fix for CVE-2012-3552 released via RHSA-2012:1540\nintroduced an invalid free flaw in the Linux kernel's TCP/IP protocol suite\nimplementation. A local, unprivileged user could use this flaw to corrupt\nkernel memory via crafted sendmsg() calls, allowing them to cause a denial\nof service or, potentially, escalate their privileges on the system.\n(CVE-2013-2224, Important)\n\n* An invalid pointer dereference flaw was found in the Linux kernel's\nTCP/IP protocol suite implementation. A local, unprivileged user could use\nthis flaw to crash the system or, potentially, escalate their privileges on\nthe system by using sendmsg() with an IPv6 socket connected to an IPv4\ndestination. (CVE-2013-2232, Moderate)\n\n* Information leak flaws in the Linux kernel could allow a privileged,\nlocal user to leak kernel memory to user-space. (CVE-2013-2164,\nCVE-2013-2147, CVE-2013-2234, CVE-2013-2237, Low)\n\nThis update also fixes several bugs. Documentation for these changes will\nbe available shortly from the Technical Notes document linked to in the\nReferences section.\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues. The system must be rebooted for this\nupdate to take effect.\n", "published": "2013-08-20T04:00:00", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2013:1166", "cvelist": ["CVE-2012-3552", "CVE-2013-2147", "CVE-2013-2164", "CVE-2013-2206", "CVE-2013-2224", "CVE-2013-2232", "CVE-2013-2234", "CVE-2013-2237"], "lastseen": "2017-09-09T07:20:31"}, {"id": "RHSA-2013:1264", "type": "redhat", "title": "(RHSA-2013:1264) Important: kernel-rt security and bug fix update", "description": "The kernel-rt packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* A heap-based buffer overflow flaw was found in the Linux kernel's iSCSI\ntarget subsystem. A remote attacker could use a specially-crafted iSCSI\nrequest to cause a denial of service on a system or, potentially, escalate\ntheir privileges on that system. (CVE-2013-2850, Important)\n\n* A flaw was found in the Linux kernel's Performance Events implementation.\nOn systems with certain Intel processors, a local, unprivileged user could\nuse this flaw to cause a denial of service by leveraging the perf subsystem\nto write into the reserved bits of the OFFCORE_RSP_0 and OFFCORE_RSP_1\nmodel-specific registers. (CVE-2013-2146, Moderate)\n\n* An invalid pointer dereference flaw was found in the Linux kernel's\nTCP/IP protocol suite implementation. A local, unprivileged user could use\nthis flaw to crash the system or, potentially, escalate their privileges on\nthe system by using sendmsg() with an IPv6 socket connected to an IPv4\ndestination. (CVE-2013-2232, Moderate)\n\n* Two flaws were found in the way the Linux kernel's TCP/IP protocol suite\nimplementation handled IPv6 sockets that used the UDP_CORK option. A local,\nunprivileged user could use these flaws to cause a denial of service.\n(CVE-2013-4162, CVE-2013-4163, Moderate)\n\n* A flaw was found in the Linux kernel's Chipidea USB driver. A local,\nunprivileged user could use this flaw to cause a denial of service.\n(CVE-2013-2058, Low)\n\n* Information leak flaws in the Linux kernel could allow a privileged,\nlocal user to leak kernel memory to user-space. (CVE-2013-2147,\nCVE-2013-2164, CVE-2013-2234, CVE-2013-2237, Low)\n\n* Information leak flaws in the Linux kernel could allow a local,\nunprivileged user to leak kernel memory to user-space. (CVE-2013-2141,\nCVE-2013-2148, Low)\n\n* A format string flaw was found in the Linux kernel's block layer. A\nprivileged, local user could potentially use this flaw to escalate their\nprivileges to kernel level (ring0). (CVE-2013-2851, Low)\n\n* A format string flaw was found in the b43_do_request_fw() function in the\nLinux kernel's b43 driver implementation. A local user who is able to\nspecify the \"fwpostfix\" b43 module parameter could use this flaw to cause a\ndenial of service or, potentially, escalate their privileges.\n(CVE-2013-2852, Low)\n\n* A NULL pointer dereference flaw was found in the Linux kernel's ftrace\nand function tracer implementations. A local user who has the CAP_SYS_ADMIN\ncapability could use this flaw to cause a denial of service.\n(CVE-2013-3301, Low)\n\nRed Hat would like to thank Kees Cook for reporting CVE-2013-2850,\nCVE-2013-2851, and CVE-2013-2852; and Hannes Frederic Sowa for reporting\nCVE-2013-4162 and CVE-2013-4163.\n\nThis update also fixes the following bugs:\n\n* The following drivers have been updated, fixing a number of bugs:\nmyri10ge, bna, enic, mlx4, bgmac, bcma, cxgb3, cxgb4, qlcnic, r8169,\nbe2net, e100, e1000, e1000e, igb, ixgbe, brcm80211, cpsw, pch_gbe,\nbfin_mac, bnx2x, bnx2, cnic, tg3, and sfc. (BZ#974138)\n\n* The realtime kernel was not built with the CONFIG_NET_DROP_WATCH kernel\nconfiguration option enabled. As such, attempting to run the dropwatch\ncommand resulted in the following error:\n\nUnable to find NET_DM family, dropwatch can't work\nCleaning up on socket creation error\n\nWith this update, the realtime kernel is built with the\nCONFIG_NET_DROP_WATCH option, allowing dropwatch to work as expected.\n(BZ#979417)\n\nUsers should upgrade to these updated packages, which upgrade the kernel-rt\nkernel to version kernel-rt-3.6.11.5-rt37, and correct these issues. The\nsystem must be rebooted for this update to take effect.\n", "published": "2013-09-16T04:00:00", "cvss": {"score": 7.9, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2013:1264", "cvelist": ["CVE-2013-2234", "CVE-2013-2141", "CVE-2013-2058", "CVE-2013-2852", "CVE-2013-2147", "CVE-2013-3301", "CVE-2013-4162", "CVE-2013-2148", "CVE-2013-2232", "CVE-2013-2851", "CVE-2013-2850", "CVE-2013-4163", "CVE-2013-2146", "CVE-2013-2237", "CVE-2013-2164"], "lastseen": "2017-03-03T19:18:24"}, {"id": "RHSA-2013:1860", "type": "redhat", "title": "(RHSA-2013:1860) Moderate: kernel security and bug fix update", "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* An information leak flaw was found in the way the Linux kernel's device\nmapper subsystem, under certain conditions, interpreted data written to\nsnapshot block devices. An attacker could use this flaw to read data from\ndisk blocks in free space, which are normally inaccessible. (CVE-2013-4299,\nModerate)\n\nRed Hat would like to thank Fujitsu for reporting this issue.\n\nThis update also fixes the following bugs:\n\n* A previous fix to the kernel did not contain a memory barrier in the\npercpu_up_write() function. Consequently, under certain circumstances, a race\ncondition could occur, leading to memory corruption and a subsequent kernel\npanic. This update introduces a new memory barrier pair, light_mb() and\nheavy_mb(), for per-CPU basis read and write semaphores (percpu-rw-semaphores)\nensuring that the race condition can no longer occur. In addition, the read path\nperformance of \"percpu-rw-semaphores\" has been improved. (BZ#884735)\n\n* Due to several related bugs in the be2net driver, the driver did not handle\nfirmware manipulation of the network cards using the Emulex XE201 I/O controller\nproperly. As a consequence, these NICs could not recover from an error\nsuccessfully. A series of patches has been applied that fix the initialization\nsequence, and firmware download and activation for the XE201 controller. Error\nrecovery now works as expected for the be2net NICs using the Emulex XE201 I/O\ncontroller. (BZ#1019892)\n\n* A bug in the be2net driver could cause packet corruption when handling\nVLAN-tagged packets with no assigned VLAN group. This happened because the\nbe2net driver called a function responsible for VLAN tag reinsertion in a wrong\norder in the code. The code has been restructured and the be2net driver now\ncalls the __vlan_put_tag() function correctly, thus avoiding the packet\ncorruption. (BZ#1019893)\n\n* A previous patch to the kernel introduced the \"VLAN tag re-insertion\"\nworkaround to resolve a problem with incorrectly handled VLAN-tagged packets\nwith no assigned VLAN group while the be2net driver was in promiscuous mode.\nHowever, this solution led to packet corruption and a subsequent kernel oops if\nsuch a processed packet was a GRO packet. Therefore, a patch has been applied to\nrestrict VLAN tag re-insertion only to non-GRO packets. The be2net driver now\nprocesses VLAN-tagged packets with no assigned VLAN group correctly in this\nsituation. (BZ#1023347)\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\n", "published": "2013-12-19T05:00:00", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://access.redhat.com/errata/RHSA-2013:1860", "cvelist": ["CVE-2013-4299"], "lastseen": "2017-09-09T07:19:18"}, {"id": "RHSA-2013:1436", "type": "redhat", "title": "(RHSA-2013:1436) Moderate: kernel security and bug fix update", "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel's TCP/IP protocol suite\nimplementation handled IPv6 sockets that used the UDP_CORK option. A local,\nunprivileged user could use this flaw to cause a denial of\nservice. (CVE-2013-4162, Moderate)\n\n* An information leak flaw was found in the way Linux kernel's device\nmapper subsystem, under certain conditions, interpreted data written to\nsnapshot block devices. An attacker could use this flaw to read data from\ndisk blocks in free space, which are normally inaccessible. (CVE-2013-4299,\nModerate)\n\nRed Hat would like to thank Hannes Frederic Sowa for reporting\nCVE-2013-4162; and Fujitsu for reporting CVE-2013-4299.\n\nThis update also fixes several bugs. Documentation for these changes will\nbe available shortly from the Technical Notes document linked to in the\nReferences section.\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\n", "published": "2013-10-16T04:00:00", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://access.redhat.com/errata/RHSA-2013:1436", "cvelist": ["CVE-2013-4162", "CVE-2013-4299"], "lastseen": "2017-12-25T20:05:00"}, {"id": "RHSA-2013:1520", "type": "redhat", "title": "(RHSA-2013:1520) Moderate: kernel security, bug fix, and enhancement update", "description": "Red Hat OpenStack 3.0 includes a custom Red Hat Enterprise Linux 6.4\nkernel. These custom kernel packages include support for network\nnamespaces; this support is required to facilitate advanced OpenStack\nNetworking deployments.\n\n* A flaw was found in the way the Linux kernel's TCP/IP protocol suite\nimplementation handled IPv6 sockets that used the UDP_CORK option. A local,\nunprivileged user could use this flaw to cause a denial of service.\n(CVE-2013-4162, Moderate)\n\n* An information leak flaw was found in the way the Linux kernel's device\nmapper subsystem, under certain conditions, interpreted data written to\nsnapshot block devices. An attacker could use this flaw to read data from\ndisk blocks in free space, which are normally inaccessible. (CVE-2013-4299,\nModerate)\n\nRed Hat would like to thank Hannes Frederic Sowa for reporting\nCVE-2013-4162; and Fujitsu for reporting CVE-2013-4299.\n\nThis update also fixes the following bug:\n\n* Prior to this update, while performing Generic Routing Encapsulation\n(GRE), the possibility of having a 802.1Q inner header was not considered\nduring the Generic Segmentation Offloading (GSO). With this update, a check\nhas been added to detect the use of 802.1Q and handle the packet\naccordingly. (BZ#1005804)\n\nIn addition, this update adds the following enhancements:\n\n* This update adds support for Distributed Overlay Virtual Ethernet (DOVE).\n(BZ#1009025)\n\n* This update adds support for Virtual Extensible LAN (VXLAN) as an Open\nvSwitch (OVS) tunneling type. (BZ#1009006)\n\nMore information on the Red Hat Enterprise Linux 6.4 kernel packages upon\nwhich these custom kernel packages are based is available in\nRHSA-2013:1436:\n\nhttps://rhn.redhat.com/errata/RHSA-2013-1436.html\n\nAll Red Hat OpenStack 3.0 users deploying the OpenStack Networking service\nare advised to install these updated packages.\n", "published": "2013-11-14T05:00:00", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://access.redhat.com/errata/RHSA-2013:1520", "cvelist": ["CVE-2013-4162", "CVE-2013-4299"], "lastseen": "2017-03-06T09:19:27"}, {"id": "RHSA-2013:1519", "type": "redhat", "title": "(RHSA-2013:1519) Important: kernel security and bug fix update", "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A race condition was found in the way asynchronous I/O and fallocate()\ninteracted when using the ext4 file system. A local, unprivileged user\ncould use this flaw to expose random data from an extent whose data blocks\nhave not yet been written, and thus contain data from a deleted file.\n(CVE-2012-4508, Important)\n\n* An information leak flaw was found in the way Linux kernel's device\nmapper subsystem, under certain conditions, interpreted data written to\nsnapshot block devices. An attacker could use this flaw to read data from\ndisk blocks in free space, which are normally inaccessible. (CVE-2013-4299,\nModerate)\n\nRed Hat would like to thank Theodore Ts'o for reporting CVE-2012-4508, and\nFujitsu for reporting CVE-2013-4299. Upstream acknowledges Dmitry Monakhov\nas the original reporter of CVE-2012-4508.\n\nThis update also fixes the following bugs:\n\n* When the Audit subsystem was under heavy load, it could loop infinitely\nin the audit_log_start() function instead of failing over to the error\nrecovery code. This would cause soft lockups in the kernel. With this\nupdate, the timeout condition in the audit_log_start() function has been\nmodified to properly fail over when necessary. (BZ#1017898)\n\n* When handling Memory Type Range Registers (MTRRs), the\nstop_one_cpu_nowait() function could potentially be executed in parallel\nwith the stop_machine() function, which resulted in a deadlock. The MTRR\nhandling logic now uses the stop_machine() function and makes use of mutual\nexclusion to avoid the aforementioned deadlock. (BZ#1017902)\n\n* Power-limit notification interrupts were enabled by default. This could\nlead to degradation of system performance or even render the system\nunusable on certain platforms, such as Dell PowerEdge servers. Power-limit\nnotification interrupts have been disabled by default and a new kernel\ncommand line parameter \"int_pln_enable\" has been added to allow users to\nobserve these events using the existing system counters. Power-limit\nnotification messages are also no longer displayed on the console.\nThe affected platforms no longer suffer from degraded system performance\ndue to this problem. (BZ#1020519)\n\n* Package level thermal and power limit events are not defined as MCE\nerrors for the x86 architecture. However, the mcelog utility erroneously\nreported these events as MCE errors with the following message:\n\n kernel: [Hardware Error]: Machine check events logged\n\nPackage level thermal and power limit events are no longer reported as MCE\nerrors by mcelog. When these events are triggered, they are now reported\nonly in the respective counters in sysfs (specifically,\n/sys/devices/system/cpu/cpu<number>/thermal_throttle/). (BZ#1021950)\n\n* An insufficiently designed calculation in the CPU accelerator could cause\nan arithmetic overflow in the set_cyc2ns_scale() function if the system\nuptime exceeded 208 days prior to using kexec to boot into a new kernel.\nThis overflow led to a kernel panic on systems using the Time Stamp Counter\n(TSC) clock source, primarily systems using Intel Xeon E5 processors that\ndo not reset TSC on soft power cycles. A patch has been applied to modify\nthe calculation so that this arithmetic overflow and kernel panic can no\nlonger occur under these circumstances. (BZ#1024453)\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\n", "published": "2013-11-13T05:00:00", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://access.redhat.com/errata/RHSA-2013:1519", "cvelist": ["CVE-2012-4508", "CVE-2013-4299"], "lastseen": "2016-09-04T11:17:57"}, {"id": "RHSA-2013:1783", "type": "redhat", "title": "(RHSA-2013:1783) Important: kernel security and bug fix update", "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A race condition was found in the way asynchronous I/O and fallocate()\ninteracted when using the ext4 file system. A local, unprivileged user\ncould use this flaw to expose random data from an extent whose data blocks\nhave not yet been written, and thus contain data from a deleted file.\n(CVE-2012-4508, Important)\n\n* An information leak flaw was found in the way the Linux kernel's device\nmapper subsystem, under certain conditions, interpreted data written to\nsnapshot block devices. An attacker could use this flaw to read data from\ndisk blocks in free space, which are normally inaccessible. (CVE-2013-4299,\nModerate)\n\n* A format string flaw was found in the Linux kernel's block layer.\nA privileged, local user could potentially use this flaw to escalate their\nprivileges to kernel level (ring0). (CVE-2013-2851, Low)\n\nRed Hat would like to thank Theodore Ts'o for reporting CVE-2012-4508,\nFujitsu for reporting CVE-2013-4299, and Kees Cook for reporting\nCVE-2013-2851. Upstream acknowledges Dmitry Monakhov as the original\nreporter of CVE-2012-4508.\n\nThis update also fixes several bugs. Documentation for these changes will\nbe available shortly from the Technical Notes document linked to in the\nReferences section.\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\n", "published": "2013-12-05T05:00:00", "cvss": {"score": 6.0, "vector": "AV:LOCAL/AC:HIGH/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2013:1783", "cvelist": ["CVE-2012-4508", "CVE-2013-2851", "CVE-2013-4299"], "lastseen": "2016-09-04T11:17:52"}, {"id": "RHSA-2013:1450", "type": "redhat", "title": "(RHSA-2013:1450) Important: kernel security and bug fix update", "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* It was found that the fix for CVE-2012-3552 released via RHSA-2012:1540\nintroduced an invalid free flaw in the Linux kernel's TCP/IP protocol suite\nimplementation. A local, unprivileged user could use this flaw to corrupt\nkernel memory via crafted sendmsg() calls, allowing them to cause a denial\nof service or, potentially, escalate their privileges on the\nsystem. (CVE-2013-2224, Important)\n\n* An information leak flaw was found in the way Linux kernel's device\nmapper subsystem, under certain conditions, interpreted data written to\nsnapshot block devices. An attacker could use this flaw to read data from\ndisk blocks in free space, which are normally inaccessible. (CVE-2013-4299,\nModerate)\n\n* A format string flaw was found in the b43_do_request_fw() function in the\nLinux kernel's b43 driver implementation. A local user who is able to\nspecify the \"fwpostfix\" b43 module parameter could use this flaw to cause a\ndenial of service or, potentially, escalate their privileges.\n(CVE-2013-2852, Low)\n\nRed Hat would like to thank Fujitsu for reporting CVE-2013-4299, and Kees\nCook for reporting CVE-2013-2852.\n\nThis update also fixes the following bugs:\n\n* An insufficiently designed calculation in the CPU accelerator could cause\nan arithmetic overflow in the set_cyc2ns_scale() function if the system\nuptime exceeded 208 days prior to using kexec to boot into a new\nkernel. This overflow led to a kernel panic on the systems using the Time\nStamp Counter (TSC) clock source, primarily the systems using Intel Xeon E5\nprocessors that do not reset TSC on soft power cycles. A patch has been\napplied to modify the calculation so that this arithmetic overflow and\nkernel panic can no longer occur under these circumstances. (BZ#1004185)\n\n* A race condition in the abort task and SPP device task management path of\nthe isci driver could, under certain circumstances, cause the driver to\nfail cleaning up timed-out I/O requests that were pending on an SAS disk\ndevice. As a consequence, the kernel removed such a device from the\nsystem. A patch applied to the isci driver fixes this problem by sending\nthe task management function request to the SAS drive anytime the abort\nfunction is entered and the task has not completed. The driver now cleans\nup timed-out I/O requests as expected in this situation. (BZ#1007467)\n\n* A kernel panic could occur during path failover on systems using multiple\niSCSI, FC or SRP paths to connect an iSCSI initiator and an iSCSI\ntarget. This happened because a race condition in the SCSI driver allowed\nremoving a SCSI device from the system before processing its run queue,\nwhich led to a NULL pointer dereference. The SCSI driver has been modified\nand the race is now avoided by holding a reference to a SCSI device run\nqueue while it is active. (BZ#1008507)\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\n", "published": "2013-10-22T04:00:00", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2013:1450", "cvelist": ["CVE-2013-2852", "CVE-2012-3552", "CVE-2013-2224", "CVE-2013-4299"], "lastseen": "2016-11-25T14:52:22"}, {"id": "RHSA-2013:1449", "type": "redhat", "title": "(RHSA-2013:1449) Moderate: kernel security and bug fix update", "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel handled the creation of\ntemporary IPv6 addresses. If the IPv6 privacy extension was enabled\n(/proc/sys/net/ipv6/conf/eth0/use_tempaddr is set to '2'), an attacker on\nthe local network could disable IPv6 temporary address generation, leading\nto a potential information disclosure. (CVE-2013-0343, Moderate)\n\n* An information leak flaw was found in the way Linux kernel's device\nmapper subsystem, under certain conditions, interpreted data written to\nsnapshot block devices. An attacker could use this flaw to read data from\ndisk blocks in free space, which are normally inaccessible. (CVE-2013-4299,\nModerate)\n\n* An off-by-one flaw was found in the way the ANSI CPRNG implementation in\nthe Linux kernel processed non-block size aligned requests. This could lead\nto random numbers being generated with less bits of entropy than expected\nwhen ANSI CPRNG was used. (CVE-2013-4345, Moderate)\n\n* An information leak flaw was found in the way Xen hypervisor emulated the\nOUTS instruction for 64-bit paravirtualized guests. A privileged guest user\ncould use this flaw to leak hypervisor stack memory to the guest.\n(CVE-2013-4368, Moderate)\n\nRed Hat would like to thank Fujitsu for reporting CVE-2013-4299, Stephan\nMueller for reporting CVE-2013-4345, and the Xen project for reporting\nCVE-2013-4368.\n\nThis update also fixes the following bug:\n\n* A bug in the GFS2 code prevented glock work queues from freeing\nglock-related memory while the glock memory shrinker repeatedly queued a\nlarge number of demote requests, for example when performing a simultaneous\nbackup of several live GFS2 volumes with a large file count. As a\nconsequence, the glock work queues became overloaded which resulted in a\nhigh CPU usage and the GFS2 file systems being unresponsive for a\nsignificant amount of time. A patch has been applied to alleviate this\nproblem by calling the yield() function after scheduling a certain amount\nof tasks on the glock work queues. The problem can now occur only with\nextremely high work loads. (BZ#1014714)\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\n", "published": "2013-10-22T04:00:00", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://access.redhat.com/errata/RHSA-2013:1449", "cvelist": ["CVE-2013-0343", "CVE-2013-4299", "CVE-2013-4345", "CVE-2013-4368"], "lastseen": "2017-09-08T13:21:10"}, {"id": "RHSA-2013:1460", "type": "redhat", "title": "(RHSA-2013:1460) Important: rhev-hypervisor6 security and bug fix update", "description": "The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization\nHypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor\nis a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes\neverything necessary to run and manage virtual machines: A subset of the\nRed Hat Enterprise Linux operating environment and the Red Hat Enterprise\nVirtualization Agent.\n\nNote: Red Hat Enterprise Virtualization Hypervisor is only available for\nthe Intel 64 and AMD64 architectures with virtualization extensions.\n\nUpgrade Note: If you upgrade the Red Hat Enterprise Virtualization\nHypervisor through the 3.2 Manager administration portal, the Host may\nappear with the status of \"Install Failed\". If this happens, place the host\ninto maintenance mode, then activate it again to get the host back to an\n\"Up\" state\n\nA stack-based buffer overflow flaw was found in the way the\nreds_handle_ticket() function in the spice-server library handled\ndecryption of ticket data provided by the client. A remote attacker able to\ninitiate a SPICE connection to the guest could use this flaw to crash the\nguest. (CVE-2013-4282)\n\nThis issue was discovered by Tomas Jamrisko of Red Hat.\n\nThis updated package provides updated components that include fixes for \nvarious security issues. These issues have no security impact on Red Hat \nEnterprise Virtualization Hypervisor itself, however. The security fixes \nincluded in this update address the following CVE numbers: \n\nCVE-2013-4162 and CVE-2013-4299 (kernel issues)\n\nCVE-2013-4296 and CVE-2013-4311 (libvirt issues)\n\nCVE-2013-4288 (polkit issue)\n\nThis update also contains the fixes from the following advisories:\n\n* vdsm: https://rhn.redhat.com/errata/RHBA-2013-1462.html\n* ovirt-node: https://rhn.redhat.com/errata/RHBA-2013-1461.html\n\nUsers of the Red Hat Enterprise Virtualization Hypervisor are advised to\nupgrade to this updated package, which corrects these issues.\n", "published": "2013-10-29T04:00:00", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2013:1460", "cvelist": ["CVE-2013-4282", "CVE-2013-4296", "CVE-2013-4162", "CVE-2013-4311", "CVE-2013-4299", "CVE-2013-4288"], "lastseen": "2017-03-10T07:18:42"}], "oraclelinux": [{"id": "ELSA-2013-1166-1", "type": "oraclelinux", "title": "1 ", "description": "kernel\n[2.6.18-348.16.1.0.1]\n- [oprofile] x86, mm: Add __get_user_pages_fast() [orabug 14277030]\n- [oprofile] export __get_user_pages_fast() function [orabug 14277030]\n- [oprofile] oprofile, x86: Fix nmi-unsafe callgraph support [orabug 14277030]\n- [oprofile] oprofile: use KM_NMI slot for kmap_atomic [orabug 14277030]\n- [oprofile] oprofile: i386 add get_user_pages_fast support [orabug 14277030]\n- [kernel] Initialize the local uninitialized variable stats. [orabug 14051367]\n- [fs] JBD:make jbd support 512B blocks correctly for ocfs2. [orabug 13477763]\n- [x86 ] fix fpu context corrupt when preempt in signal context [orabug 14038272]\n- [mm] fix hugetlb page leak (Dave McCracken) [orabug 12375075]\n- fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan)\n- [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan)\n- [x86] Fix lvt0 reset when hvm boot up with noapic param\n- [scsi] remove printk's when doing I/O to a dead device (John Sobecki, Chris Mason)\n [orabug 12342275]\n- [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346]\n- [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566]\n- [net] net: Redo the broken redhat netconsole over bonding (Tina Yang) [orabug 12740042]\n- [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646]\n- fix filp_close() race (Joe Jin) [orabug 10335998]\n- make xenkbd.abs_pointer=1 by default [orabug 67188919]\n- [xen] check to see if hypervisor supports memory reservation change\n (Chuck Anderson) [orabug 7556514]\n- [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki)\n [orabug 10315433]\n- [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258]\n- [mm] Patch shrink_zone to yield during severe mempressure events, avoiding\n hangs and evictions (John Sobecki,Chris Mason) [orabug 6086839]\n- [mm] Enhance shrink_zone patch allow full swap utilization, and also be\n NUMA-aware (John Sobecki,Chris Mason,Herbert van den Bergh) [orabug 9245919]\n- fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042]\n- [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson)\n [orabug 9107465]\n- [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson)\n [orabug 9764220]\n- Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615]\n- fix overcommit memory to use percpu_counter for (KOSAKI Motohiro,\n Guru Anbalagane) [orabug 6124033]\n- [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208]\n- [ib] fix memory corruption (Andy Grover) [orabug 9972346]\n- [usb] USB: fix __must_check warnings in drivers/usb/core/ (Junxiao Bi) [orabug 14795203]\n- [usb] usbcore: fix endpoint device creation (Junxiao Bi) [orabug 14795203]\n- [usb] usbcore: fix refcount bug in endpoint removal (Junxiao Bi) [orabug 14795203]", "published": "2013-08-21T00:00:00", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://linux.oracle.com/errata/ELSA-2013-1166-1.html", "cvelist": ["CVE-2013-2234", "CVE-2013-2206", "CVE-2013-2147", "CVE-2013-2232", "CVE-2013-2237", "CVE-2013-2224", "CVE-2013-2164"], "lastseen": "2017-08-22T10:04:42"}, {"id": "ELSA-2013-1166", "type": "oraclelinux", "title": "kernel security and bug fix update", "description": "kernel\n[2.6.18-348.16.1]\n- [x86_64] Fix kdump failure due to 'x86_64: Early segment setup' (Paolo Bonzini) [988251 987244]\n- [xen] skip tracing if it was disabled instead of dying (Igor Mammedov) [987976 967053]\n- [ia64] fix KABI breakage on ia64 (Prarit Bhargava) [966878 960783]\n- [x86] fpu: fix CONFIG_PREEMPT=y corruption of FPU stack (Prarit Bhargava) [948187 731531]\n- [i386] add sleazy FPU optimization (Prarit Bhargava) [948187 731531]\n- [x86-64] non lazy 'sleazy' fpu implementation (Prarit Bhargava) [948187 731531]\n[2.6.18-348.15.1]\n- [fs] nfs: flush cached dir information slightly more readily (Scott Mayhew) [976441 853145]\n- [fs] nfs: Fix resolution prob with cache_change_attribute (Scott Mayhew) [976441 853145]\n- [fs] nfs: define function to update nfsi->cache_change_attribute (Scott Mayhew) [976441 853145]\n- [net] af_key: fix info leaks in notify messages (Jiri Benc) [980999 981000] {CVE-2013-2234}\n- [net] af_key: initialize satype in key_notify_policy_flush() (Jiri Benc) [981222 981224] {CVE-2013-2237}\n- [net] ipv6: ip6_sk_dst_check() must not assume ipv6 dst (Jiri Pirko) [981556 981557] {CVE-2013-2232}\n- [net] fix invalid free in ip_cmsg_send() callers (Petr Matousek) [980141 980142] {CVE-2013-2224}\n- [x86_64] Early segment setup for VT (Paolo Bonzini) [979920 978305]\n- [block] cpqarray: info leak in ida_locked_ioctl() (Tomas Henzl) [971245 971246] {CVE-2013-2147}\n- [block] cdrom: use kzalloc() for failing hardware (Frantisek Hrbata) [973103 973104] {CVE-2013-2164}\n- [mm] Break out when there is nothing more to write for the fs. (Larry Woodman) [972583 965359]\n[2.6.18-348.14.1]\n- [net] Fix panic for vlan over gre via tun (Thomas Graf) [983452 981337]\n- [x86] mm: introduce proper mem barriers smp_invalidate_interrupt (Rafael Aquini) [983628 865095]\n[2.6.18-348.13.1]\n- [net] sctp: Disallow new connection on a closing socket (Daniel Borkmann) [976569 974936] {CVE-2013-2206}\n- [net] sctp: Use correct sideffect command in dup cookie handling (Daniel Borkmann) [976569 974936] {CVE-2013-2206}\n- [net] sctp: deal with multiple COOKIE_ECHO chunks (Daniel Borkmann) [976569 974936] {CVE-2013-2206}\n- [net] tcp: bind() use stronger condition for bind_conflict (Flavio Leitner) [980811 957604]", "published": "2013-08-21T00:00:00", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://linux.oracle.com/errata/ELSA-2013-1166.html", "cvelist": ["CVE-2013-2234", "CVE-2013-2206", "CVE-2013-2147", "CVE-2013-2232", "CVE-2013-2237", "CVE-2013-2224", "CVE-2013-2164"], "lastseen": "2016-09-04T11:17:03"}, {"id": "ELSA-2014-3002", "type": "oraclelinux", "title": "Unbreakable Enterprise kernel security and bug fix update (Unbreakable Enterprise Kernel Release 3 QU1)", "description": "[3.8.13-26.el6uek]\r\n- spec: Don't remove crashkernel=auto setting (Jerry Snitselaar) [Orabug: 18137993]\r\n \n[3.8.13-25.el6uek]\r\n- ocfs2: fix i_mutex deadlock between aio_write and sync_file (Darrick J. Wong) [Orabug: 18068931]\r\n- Revert 'x86, mm: Revert back good_end setting for 64bit' (Jerry Snitselaar) [Orabug: 18128986]\r\n \n[3.8.13-24.el6uek]\r\n- tg3: remove spin_lock_bh() in tg3_get_stats64() to fix dead lock (Ethan Zhao) [Orabug: 18070676]\r\n- net/core: use GFP_NOWAIT allocation flag in rtmsg_ifinfo() to fix lockup warning (Ethan Zhao) [Orabug: 18070676]\r\n- mptsas: do not call __mptsas_probe in kthread (Jerry Snitselaar) [Orabug: 18120337]\r\n- config: enable CONFIG_KEXEC_AUTO_RESERVE (Jerry Snitselaar) [Orabug: 17616874]\r\n- Btrfs: allow compressed extents to be merged during defragment (Liu Bo) [Orabug: 18098511]\r\n- Btrfs: reset ret in record_one_backref (Josef Bacik) [Orabug: 18098511]\r\n- Btrfs: fix a crash when running balance and defrag concurrently (Liu Bo) [Orabug: 18098511]\r\n- Btrfs: fix a bug of snapshot-aware defrag to make it work on partial extents (Liu Bo) [Orabug: 18098511]\r\n- Btrfs: get better concurrency for snapshot-aware defrag work (Liu Bo) [Orabug: 18098511]\r\n- Btrfs: snapshot-aware defrag (Liu Bo) [Orabug: 18098511]\r\n- btrfs: add cancellation points to defrag (David Sterba) [Orabug: 18098511]\r\n- qla4xxx: Updated driver version to 5.04.00.02.06.02-uek3 (Vikas Chaudhary) [Orabug: 18103905]\r\n- qla4xxx: Fix memory leak in qla4xxx_destroy_ddb (Vikas Chaudhary) [Orabug: 18103905]\r\n- x86: add support for crashkernel=auto (Brian Maly)\r\n- x86, mm: Revert back good_end setting for 64bit (Yinghai Lu) [Orabug: 17648536]\r\n \n[3.8.13-23.el6uek]\r\n- [SCSI] storvsc: avoid usage of WRITE_SAME (Olaf Hering) [Orabug: 18037923]\r\n- Fix balloon driver to work properly with balloon_hugepages but no superpage flag (Dave McCracken)\r\n- config: disable BUILD_DOCSRC (Jerry Snitselaar) [Orabug: 17504426]\r\n- ext4: Fix non-O_SYNC AIO DIO unwritten extent conversion after dio finishes (Darrick J. Wong) [Orabug: 18069802]\r\n- memcg: don't initialize kmem-cache destroying work for root caches (Andrey Vagin) [Orabug: 17791895]\r\n- ocfs2: ocfs2 punch hole retrun EINVAL if the length argument in ioctl is negative (Tariq Saeed) [Orabug: 14789508]\r\n- writeback: fix data corruption on NFS (Jan Kara) [Orabug: 16677609]\r\n- Btrfs: handle a bogus chunk tree nicely (Josef Bacik) [Orabug: 17334825]\r\n- Drivers: hv: Execute shutdown in a thread context (K. Y. Srinivasan) [Orabug: 18053264]\r\n- Increase scsi_mod parameter max_report_luns to 1023. (Zhigang Wang) [Orabug: 17445498]\r\n- NFSv4.1 Fix gdia_maxcount calculation to fit in ca_maxresponsesize (Andy Adamson) [Orabug: 17419831]\r\n- config: disable fragile PSTORE options (Ethan Zhao) [Orabug: 17928723]\r\n- ocfs2/o2net: o2net_listen_data_ready should do nothing if socket state is not TCP_LISTEN (Tariq Saeed) [Orabug: 17330860]\r\n- qla4xxx: Updated driver version to 5.04.00.01.06.02-uek3 (Tej Parkash) [Orabug: 18050491]\r\n- qla4xxx: Fix sparse warnings (Vikas Chaudhary) [Orabug: 18050491]\r\n- qla4xxx: Handle IPv6 AEN notifications (Nilesh Javali) [Orabug: 18050491]\r\n- qla4xxx: Update print statements in func qla4xxx_do_dpc() (Vikas Chaudhary) [Orabug: 18050491]\r\n- qla4xxx: Update print statements in func qla4xxx_eh_abort() (Vikas Chaudhary) [Orabug: 18050491]\r\n- qla4xxx: Update print statements in qla4xxx_mailbox_command() (Vikas Chaudhary) [Orabug: 18050491]\r\n- qla4xxx: Updated print for device login, logout path (Vikas Chaudhary) [Orabug: 18050491]\r\n- qla4xxx: Remove unused code from qla4xxx_set_ifcb() (Vikas Chaudhary) [Orabug: 18050491]\r\n- qla4xxx: Fix failure of mbox 0x31 (Vikas Chaudhary) [Orabug: 18050491]\r\n- qla4xxx: Reduce rom-lock contention during reset recovery. (Vikas Chaudhary) [Orabug: 18050491]\r\n- qla4xxx: Fix pending IO completion in reset path before initiating chip reset (Tej Parkash) [Orabug: 18050491]\r\n- qla4xxx: Fix processing response queue during probe (Tej Parkash) [Orabug: 18050491]\r\n- qla4xxx: Fix failure of IDC Time Extend mailbox command (Vikas Chaudhary) [Orabug: 18050491]\r\n- qla4xxx: Clear DDB index map upon connection close failure (Nilesh Javali) [Orabug: 18050491]\r\n- qla4xxx: Return correct error status from func qla4xxx_request_irqs() (Vikas Chaudhary) [Orabug: 18050491]\r\n- qla4xxx: Fixed AER reset sequence for ISP83xx/ISP84xx (Tej Parkash) [Orabug: 18050491]\r\n- qla4xxx: Correctly handle msleep_interruptible (Vikas Chaudhary) [Orabug: 18050491]\r\n- qla4xxx: Rename ACB_STATE macros with IP_ADDRSTATE macros (Nilesh Javali) [Orabug: 18050491]\r\n- qla4xxx: Improve loopback failure messages (Nilesh Javali) [Orabug: 18050491]\r\n- qla4xxx: Use IDC_CTRL bit1 directly instead of AF_83XX_NO_FWDUMP flag. (Vikas Chaudhary) [Orabug: 18050491]\r\n- qla4xxx: Fix comments in code (Vikas Chaudhary) [Orabug: 18050491]\r\n- qla4xxx: Print WARN_ONCE() if iSCSI function presence bit removed (Vikas Chaudhary) [Orabug: 18050491]\r\n- qla4xxx: ISP8xxx: Correct retry of adapter initialization (Nilesh Javali) [Orabug: 18050491]\r\n- qla4xxx: Recreate chap data list during get chap operation (Adheer Chandravanshi) [Orabug: 18050491]\r\n- qla4xxx: Add support for ISCSI_PARAM_LOCAL_IPADDR sysfs attr (Adheer Chandravanshi) [Orabug: 18050491]\r\n- libiscsi: Add local_ipaddr parameter in iscsi_conn struct (Adheer Chandravanshi) [Orabug: 18050491]\r\n- IB/iser: Add Discovery support (Or Gerlitz) [Orabug: 18050491]\r\n- scsi_transport_iscsi: Export ISCSI_PARAM_LOCAL_IPADDR attr for iscsi_connection (Adheer Chandravanshi) [Orabug: 18050491]\r\n- qla4xxx: Add host statistics support (Lalit Chandivade) [Orabug: 18050491]\r\n- scsi_transport_iscsi: Add host statistics support (Lalit Chandivade) [Orabug: 18050491]\r\n- qla4xxx: Added support for Diagnostics MBOX command (Vikas Chaudhary) [Orabug: 18050491]\r\n- ocfs2: update inode size after zeroed the hole (Junxiao Bi) [Orabug: 18043432]\r\n \n[3.8.13-22.el6uek]\r\n- Revert 'sparc64: Fix __copy_{to,from}_user_inatomic defines.' (Dave Kleikamp) [Orabug: 18038851]\r\n- sparc64: prevent solaris control domain warnings about Domain Service handles (chris hyser) [Orabug: 18038829]\r\n- libfcoe: Make fcoe_sysfs optional / fix fnic NULL exception (ethan.zhao) [Orabug: 17960129]\r\n- scsi/fnic: update to version 1.6.0.8 from 1.5.0.45 (ethan.zhao) [Orabug: 17960129] \r\n- sctp: sctp_close: fix release of bindings for deferred call_rcu's (Daniel Borkmann) [Orabug: 17886746]\r\n- dtrace: vtimestamp implementation (Kris Van Hees) [Orabug: 17741477] \r\n- dtrace: implement SDT in kernel modules (Kris Van Hees) [Orabug: 17851716] \r\n- qla4xxx: Driver not able to collect minidump in ISP84xx (Tej Parkash) [Orabug: 17960365]\r\n- Modify UEFI anti-bricking code (Matthew Garrett) [Orabug: 17792954] \r\n- ocfs2: make 'buffered' as the default coherency option (Wengang Wang) [Orabug: 17988729] \r\n- Fixing kABI breakages in struct sock (Thomas Tanaka) [Orabug: 17901058] \r\n- tcp: TSQ can use a dynamic limit (Eric Dumazet) [Orabug: 17901058] \r\n- tcp: TSO packets automatic sizing (Eric Dumazet) [Orabug: 17901058] \r\n- bonding: fix two race conditions in bond_store_updelay/downdelay (Nikolay Aleksandrov) [Orabug: 17931850]\r\n- Update lpfc version for 8.3.7.34.4p driver release (Gairy Grannum) \r\n- Fixed unassigned variable in ELS timeout message (James Smart) \r\n- Fixed incorrect allocation of iDiags directories/files in debugfs (James Smart) \r\n- Fix Crash in lpfc_els_timeout_handler (James Smart) \r\n- Fix kernel panics from corrupted ndlp list. (James Smart) \r\n- Fix Crash in lpfc_els_timeout_handler (James Smart) \r\n- Fix Crash in lpfc_els_timeout_handler (James Smart) \r\n- [SCSI] lpfc: Fix typo on NULL assignment (Felipe Pena) \r\n- Fixed stopped FCF discovery on failed FCF record read. (James Smart) \r\n- Fixed IO hang when in msi mode. (James Smart) \r\n- tg3: update to broadcom version v3.134f (Jerry Snitselaar) [Orabug: 18037870] \r\n- bnx2x: update to broadcom version 1.78.80 (Jerry Snitselaar) [Orabug: 18037860] \r\n- PCI: Use pci_wait_for_pending_transaction() instead of for loop (Casey Leedom) [Orabug: 18037860]\r\n- PCI: Add pci_wait_for_pending_transaction() (Casey Leedom) [Orabug: 18037860] \r\n- bnx2i: update to broadcom version 2.7.8.2b (Jerry Snitselaar) [Orabug: 18037845]\r\n- bnx2fc: update to broadcom verison 2.4.1e (Jerry Snitselaar) [Orabug: 18037838] \r\n- cnic: update to broadcom version 2.5.18c (Jerry Snitselaar) [Orabug: ]\r\n- bnx2: update to broadcom version 2.2.4g (Jerry Snitselaar) [Orabug: ]\r\n- qla2xxx: update from mainline 8.05.00.03.39.0-k to qlogic version 8.06.00.14.39.0-k (Guangyu Sun) [Orabug: 17952066]\r\n \n[3.8.13-21.el6uek]\r\n- be2iscsi: Bump driver version (Brian Maly) [Orabug: 17799766]\r\n- be2iscsi: Fix SGL posting for unaligned ICD values (Brian Maly) [Orabug: 17799766]\r\n- be2iscsi: Fix AER handling in driver (Brian Maly) [Orabug: 17799766]\r\n- be2iscsi: Invalidate WRB in Abort/Reset Path (Brian Maly) [Orabug: 17799766]\r\n- be2iscsi: Fix Insufficient Buffer Error returned in MBX Completion (Brian Maly) [Orabug: 17799766]\r\n- be2iscsi: Fix log level for protocol specific logs (Brian Maly) [Orabug: 17799766]\r\n- be2iscsi: Fix MSIx creation for SKH-R adapter (Brian Maly) [Orabug: 17799766]\r\n- be2iscsi: Display Port Identifier for each iSCSI function (Brian Maly) [Orabug: 17799766]\r\n- be2iscsi: Dispaly CID available for connection offload (Brian Maly) [Orabug: 17799766]\r\n- be2iscsi: Fix chute cleanup during drivers unload. (Brian Maly) [Orabug: 17799766]\r\n- be2iscsi: Fix connection offload to support Dual Chute. (Brian Maly) [Orabug: 17799766]\r\n- be2iscsi: Fix CID allocation/freeing to support Dual chute mode (Brian Maly) [Orabug: 17799766]\r\n- be2iscsi: Fix WRB_Q posting to support Dual Chute mode (Brian Maly) [Orabug: 17799766]\r\n- be2iscsi: Fix SGL Initilization and posting Pages for Dual Chute (Brian Maly) [Orabug: 17799766]\r\n- be2iscsi: Fix Template HDR support for Dual Chute mode (Brian Maly) [Orabug: 17799766]\r\n- be2iscsi: Fix changes in ASYNC Path for SKH-R adapter (Brian Maly) [Orabug: 17799766]\r\n- be2iscsi: Config parameters update for Dual Chute Support (Brian Maly) [Orabug: 17799766]\r\n- be2iscsi: Fix soft lock up issue during UE or if FW taking time to respond (Brian Maly) [Orabug: 17799766]\r\n- be2iscsi: Fix locking mechanism in Unsol Path (Brian Maly) [Orabug: 17799766]\r\n- Subject: [PATCH 04/23] be2iscsi: Fix negotiated parameters upload to FW (Brian Maly) [Orabug: 17799766]\r\n- be2iscsi: Fix repeated issue of MAC ADDR get IOCTL (Brian Maly) [Orabug: 17799766]\r\n- be2iscsi: Fix the MCCQ count leakage (Brian Maly) [Orabug: 17799766]\r\n- be2iscsi: Fix Template HDR IOCTL (Brian Maly) [Orabug: 17799766]\r\n- cifs: enable SMB2 support (Jerry Snitselaar) [Orabug: 17486287]\r\n- [SCSI] Derive the FLUSH_TIMEOUT from the basic I/O timeout (James Bottomley) [Orabug: 17853273]\r\n- hyperv: Fix RNDIS send_completion code path (Haiyang Zhang) [Orabug: 17784576]\r\n- [SCSI] fix kabi break (Jerry Snitselaar) [Orabug: 17940334]\r\n- [SCSI] Disable WRITE SAME for RAID and virtual host adapter drivers (Martin K. Petersen) [Orabug: 17940334]\r\n- qlcnic: update to qlogic version 5.3.52.3 (Sucheta Chakraborty) [Orabug: 17937392]\r\n- netxen: update to qlogic version 4.0.82 (Sucheta Chakraborty) [Orabug: 17937454]\r\n- be2net: Warn users of possible broken functionality on BE2 cards with very old FW versions with latest driver (Somnath Kotur) [Orabug: 17937784] \r\n- net: be2net: remove unnecessary pci_set_drvdata() (Jingoo Han) [Orabug: 17937784]\r\n- be2net: Rework PCIe error report log messaging (Ajit Khaparde) [Orabug: 17937784]\r\n- be2net: change the driver version number to 4.9.224.0 (Ajit Khaparde) [Orabug: 17937784]\r\n- be2net: Display RoCE specific counters in ethtool -S (Ajit Khaparde) [Orabug: 17937784]\r\n- be2net: Call version 2 of GET_STATS ioctl for Skyhawk-R (Ajit Khaparde) [Orabug: 17937784]\r\n- be2net: add a counter for pkts dropped in xmit path (Sathya Perla) [Orabug: 17937784]\r\n- be2net: fix adaptive interrupt coalescing (Sathya Perla) [Orabug: 17937784] \r\n- be2net: call ENABLE_VF cmd for Skyhawk-R too (Vasundhara Volam) [Orabug: 17937784]\r\n- be2net: Create single TXQ on BE3-R 1G ports (Vasundhara Volam) [Orabug: 179 3 7 7 8 4 ] \r b r > - b e 2 n e t : C a l l b e _ v f _ s e t u p ( ) e v e n w h e n V F s a r e e n b a l e d f r o m p r e v i o u s l o a d ( V a s u n d h a r a V o l a m ) [ O r a b u g : 1 7 9 3 7 7 8 4 ] \r b r > - b e 2 n e t : F i x t o d i s p l a y t h e V L A N p r i o r i t y f o r a V F ( A j i t K h a p a r d e ) [ O r a b u g : 1 7 9 3 7 7 8 4 ] \r b r > - b e 2 n e t : F i x t o c o n f i g u r e V L A N p r i o r i t y f o r a V F i n t e r f a c e . ( A j i t K h a p a r d e ) [ O r a b u g : 1 7 9 3 7 7 8 4 ] \r b r > - b e 2 n e t : F i x t o a l l o w V L A N c o n f i g u r a t i o n o n V F i n t e r f a c e s . ( A j i t K h a p a r d e ) [ O r a b u g : 1 7 9 3 7 7 8 4 ] \r b r > - b e 2 n e t : F i x n u m b e r o f V L A N s s u p p o r t e d i n U M C m o d e f o r B E 3 - R . ( A j i t K h a p a r d e ) [ O r a b u g : 1 7 9 3 7 7 8 4 ] \r b r > - b e 2 n e t : F i x V L A N p r o m i s c u o u s m o d e p r o g r a m m i n g ( A j i t K h a p a r d e ) [ O r a b u g : 1 7 9 3 7 7 8 4 ] \r b r > - b e 2 n e t : F i x t h e s i z e o f b e _ n i c _ r e s _ d e s c s t r u c t u r e ( A j i t K h a p a r d e ) [ O r a b u g : 1 7 9 3 7 7 8 4 ] \r b r > - b e 2 n e t : F i x t o p r e v e n t T x s t a l l o n S H - R w h e n p a c k e t s i z e 3 2 ( A j i t K h a p a r d e ) [ O r a b u g : 1 7 9 3 7 7 8 4 ] \r b r > - e m u l e x : R e m o v e e x t e r n f r o m f u n c t i o n p r o t o t y p e s ( J o e P e r c h e s ) [ O r a b u g : 1 7 9 3 7 7 8 4 ] \r b r > - b e 2 n e t : m i s s i n g v a r i a b l e i n i t i a l i z a t i o n ( A n t o n i o A l e c r i m J r ) [ O r a b u g : 1 7 9 3 7 7 8 4 ] \r b r > - b e 2 n e t : s e t a n d q u e r y V E B / V E P A m o d e o f t h e P F i n t e r f a c e ( A j i t K h a p a r d e ) [ O r a b u g : 1 7 9 3 7 7 8 4 ] \r b r > - d r i v e r s : n e t : C o n v e r t d m a _ a l l o c _ c o h e r e n t ( . . . _ _ G F P _ Z E R O ) t o d m a _ z a l l o c _ c o h e r e n t ( J o e P e r c h e s ) [ O r a b u g : 1 7 9 3 7 7 8 4 ] \r b r > - b e 2 n e t : i m p l e m e n t e t h t o o l s e t / g e t _ c h a n n e l h o o k s ( S a t h y a P e r l a ) [ O r a b u g : 1 7 9 3 7 7 8 4 ] \r b r > - b e 2 n e t : r e f a c t o r b e _ s e t u p ( ) t o c o n s o l i d a t e q u e u e c r e a t i o n r o u t i n e s ( S a t h y a P e r l a ) [ O r a b u g : 1 7 9 3 7 7 8 4 ] \r b r > - b e 2 n e t : F i x b e _ c m d _ i f _ c r e a t e ( ) t o u s e M B O X i f M C C Q i s n o t c r e a t e d ( S a t h y a P e r l a ) [ O r a b u g : 1 7 9 3 7 7 8 4 ] \r b r > - b e 2 n e t : r e f a c t o r b e _ g e t _ r e s o u r c e s ( ) c o d e ( S a t h y a P e r l a ) [ O r a b u g : 1 7 9 3 7 7 8 4 ] \r b r > - b e 2 n e t : F i x u p p r o f i l e m a n a g e m e n t r o u t i n e s ( V a s u n d h a r a V o l a m ) [ O r a b u g : 1 7 9 3 7 7 8 4 ] \r b r > - b e 2 n e t : u s e E Q _ C R E A T E v 2 f o r S H - R ( S a t h y a P e r l a ) [ O r a b u g : 1 7 9 3 7 7 8 4 ] \r b r > - b e 2 n e t : C h e c k f o r P O S T s t a t e i n s u s p e n d - r e s u m e s e q u e n c e ( S a r v e s h w a r B a n d i ) [ O r a b u g : 1 7 9 3 7 7 8 4 ] \r b r > - b e 2 n e t : f i x d i s a b l i n g T X i n b e _ c l o s e ( ) ( S a t h y a P e r l a ) [ O r a b u g : 1 7 9 3 7 7 8 4 ] \r b r > - b e 2 n e t : C l e a r a n y c a p a b i l i t y f l a g s t h a t d r i v e r i s n o t i n t e r e s t e d i n . ( S a r v e s h w a r B a n d i ) [ O r a b u g : 1 7 9 3 7 7 8 4 ] \r b r > - b e 2 n e t : I n i t i a l i z e ' s t a t u s ' i n b e _ c m d _ g e t _ d i e _ t e m p e r a t u r e ( ) ( V a s u n d h a r a V o l a m ) [ O r a b u g : 1 7 9 3 7 7 8 4 ] \r b r > - b e 2 n e t : f i x u p l o g m s g s f o r a s y n c e v e n t s ( V a s u n d h a r a V o l a m ) [ O r a b u g : 1 7 9 3 7 7 8 4 ] \r b r > - b e 2 n e t : M i s s i n g c h a n g e s f r o m ' f i x a T x s t a l l b u g c a u s e d b y a s p e c i f i c i p v 6 p a c k e t ' ( R a v i k u m a r N e l a v e l l i ) [ O r a b u g : 1 7 9 3 7 7 8 4 ] \r b r > - b e 2 n e t : F i x d i s p l a y i n g s u p p o r t e d s p e e d s f o r B E 2 ( V a s u n d h a r a V o l a m ) [ O r a b u g : 1 7 9 3 7 7 8 4 ] \r b r > - b e 2 n e t : d o n ' t l i m i t m a x M A C a n d V L A N c o u n t s ( V a s u n d h a r a V o l a m ) [ O r a b u g : 1 7 9 3 7 7 8 4 ] \r b r > - b e 2 n e t : D o n o t c a l l g e t _ d i e _ t e m p e r a t u r e c m d f o r V F ( V a s u n d h a r a V o l a m ) [ O r a b u g : 1 7 9 3 7 7 8 4 ] \r b r > - b e 2 n e t : A d d i n g m o r e s p e e d s r e p o r t e d b y g e t _ s e t t i n g s ( V a s u n d h a r a V o l a m ) [ O r a b u g : 1 7 9 3 7 7 8 4 ] \r b r > - b e 2 n e t : S t a t i c i z e l o c a l f u n c t i o n s ( J i n g o o H a n ) [ O r a b u g : 1 7 9 3 7 7 8 4 ] \r b r > - b e 2 n e t : d o n ' t u s e d e v _ e r r w h e n A E R e n a b l i n g f a i l s ( I v a n V e c e r a ) [ O r a b u g : 1 7 9 3 7 7 8 4 ] \r b r > - b e 2 n e t : d e l e t e p r i m a r y M A C a d d r e s s w h i l e u n l o a d i n g ( S a t h y a P e r l a ) [ O r a b u g : 1 7 9 3 7 7 8 4 ] \r b r > - b e 2 n e t : u s e S E T / G E T _ M A C _ L I S T f o r S H - R ( S a t h y a P e r l a ) [ O r a b u g : 1 7 9 3 7 7 8 4 ] \r b r > - b e 2 n e t : r e f a c t o r M A C - a d d r s e t u p c o d e ( S a t h y a P e r l a ) [ O r a b u g : 1 7 9 3 7 7 8 4 ] \r b r > - b e 2 n e t : f i x p m a c _ i d f o r B E 3 V F s ( S a t h y a P e r l a ) [ O r a b u g : 1 7 9 3 7 7 8 4 ] \r b r > - b e 2 n e t : a l l o w V F s t o p r o g r a m M A C a n d V L A N f i l t e r s ( S a t h y a P e r l a ) [ O r a b u g : 1 7 9 3 7 7 8 4 ] \r b r > - b e 2 n e t : f i x M A C a d d r e s s m o d i f i c a t i o n f o r V F ( S a t h y a P e r l a ) [ O r a b u g : 1 7 9 3 7 7 8 4 ] \r b r > - [ S C S I ] s d : R e d u c e b u f f e r s i z e f o r v p d r e q u e s t ( B e r n d S c h u b e r t ) [ O r a b u g : 1 7 9 4 0 3 3 4 ] \r b r > - [ S C S I ] s d : f i x a r r a y c a c h e f l u s h i n g b u g c a u s i n g p e r f o r m a n c e p r o b l e m s ( J a m e s B o t t o m l e y ) [ O r a b u g : 1 7 9 4 0 3 3 4 ] \r b r > - [ S C S I ] F i x r a c e b e t w e e n s t a r v e d l i s t a n d d e v i c e r e m o v a l ( J a m e s B o t t o m l e y ) [ O r a b u g : 1 7 9 4 0 3 3 4 ] \r b r > - [ S C S I ] e n a b l e d e s t r u c t i o n o f b l o c k e d d e v i c e s w h i c h f a i l L U N s c a n n i n g ( B a r t V a n A s s c h e ) [ O r a b u g : 1 7 9 4 0 3 3 4 ] \r b r > - i x g b e v f : u p g r a d e f r o m 2 . 8 . 7 t o 2 . 1 1 . 3 ( e t h a n . z h a o ) [ O r a b u g : 1 7 7 1 8 2 5 4 ] \r b r > - i g b : s e t d e f a u l t R S S t o 0 f o r p e r f o r m a n c e t u n i n g ( e t h a n . z h a o ) [ O r a b u g : 1 7 5 9 3 4 1 9 0 ] \r b r > - i g b : u p g r a d e f r o m 4 . 3 . 0 t o 5 . 0 . 6 ( e t h a n . z h a o ) [ O r a b u g : 1 7 7 1 1 6 4 5 ] \r b r > - e 1 0 0 0 e : A v o i d k e r n e l c r a s h d u r i n g s h u t d o w n ( L i Z h a n g ) [ O r a b u g : 1 7 8 5 4 0 7 1 ] \r b r > - e 1 0 0 0 e : u p g r a d e f r o m 2 . 4 . 1 4 t o 2 . 5 . 4 ( e t h a n . z h a o ) [ O r a b u g : 1 7 7 1 8 2 1 6 ] \r b r > - B t r f s : s k i p s u b v o l e n t r i e s w h e n c h e c k i n g i f w e ' v e c r e a t e d a d i r a l r e a d y ( J o s e f B a c i k ) [ O r a b u g : 1 7 6 6 1 8 4 5 ] \r b r > - B t r f s : f i x i n c o r r e c t i n o d e a c l r e s e t ( F i l i p e D a v i d B o r b a M a n a n a ) [ O r a b u g : 1 7 6 6 9 3 4 1 ] \r b r > - B t r f s : a l l o w r u n n i n g d e f r a g i n p a r a l l e l t o a d m i n i s t r a t i v e t a s k s ( S t e f a n B e h r e n s ) [ O r a b u g : 1 7 8 8 6 0 2 2 ] \r b r > - z r a m : a l l o w r e q u e s t e n d t o c o i n c i d e w i t h d i s k s i z e ( S e r g e y S e n o z h a t s k y ) [ O r a b u g : 1 7 8 7 9 1 8 3 ] \r b r > - c o n f i g f s : f i x r a c e b e t w e e n d e n t r y p u t a n d l o o k u p ( J u n x i a o B i ) [ O r a b u g : 1 7 9 3 1 3 4 2 ] \r b r > - x f s : f i x s g i d i n h e r i t a n c e f o r s u b d i r e c t o r i e s i n h e r i t i n g d e f a u l t a c l s [ V 3 ] ( C a r l o s M a i o l i n o ) [ O r a b u g : 1 7 3 5 4 2 3 4 ] \r b r > - R e v e r t ' s g : u s e r w s e m t o s o l v e r a c e d u r i n g e x c l u s i v e o p e n ' ( J e r r y S n i t s e l a a r ) [ O r a b u g : 1 7 5 7 9 1 3 1 ] \r b r > - R e v e r t ' s g : n o n e e d s g _ o p e n _ e x c l u s i v e _ l o c k ' ( J e r r y S n i t s e l a a r ) [ O r a b u g : 1 7 5 7 9 1 3 1 ] \r b r > - R e v e r t ' s g : c h e c k i n g s d p - > d e t a c h e d i s n ' t p r o t e c t e d w h e n o p e n ' ( J e r r y S n i t s e l a a r ) [ O r a b u g : 1 7 5 7 9 1 3 1 ] \r b r > - R e v e r t ' s g : p u s h f i l e d e s c r i p t o r l i s t l o c k i n g d o w n t o p e r - d e v i c e l o c k i n g ' ( J e r r y S n i t s e l a a r ) [ O r a b u g : 1 7 5 7 9 1 3 1 ] \r b r > - N V M e : M e r g e i s s u e o n c h a r a c t e r d e v i c e b r i n g - u p ( K e i t h B u s c h ) [ O r a b u g : 1 7 9 4 0 2 9 6 ] \r b r > - N V M e : H a n d l e i o r e m a p f a i l u r e ( K e i t h B u s c h ) [ O r a b u g : 1 7 9 4 0 2 9 6 ] \r b r > - N V M e : A d d p c i s u s p e n d / r e s u m e d r i v e r c a l l b a c k s ( K e i t h B u s c h ) [ O r a b u g : 1 7 9 4 0 2 9 6 ] \r b r > - N V M e : U s e n o r m a l s h u t d o w n ( K e i t h B u s c h ) [ O r a b u g : 1 7 9 4 0 2 9 6 ] \r b r > - N V M e : S e p a r a t e c o n t r o l l e r i n i t f r o m d i s k d i s c o v e r y ( K e i t h B u s c h ) [ O r a b u g : 1 7 9 4 0 2 9 6 ] \r b r > - N V M e : S e p a r a t e q u e u e a l l o c / f r e e f r o m c r e a t e / d e l e t e ( K e i t h B u s c h ) [ O r a b u g : 1 7 9 4 0 2 9 6 ] \r b r > - N V M e : G r o u p p c i r e l a t e d a c t i o n s i n f u n c t i o n s ( K e i t h B u s c h ) [ O r a b u g : 1 7 9 4 0 2 9 6 ] \r b r > - N V M e : D i s k s t a t s f o r r e a d / w r i t e c o m m a n d s o n l y ( K e i t h B u s c h ) [ O r a b u g : 1 7 9 4 0 2 9 6 ] \r b r > - N V M e : B r i n g u p c d e v o n s e t f e a t u r e f a i l u r e ( K e i t h B u s c h ) [ O r a b u g : 1 7 9 4 0 2 9 6 ] \r b r > - N V M e : F i x c h e c k p a t c h i s s u e s ( K e i t h B u s c h ) [ O r a b u g : 1 7 9 4 0 2 9 6 ] \r b r > - N V M e : N a m e s p a c e I D s a r e u n s i g n e d ( M a t t h e w W i l c o x ) [ O r a b u g : 1 7 9 4 0 2 9 6 ] \r b r > - N V M e : C a l l n v m e _ p r o c e s s _ c q f r o m s u b m i s s i o n p a t h ( M a t t h e w W i l c o x ) [ O r a b u g : 1 7 9 4 0 2 9 6 ] \r b r > - N V M e : R e m o v e ' p r o c e s s _ c q d i d s o m e t h i n g ' m e s s a g e ( M a t t h e w W i l c o x ) [ O r a b u g : 1 7 9 4 0 2 9 6 ] \r b r > - N V M e : R e t u r n c o r r e c t v a l u e f r o m i n t e r r u p t h a n d l e r ( M a t t h e w W i l c o x ) [ O r a b u g : 1 7 9 4 0 2 9 6 ] \r b r > - N V M e : D i s k I O s t a t i s t i c s ( K e i t h B u s c h ) [ O r a b u g : 1 7 9 4 0 2 9 6 ] \r b r > - N V M e : R e s t r u c t u r e M S I / M S I - X s e t u p ( M a t t h e w W i l c o x ) [ O r a b u g : 1 7 9 4 0 2 9 6 ] \r b r > - N V M e : U s e k z a l l o c i n s t e a d o f k m a l l o c + m e m s e t ( T u s h a r B e h e r a ) [ O r a b u g : 1 7 9 4 0 2 9 6 ] \r b r > - [ S C S I ] m e g a r a i d _ s a s : F i x s y n c h r o n i z a t i o n p r o b l e m b e t w e e n s y s P D I O p a t h a n d A E N p a t h ( S u m i t . S a x e n a @ l s i . c o m ) [ O r a b u g : 1 7 9 4 0 3 7 8 ] \r b r > - [ S C S I ] m e g a r a i d _ s a s : f i x e s f o r f e w e n d i a n e s s i s s u e s ( S u m i t . S a x e n a @ l s i . c o m ) [ O r a b u g : 1 7 9 4 0 3 7 8 ] \r b r > - [ S C S I ] m e g a r a i d _ s a s : a d d d e d s u p p o r t f o r b i g e n d i a n a r c h i t e c t u r e ( S u m i t . S a x e n a @ l s i . c o m ) [ O r a b u g : 1 7 9 4 0 3 7 8 ] \r b r > - [ S C S I ] m e g a r a i d _ s a s : V e r s i o n a n d C h a n g e l o g u p d a t e ( A d a m R a d f o r d ) [ O r a b u g : 1 7 9 4 0 3 7 8 ] \r b r > - [ S C S I ] m e g a r a i d _ s a s : A d d H i g h A v a i l a b i l i t y c l u s t e r i n g s u p p o r t u s i n g s h a r e d L o g i c a l D i s k s ( A d a m R a d f o r d ) [ O r a b u g : 1 7 9 4 0 3 7 8 ] \r b r > - s c s i / m e g a r a i d f i x e d s e v e r a l t y p o s i n c o m m e n t s ( M a t t h i a s S c h i d ) [ O r a b u g : 1 7 9 4 0 3 7 8 ] \r b r > - [ S C S I ] m e g a r a i d _ s a s : m e g a r a i d _ s a s d r i v e r i n i t f a i l s i n k d u m p k e r n e l ( S u m i t . S a x e n a @ l s i . c o m ) [ O r a b u g : 1 7 9 4 0 3 7 8 ] \r b r > - [ S C S I ] m e g a r a i d _ s a s : f i x a b u g f o r 6 4 b i t a r c h e s ( D a n C a r p e n t e r ) [ O r a b u g : 1 7 9 4 0 3 7 8 ] \r b r > - [ S C S I ] m e g a r a i d _ s a s : f i x m e m o r y l e a k i f S G L h a s z e r o l e n g t h e n t r i e s ( B j ? r n M o r k ) [ O r a b u g : 1 7 9 4 0 3 7 8 ] \r b r > - [ S C S I ] m e g a r a i d : m i n o r c u t a n d p a s t e e r r o r f i x e d . ( J a m e s G e o r g a s ) [ O r a b u g : 1 7 9 4 0 3 7 8 ] \r b r > - [ S C S I ] m e g a r a i d _ s a s : C h a n g e l o g a n d d r i v e r v e r s i o n u p d a t e ( S u m i t . S a x e n a @ l s i . c o m ) [ O r a b u g : 1 7 9 4 0 3 7 8 ] \r b r > - [ S C S I ] m e g a r a i d _ s a s : A d d s u p p o r t t o d i f f e r e n t i a t e b e t w e e n i M R v s M R F i r m w a r e ( S u m i t . S a x e n a @ l s i . c o m ) [ O r a b u g : 1 7 9 4 0 3 7 8 ] \r b r > - [ S C S I ] m e g a r a i d _ s a s : A d d s u p p o r t f o r U n e v e n S p a n P R L 1 1 ( S u m i t . S a x e n a @ l s i . c o m ) [ O r a b u g : 1 7 9 4 0 3 7 8 ] \r b r > - [ S C S I ] m e g a r a i d _ s a s : A d d s u p p o r t f o r E x t e n d e d M S I - x v e c t o r s f o r 1 2 G b / s c o n t r o l l e r ( S u m i t . S a x e n a @ l s i . c o m ) [ O r a b u g : 1 7 9 4 0 3 7 8 ] \r b r > - [ S C S I ] m e g a r a i d _ s a s : S e t I o F l a g s t o e n a b l e F a s t P a t h f o r J B O D s f o r 1 2 G b / s c o n t r o l l e r s ( S u m i t . S a x e n a @ l s i . c o m ) [ O r a b u g : 1 7 9 4 0 3 7 8 ] \r b r > - [ S C S I ] m e g a r a i d _ s a s : A d d s u p p o r t t o d i s p l a y C u s t o m e r b r a n d i n g d e t a i l s i n s y s l o g ( S u m i t . S a x e n a @ l s i . c o m ) [ O r a b u g : 1 7 9 4 0 3 7 8 ] \r b r > - [ S C S I ] m e g a r a i d _ s a s : A d d s u p p o r t f o r M e g a R A I D F u r y ( d e v i c e I D - 0 x 0 0 5 f ) 1 2 G b / s c o n t r o l l e r s ( S u m i t . S a x e n a @ l s i . c o m ) [ O r a b u g : 1 7 9 4 0 3 7 8 ] \r b r > - [ S C S I ] m e g a r a i d _ s a s : S e t I O r e q u e s t t i m e o u t v a l u e p r o v i d e d b y O S t i m e o u t f o r T a p e d e v i c e s ( S u m i t . S a x e n a @ l s i . c o m ) [ O r a b u g : 1 7 9 4 0 3 7 8 ] \r b r > - [ S C S I ] m e g a r a i d _ s a s : F r e e e v e n t d e t a i l m e m o r y w i t h o u t d e v i c e I D c h e c k ( S u m i t . S a x e n a @ l s i . c o m ) [ O r a b u g : 1 7 9 4 0 3 7 8 ] \r b r > - [ S C S I ] m e g a r a i d _ s a s : U p d a t e b a l a n c e c o u n t i n d r i v e r t o b e i n s y n c o f f i r m w a r e ( S u m i t . S a x e n a @ l s i . c o m ) [ O r a b u g : 1 7 9 4 0 3 7 8 ] \r b r > - [ S C S I ] m e g a r a i d _ s a s : F i x t h e i n t e r r u p t m a s k f o r G e n 2 c o n t r o l l e r ( S u m i t . S a x e n a @ l s i . c o m ) [ O r a b u g : 1 7 9 4 0 3 7 8 ] \r b r > - [ S C S I ] m e g a r a i d _ s a s : R e t u r n D I D _ E R R O R f o r S C S I I O , w h e n c o n t r o l l e r i s i n c r i t i c a l h / w e r r o r ( S u m i t . S a x e n a @ l s i . c o m ) [ O r a b u g : 1 7 9 4 0 3 7 8 ] \r b r > - [ S C S I ] m e g a r a i d _ s a s : r e l e a s e l o c k o n e r r o r p a t h ( D a n C a r p e n t e r ) [ O r a b u g : 1 7 9 4 0 3 7 8 ] \r b r > - [ S C S I ] m e g a r a i d _ s a s : U s e c o r r e c t # d e f i n e f o r M S I - X c a p a b i l i t y ( B j o r n H e l g a a s ) [ O r a b u g : 1 7 9 4 0 3 7 8 ] \r b r > - [ S C S I ] m e g a r a i d _ s a s : V e r s i o n a n d C h a n g e l o g u p d a t e ( A d a m R a d f o r d ) [ O r a b u g : 1 7 9 4 0 3 7 8 ] \r b r > - [ S C S I ] m e g a r a i d _ s a s : D o n t l o a d D e v H a n d l e u n l e s s F a s t P a t h e n a b l e d ( A d a m R a d f o r d ) [ O r a b u g : 1 7 9 4 0 3 7 8 ] \r b r > - [ S C S I ] m e g a r a i d _ s a s : A d d 4 k F a s t P a t h D I F s u p p o r t ( A d a m R a d f o r d ) [ O r a b u g : 1 7 9 4 0 3 7 8 ] \r b r > - m e g a r a i d : R e v e r t d r i v e r u p d a t e ( M a r t i n K . P e t e r s e n ) [ O r a b u g : 1 7 9 4 0 3 7 8 ] \r b r > - c c i s s : f i x b r o k e n m u t e x u s a g e i n i o c t l ( S t e p h e n M . C a m e r o n ) [ O r a b u g : 1 7 7 6 3 6 2 0 ] \r b r > - c c i s s : a d d c c i s s _ m u t e x ( A r n d B e r g m a n n ) [ O r a b u g : 1 7 7 6 3 6 2 0 ] \r b r > - c c i s s : r e m o v e c c i s s _ k e r n e l _ c o m p a t . h ( V a u g h a n C a o ) [ O r a b u g : 1 7 7 6 3 6 2 0 ] \r b r > - b l o c k : a d d a n d u s e s c s i _ b l k _ c m d _ i o c t l ( P a o l o B o n z i n i ) [ O r a b u g : 1 7 7 6 3 6 2 0 ] \r b r > - c c i s s : a d d s m a l l d e l a y w h e n u s i n g P C I P o w e r M a n a g e m e n t t o r e s e t f o r k u m p ( M i k e M i l l e r ) [ O r a b u g : 1 7 7 6 3 6 2 0 ] \r b r > - c c i s s : s e t m a x s c a t t e r g a t h e r e n t r i e s t o 3 2 o n P 6 0 0 ( M i k e M i l l e r ) [ O r a b u g : 1 7 7 6 3 6 2 0 ] \r b r > - c c i s s : b u g f i x t o p r e v e n t c c i s s f r o m l o a d i n g i n k d u m p c r a s h k e r n e l ( M i k e M i l l e r ) [ O r a b u g : 1 7 7 6 3 6 2 0 ] \r b r > - c c i s s : c h a n g e l o w e r c a s e t o u p p e r c a s e f o r P 7 0 0 M d e f i n p r o d u c t s ( V a u g h a n C a o ) [ O r a b u g : 1 7 7 6 3 6 2 0 ] \r b r > - c c i s s : r e m o v e _ _ d e v * m a r k i n g s ( V a u g h a n C a o ) [ O r a b u g : 1 7 7 6 3 6 2 0 ] \r b r > - c c i s s : u p g r a d e t o 4 . 6 . 2 8 ( V a u g h a n C a o ) [ O r a b u g : 1 7 7 6 3 6 2 0 ] \r b r > - R e v e r t ' S P E C : F i x x e n m u l t i b o o t s u p p o r t ' ( J e r r y S n i t s e l a a r ) [ O r a b u g : 1 7 7 9 2 3 0 3 ] \r b r > - k b u i l d : S e t o b j e c t s . b u i l t i n d e p e n d e n c y t o b z I m a g e f o r C O N F I G _ C T F ( J e r r y S n i t s e l a a r ) [ O r a b u g : 1 7 5 1 0 9 1 5 ] \r b r > - u b i f s : w a i t f o r p a g e w r i t e b a c k t o p r o v i d e s t a b l e p a g e s ( J a n K a r a ) [ O r a b u g : 1 7 9 3 9 8 7 8 ] \r b r > - o c f s 2 : w a i t f o r p a g e w r i t e b a c k t o p r o v i d e s t a b l e p a g e s ( J a n K a r a ) [ O r a b u g : 1 7 9 3 9 8 7 8 ] \r b r > - b l o c k : o p t i o n a l l y s n a p s h o t p a g e c o n t e n t s t o p r o v i d e s t a b l e p a g e s d u r i n g w r i t e ( D a r r i c k J . W o n g ) [ O r a b u g : 1 7 9 3 9 8 7 8 ] \r b r > - m m : o n l y e n f o r c e s t a b l e p a g e w r i t e s i f t h e b a c k i n g d e v i c e r e q u i r e s i t ( D a r r i c k J . W o n g ) [ O r a b u g : 1 7 9 3 9 8 7 8 ] \r b r > - b d i : a l l o w b l o c k d e v i c e s t o s a y t h a t t h e y r e q u i r e s t a b l e p a g e w r i t e s ( D a r r i c k J . W o n g ) [ O r a b u g : 1 7 9 3 9 8 7 8 ] \r b r > - n e t f i l t e r : e n a b l e l o g t a r g e t ( J e r r y S n i t s e l a a r ) [ O r a b u g : 1 7 8 8 5 3 4 8 ] \r b r > - q l a 4 x x x : U p d a t e d d r i v e r v e r s i o n t o 5 . 0 4 . 0 0 . 0 0 . 0 6 . 0 2 - u e k 3 ( T e j P a r k a s h ) [ O r a b u g : 1 7 9 6 0 4 2 7 ] \r b r > - q l a 4 x x x : o v e r f l o w i n q l a 4 x x x _ s e t _ c h a p _ e n t r y ( ) ( D a n C a r p e n t e r ) [ O r a b u g : 1 7 9 6 0 4 2 7 ] \r b r > - q l a 4 x x x : A d d s u p p o r t f o r a d d i t i o n a l n e t w o r k p a r a m e t e r s s e t t i n g s ( H a r i s h Z u n j a r r a o ) [ O r a b u g : 1 7 9 6 0 4 2 7 ] \r b r > - i s c s i _ t r a n s p o r t : A d d i t i o n a l p a r a m e t e r s f o r n e t w o r k s e t t i n g s ( H a r i s h Z u n j a r r a o ) [ O r a b u g : 1 7 9 6 0 4 2 7 ] \r b r > - i s c s i _ t r a n s p o r t : R e m o v e n e t p a r a m e n u m v a l u e s ( H a r i s h Z u n j a r r a o ) [ O r a b u g : 1 7 9 6 0 4 2 7 ] \r b r > - q l a 4 x x x : A d d s u p p o r t t o g e t C H A P d e t a i l s f o r f l a s h t a r g e t s e s s i o n ( A d h e e r C h a n d r a v a n s h i ) [ O r a b u g : 1 7 9 6 0 4 2 7 ] \r b r > - q l a 4 x x x : A d d s u p p o r t t o s e t C H A P e n t r i e s ( A d h e e r C h a n d r a v a n s h i ) [ O r a b u g : 1 7 9 6 0 4 2 7 ] \r b r > - s c s i _ t r a n s p o r t _ i s c s i : A d d s u p p o r t t o s e t C H A P e n t r i e s ( A d h e e r C h a n d r a v a n s h i ) [ O r a b u g : 1 7 9 6 0 4 2 7 ] \r b r > - q l a 4 x x x : U s e o f f s e t b a s e d o n a d a p t e r t y p e t o s e t C H A P e n t r y i n f l a s h ( A d h e e r C h a n d r a v a n s h i ) [ O r a b u g : 1 7 9 6 0 4 2 7 ] \r b r > - q l a 4 x x x : P o p u l a t e l o c a l C H A P c r e d e n t i a l s f o r f l a s h t a r g e t s e s s i o n s ( A d h e e r C h a n d r a v a n s h i ) [ O r a b u g : 1 7 9 6 0 4 2 7 ] \r b r > - q l a 4 x x x : S u p p o r t s e t t i n g o f l o c a l C H A P i n d e x f o r f l a s h t a r g e t e n t r y ( A d h e e r C h a n d r a v a n s h i ) [ O r a b u g : 1 7 9 6 0 4 2 7 ] \r b r > - q l a 4 x x x : C o r r e c t t h e c h e c k f o r l o c a l C H A P e n t r y t y p e ( A d h e e r C h a n d r a v a n s h i ) [ O r a b u g : 1 7 9 6 0 4 2 7 ] \r b r > - q l a 4 x x x : c o r r e c t l y u p d a t e s e s s i o n d i s c o v e r y _ p a r e n t _ i d x . ( M a n i s h R a n g a n k a r ) [ O r a b u g : 1 7 9 6 0 4 2 7 ] \r b r > - q l a 4 x x x : R e t u r n e r r o r i f m i n i d u m p d a t a c o l l e c t i o n f a i l s ( V i k a s C h a u d h a r y ) [ O r a b u g : 1 7 9 6 0 4 2 7 ] \r b r > - q l a 4 x x x : F i x t h e m i n i d u m p d a t a c o l l e c t i o n c h e c k i n f o r l o o p ( S a n t o s h V e r n e k a r ) [ O r a b u g : 1 7 9 6 0 4 2 7 ] \r b r > - q l a 4 x x x : A d d p e x - d m a s u p p o r t f o r c a p t u r i n g m i n i d u m p ( S a n t o s h V e r n e k a r ) [ O r a b u g : 1 7 9 6 0 4 2 7 ] \r b r > - q l a 4 x x x : U p d a t e C o p y r i g h t h e a d e r ( V i k a s C h a u d h a r y ) [ O r a b u g : 1 7 9 6 0 4 2 7 ] \r b r > - q l a 4 x x x : I m p l e m e n t a t i o n o f A C B c o n f i g u r a t i o n d u r i n g L o o p b a c k f o r I S P 8 0 4 2 ( N i l e s h J a v a l i ) [ O r a b u g : 1 7 9 6 0 4 2 7 ] \r b r > - q l a 4 x x x : A d d e d s u p p o r t f o r I S P 8 0 4 2 ( V i k a s C h a u d h a r y ) [ O r a b u g : 1 7 9 6 0 4 2 7 ] \r b r > - i p _ o u t p u t : d o s k b u f o i n i t f o r p e e k e d n o n u f o s k b a s w e l l ( J i r i P i r k o ) [ O r a b u g : 1 7 9 5 1 0 7 8 ] { C V E - 2 0 1 3 - 4 4 7 0 } \r b r > - i p 6 _ o u t p u t : d o s k b u f o i n i t f o r p e e k e d n o n u f o s k b a s w e l l ( J i r i P i r k o ) [ O r a b u g : 1 7 9 5 1 0 8 0 ] { C V E - 2 0 1 3 - 4 4 7 0 } \r b r > - K V M : x 8 6 : f i x g u e s t - i n i t i a t e d c r a s h w i t h x 2 a p i c ( C V E - 2 0 1 3 - 6 3 7 6 ) ( G l e b N a t a p o v ) [ O r a b u g : 1 7 9 5 1 0 6 7 ] { C V E - 2 0 1 3 - 6 3 7 6 } \r b r > - K V M : x 8 6 : C o n v e r t v a p i c s y n c h r o n i z a t i o n t o _ c a c h e d f u n c t i o n s ( C V E - 2 0 1 3 - 6 3 6 8 ) ( A n d y H o n i g ) [ O r a b u g : 1 7 9 5 1 0 7 1 ] { C V E - 2 0 1 3 - 6 3 6 8 } \r b r > - K V M : x 8 6 : F i x p o t e n t i a l d i v i d e b y 0 i n l a p i c ( C V E - 2 0 1 3 - 6 3 6 7 ) ( A n d y H o n i g ) [ O r a b u g : 1 7 9 5 1 0 7 3 ] { C V E - 2 0 1 3 - 6 3 6 7 } \r b r > - S U N R P C : d o n ' t m a p E K E Y E X P I R E D t o E A C C E S i n c a l l _ r e f r e s h r e s u l t ( A n d y A d a m s o n ) [ O r a b u g : 1 7 9 3 1 7 3 8 ] \r b r > - N F S v 4 : F i x s t a t e r e f e r e n c e c o u n t i n g i n _ n f s 4 _ o p e n d a t a _ r e c l a i m _ t o _ n f s 4 _ s t a t e ( T r o n d M y k l e b u s t ) [ O r a b u g : 1 7 9 3 1 2 9 3 ] \r b r > - N F S v 4 : d o n ' t r e p r o c e s s c a c h e d o p e n C L A I M _ P R E V I O U S ( W e s t o n A n d r o s A d a m s o n ) [ O r a b u g : 1 7 9 3 1 2 9 2 ] \r b r > - N F S v 4 : d o n ' t f a i l o n m i s s i n g f a t t r i n o p e n r e c o v e r ( W e s t o n A n d r o s A d a m s o n ) [ O r a b u g : 1 7 9 3 1 2 9 0 ] \r b r > - N F S v 4 : f i x N U L L d e r e f e r e n c e i n o p e n r e c o v e r ( W e s t o n A n d r o s A d a m s o n ) [ O r a b u g : 1 7 9 3 1 2 8 1 ] \r b r > - N F S v 4 : F i x a u s e - a f t e r - f r e e s i t u a t i o n i n _ n f s 4 _ p r o c _ g e t l k ( ) ( T r o n d M y k l e b u s t ) [ O r a b u g : 1 7 9 3 1 2 7 2 ] \r b r > - x e n / b l k b a c k : f i x r e f e r e n c e c o u n t i n g ( V e g a r d N o s s u m ) [ O r a b u g : 1 7 9 3 1 2 0 9 ] \r b r > - b l k - c o r e : F i x m e m o r y c o r r u p t i o n i f b l k c g _ i n i t _ q u e u e f a i l s ( M i k u l a s P a t o c k a ) [ O r a b u g : 1 7 9 3 1 2 0 5 ] \r b r > - x f s : a d d c a p a b i l i t y c h e c k t o f r e e e o f b l o c k s i o c t l ( D w i g h t E n g e n ) [ O r a b u g : 1 7 9 3 1 0 9 6 ] \r b r > - c o m p i l e r - g c c . h : A d d g c c - r e c o m m e n d e d G C C _ V E R S I O N m a c r o ( D a n i e l S a n t o s ) [ O r a b u g : 1 7 8 8 2 8 7 7 ] \r b r > - f i x k a b i b r e a k a g e ( D a r r i c k J . W o n g ) [ O r a b u g : 1 4 5 4 8 7 7 5 ] \r b r > - d i r e c t - i o : H a n d l e O _ ( D ) S Y N C A I O ( D a r r i c k J . W o n g ) [ O r a b u g : 1 4 5 4 8 7 7 5 ] \r b r > - d i r e c t - i o : I m p l e m e n t g e n e r i c d e f e r r e d A I O c o m p l e t i o n s f o r e x t 4 ( D a r r i c k J . W o n g ) [ O r a b u g : 1 4 5 4 8 7 7 5 ] \r b r > - d i r e c t - i o : I m p l e m e n t g e n e r i c d e f e r r e d A I O c o m p l e t i o n s ( D a r r i c k J . W o n g ) [ O r a b u g : 1 4 5 4 8 7 7 5 ] \r b r > \r b r > [ 3 . 8 . 1 3 - 2 0 . e l 6 u e k ] \r b r > - K V M : F i x i o m m u m a p / u n m a p t o h a n d l e m e m o r y s l o t m o v e s ( A l e x W i l l i a m s o n ) [ O r a b u g : 1 7 8 4 1 9 6 0 ] { C V E - 2 0 1 3 - 4 5 9 2 } \r b r > - a n s i _ c p r n g : F i x o f f b y o n e e r r o r i n n o n - b l o c k s i z e r e q u e s t ( J e r r y S n i t s e l a a r ) [ O r a b u g : 1 7 8 3 7 9 9 7 ] { C V E - 2 0 1 3 - 4 3 4 5 } \r b r > - i x g b e : u p d a t e f r o m 3 . 1 5 . 1 t o 3 . 1 8 . 7 ( e t h a n . z h a o ) [ O r a b u g : 1 7 7 1 8 0 7 3 ] \r b r > - x 8 6 , m t r r : F i x o r i g i n a l m t r r r a n g e g e t f o r m t r r _ c l e a n u p ( Y i n g h a i L u ) [ O r a b u g : 1 7 8 1 2 7 5 9 ] \r b r > - S U N R P C : F i x a d a t a c o r r u p t i o n i s s u e w h e n r e t r a n s m i t t i n g R P C c a l l s ( T r o n d M y k l e b u s t ) [ O r a b u g : 1 7 8 2 1 8 8 4 ] \r b r > - [ S C S I ] h p s a : r e m o v e u n n e e d e d v a r i a b l e ( T o m a s H e n z l ) [ O r a b u g : 1 7 7 1 9 4 0 4 ] \r b r > - [ S C S I ] h p s a : h o u s e k e e p i n g p a t c h f o r d e v i c e _ i d a n d p r o d u c t a r r a y s ( M i k e M i l l e r ) [ O r a b u g : 1 7 7 1 9 4 0 4 ] \r b r > - h p s a : a d d H P S m a r t A r r a y G e n 8 n a m e P 8 2 2 s e ( V a u g h a n C a o ) [ O r a b u g : 1 7 7 1 9 4 0 4 ] \r b r > - [ S C S I ] h p s a : a d d H P S m a r t A r r a y G e n 9 P C I I D ' s ( M i k e M i l l e r ) [ O r a b u g : 1 7 7 1 9 4 0 4 ] \r b r > - h p s a : C o n v e r t r e t r u n t y p o s t o r e t u r n ( J o e P e r c h e s ) [ O r a b u g : 1 7 7 1 9 4 0 4 ] \r b r > - [ S C S I ] h p s a : f i x w a r n i n g w i t h s m p _ p r o c e s s o r _ i d ( ) i n p r e e m p t i b l e ( J o h n K a c u r ) [ O r a b u g : 1 7 7 1 9 4 0 4 ] \r b r > - [ S C S I ] h p s a : f i x a r a c e i n c m d _ f r e e / s c s i _ d o n e ( T o m a s H e n z l ) [ O r a b u g : 1 7 7 1 9 4 0 4 ] \r b r > - h p s a : f i x c o m p i l a t i o n e r r o r o f _ _ d e v * m a r k i n g s ( V a u g h a n C a o ) [ O r a b u g : 1 7 7 1 9 4 0 4 ] \r b r > - h p s a : u p g r a d e t o 3 . 4 . 2 - 5 ( V a u g h a n C a o ) [ O r a b u g : 1 7 7 1 9 4 0 4 ] \r b r > \r b r > [ 3 . 8 . 1 3 - 1 9 . e l 6 u e k ] \r b r > - n e t : f i x c i p s o p a c k e t v a l i d a t i o n w h e n ! N E T L A B E L ( S e i f M a z a r e e b ) [ O r a b u g : 1 7 8 0 6 5 1 8 ] \r b r > - c a n : d e v : f i x n l m s g s i z e c a l c u l a t i o n i n c a n _ g e t _ s i z e ( ) ( M a r c K l e i n e - B u d d e ) [ O r a b u g : 1 7 8 0 6 5 1 7 ] \r b r > - i p v 4 : f i x i n e f f e c t i v e s o u r c e a d d r e s s s e l e c t i o n ( J i r i B e n c ) [ O r a b u g : 1 7 8 0 6 5 1 6 ] \r b r > - e c r y p t f s : F i x m e m o r y l e a k a g e i n k e y s t o r e . c ( G e y s l a n G . B e m ) [ O r a b u g : 1 7 8 0 6 5 1 3 ] \r b r > - c o n n e c t o r : u s e n l m s g _ l e n ( ) t o c h e c k m e s s a g e l e n g t h ( M a t h i a s K r a u s e ) [ O r a b u g : 1 7 8 0 6 5 1 2 ] \r b r > - n e t : v l a n : f i x n l m s g s i z e c a l c u l a t i o n i n v l a n _ g e t _ s i z e ( ) ( M a r c K l e i n e - B u d d e ) [ O r a b u g : 1 7 8 0 6 5 1 0 ] \r b r > - S P E C : F i x x e n m u l t i b o o t s u p p o r t ( Z h i g a n g W a n g ) [ O r a b u g : 1 7 7 9 2 3 0 3 ] \r b r > - c o n f i g : e n a b l e C O N F I G _ P A N I C _ O N _ O O P S o n s p a r c ( J e r r y S n i t s e l a a r ) [ O r a b u g : 1 7 7 6 2 4 6 1 ] \r b r > - N F S v 4 . 1 : D o n ' t l o s e l o c k s w h e n a s e r v e r r e b o o t s d u r i n g d e l e g a t i o n r e t u r n ( T r o n d M y k l e b u s t ) [ O r a b u g : 1 7 4 1 9 8 3 1 ] \r b r > - N F S v 4 . 1 e n d b a c k c h a n n e l s e s s i o n d r a i n i n g ( A n d y A d a m s o n ) [ O r a b u g : 1 7 4 1 9 8 3 1 ] \r b r > - N F S v 4 . 1 F i x a p N F S s e s s i o n d r a i n i n g d e a d l o c k ( A n d y A d a m s o n ) [ O r a b u g : 1 7 4 1 9 8 3 1 ] \r b r > - N F S v 4 . 1 : E n s u r e t h a t w e f r e e t h e l o c k s t a t e i d o n t h e s e r v e r ( T r o n d M y k l e b u s t ) [ O r a b u g : 1 7 4 1 9 8 3 1 ] \r b r > - N F S v 4 : C o n v e r t n f s 4 1 _ f r e e _ s t a t e i d t o u s e a n a s y n c h r o n o u s R P C c a l l ( T r o n d M y k l e b u s t ) [ O r a b u g : 1 7 4 1 9 8 3 1 ] \r b r > - N F S v 4 : D o n ' t r e c h e c k p e r m i s s i o n s o n o p e n i n c a s e o f r e c o v e r y c a c h e d o p e n ( T r o n d M y k l e b u s t ) [ O r a b u g : 1 7 4 1 9 8 3 1 ] \r b r > - N F S v 4 : R e c o r d t h e O P E N c r e a t e m o d e u s e d i n t h e n f s 4 _ o p e n d a t a s t r u c t u r e ( T r o n d M y k l e b u s t ) [ O r a b u g : 1 7 4 1 9 8 3 1 ] \r b r > - N F S v 4 : F i x a n o t h e r o p e n / o p e n _ r e c o v e r y d e a d l o c k ( T r o n d M y k l e b u s t ) [ O r a b u g : 1 7 4 1 9 8 3 1 ] \r b r > - N L M : E n s u r e t h a t w e r e s e n d a l l p e n d i n g b l o c k i n g l o c k s a f t e r a r e c l a i m ( T r o n d M y k l e b u s t ) [ O r a b u g : 1 7 4 1 9 8 3 1 ] \r b r > - N F S v 4 : F i x a r e b o o t r e c o v e r y r a c e w h e n o p e n i n g a f i l e ( T r o n d M y k l e b u s t ) [ O r a b u g : 1 7 4 1 9 8 3 1 ] \r b r > - N F S v 4 : E n s u r e d e l e g a t i o n r e c a l l a n d b y t e r a n g e l o c k r e m o v a l d o n ' t c o n f l i c t ( T r o n d M y k l e b u s t ) [ O r a b u g : 1 7 4 1 9 8 3 1 ] \r b r > - N F S v 4 : F i x u p t h e r e t u r n v a l u e s o f n f s 4 _ o p e n _ d e l e g a t i o n _ r e c a l l ( T r o n d M y k l e b u s t ) [ O r a b u g : 1 7 4 1 9 8 3 1 ] \r b r > - N F S v 4 . 1 : D o n ' t l o s e l o c k s w h e n a s e r v e r r e b o o t s d u r i n g d e l e g a t i o n r e t u r n ( T r o n d M y k l e b u s t ) [ O r a b u g : 1 7 4 1 9 8 3 1 ] \r b r > - N F S v 4 . 1 : P r e v e n t d e a d l o c k s b e t w e e n s t a t e r e c o v e r y a n d f i l e l o c k i n g ( T r o n d M y k l e b u s t ) [ O r a b u g : 1 7 4 1 9 8 3 1 ] \r b r > - N F S v 4 : A l l o w t h e s t a t e m a n a g e r t o m a r k a n o p e n _ o w n e r a s b e i n g r e c o v e r e d ( T r o n d M y k l e b u s t ) [ O r a b u g : 1 7 4 1 9 8 3 1 ] \r b r > - d r i v e r s / b a s e / c o r e . c : A l w a y s o u t p u t d e v i c e r e n a m i n g m e s s a g e s . ( e t h a n . z h a o ) [ O r a b u g : 1 7 4 7 7 7 8 3 ] \r b r > - i x g b e v f : D o n ' t o u t p u t N I C n a m e b e f o r e r e g i s t e r e d . ( e t h a n . z h a o ) [ O r a b u g : 1 7 4 7 7 7 8 3 ] \r b r > - x e n / s m p : i n i t i a l i z e I P I v e c t o r s b e f o r e m a r k i n g C P U o n l i n e ( C h u c k A n d e r s o n ) [ O r a b u g : 1 7 8 0 0 0 0 9 ] \r b r > - c p u : m a k e s u r e t h a t c p u / o n l i n e f i l e c r e a t e d b e f o r e K O B J _ A D D i s e m i t t e d ( I g o r M a m m e d o v ) [ O r a b u g : 1 7 8 0 0 0 0 9 ] \r b r > - c p u : f i x ' c r a s h _ n o t e s ' a n d ' c r a s h _ n o t e s _ s i z e ' l e a k s i n r e g i s t e r _ c p u ( ) ( I g o r M a m m e d o v ) [ O r a b u g : 1 7 8 0 0 0 0 9 ] \r b r > \r b r > d t r a c e - m o d u l e s - 3 . 8 . 1 3 - 2 6 . e l 6 u e k \r b r > [ 0 . 4 . 2 - 3 ] \r b r > - O b s o l e t e t h e o l d p r o v i d e r h e a d e r s p a c k a g e . [ O r a b u g : 1 8 0 6 1 5 9 5 ] \r b r > \r b r > [ 0 . 4 . 2 - 2 ] \r b r > - C h a n g e n a m e o f p r o v i d e r h e a d e r s p a c k a g e , t o a v o i d c o n f l i c t s o n y u m u p d a t e . \r b r > [ O r a b u g : 1 8 0 6 1 5 9 5 ] \r b r > \r b r > [ 0 . 4 . 2 - 1 ] \r b r > - F i x ' v t i m e s t a m p ' i m p l e m e n t a t i o n . \r b r > [ O r a b u g : 1 7 7 4 1 4 7 7 ] \r b r > - S u p p o r t S D T p r o b e s p o i n t s i n k e r n e l m o d u l e s . \r b r > [ O r a b u g : 1 7 8 5 1 7 1 6 ] \r b r > / p > \n \n \n b r > h 2 > R e l a t e d C V E s / h 2 > \n b r > t a b l e c e l l p a d d i n g = \" 2 \" c e l l s p a c i n g = \" 2 \" b o r d e r = \" 0 \" w i d t h = \" 1 0 0 % \" > t b o d y > \n t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 3 - 2 1 4 7 . h t m l \" > C V E - 2 0 1 3 - 2 1 4 7 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 3 - 2 1 4 8 . h t m l \" > C V E - 2 0 1 3 - 2 1 4 8 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 3 - 2 8 5 0 . h t m l \" > C V E - 2 0 1 3 - 2 8 5 0 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 3 - 2 8 9 3 . h t m l \" > C V E - 2 0 1 3 - 2 8 9 3 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 3 - 2 8 9 5 . h t m l \" > C V E - 2 0 1 3 - 2 8 9 5 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 3 - 2 8 9 6 . h t m l \" > C V E - 2 0 1 3 - 2 8 9 6 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 3 - 2 8 9 7 . h t m l \" > C V E - 2 0 1 3 - 2 8 9 7 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 3 - 2 8 9 8 . h t m l \" > C V E - 2 0 1 3 - 2 8 9 8 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 3 - 2 8 9 9 . h t m l \" > C V E - 2 0 1 3 - 2 8 9 9 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 3 - 4 3 5 0 . h t m l \" > C V E - 2 0 1 3 - 4 3 5 0 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 3 - 4 2 0 5 . h t m l \" > C V E - 2 0 1 3 - 4 2 0 5 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 3 - 4 2 4 7 . h t m l \" > C V E - 2 0 1 3 - 4 2 4 7 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 3 - 4 2 7 0 . h t m l \" > C V E - 2 0 1 3 - 4 2 7 0 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 3 - 4 3 0 0 . h t m l \" > C V E - 2 0 1 3 - 4 3 0 0 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 3 - 6 4 3 1 . h t m l \" > C V E - 2 0 1 3 - 6 4 3 1 / a > / t d > / t r > \n / t b o d y > / t a b l e > \n \n b r > h 2 > U p d a t e d P a c k a g e s / h 2 > \n b r > t a b l e c e l l p a d d i n g = \" 2 \" c e l l s p a c i n g = \" 2 \" b o r d e r = \" 0 \" w i d t h = \" 1 0 0 % \" > t b o d y > \n t r s t y l e = \" c o l o r : # F F 0 0 0 0 ; \" > t d > b > R e l e a s e / A r c h i t e c t u r e / b > t d > b > F i l e n a m e / b > / t d > t d > b > M D 5 s u m / b > / t d > t d > b > S u p e r s e d e d B y A d v i s o r y / b > / t d > / t r > \n t r > t d c o l s p a n = \" 4 \" > / t d > / t r > t r > t d > O r a c l e L i n u x 6 ( x 8 6 _ 6 4 ) / t d > t d > d t r a c e - m o d u l e s - 3 . 8 . 1 3 - 2 6 . e l 6 u e k - 0 . 4 . 2 - 3 . e l 6 . s r c . r p m / t d > t d > c 4 0 c b d 0 e 9 c 9 2 4 5 2 e 7 0 a 8 b 8 4 5 6 9 7 b d a 9 8 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - 3 . 8 . 1 3 - 2 6 . e l 6 u e k . s r c . r p m / t d > t d > a 4 9 0 d 2 7 f 2 1 f 2 1 4 d b c c f b 2 4 4 1 5 1 2 0 6 3 8 a / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > t r > t d > / t d > t d > d t r a c e - m o d u l e s - 3 . 8 . 1 3 - 2 6 . e l 6 u e k - 0 . 4 . 2 - 3 . e l 6 . x 8 6 _ 6 4 . r p m / t d > t d > 3 e 0 b e 1 f c 4 e a 2 f 6 1 3 b f f 7 c 4 b a 0 a 5 c b 2 c 0 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > d t r a c e - m o d u l e s - h e a d e r s - 0 . 4 . 2 - 3 . e l 6 . x 8 6 _ 6 4 . r p m / t d > t d > 8 3 3 9 8 a 0 5 b 7 a 2 8 5 0 7 1 8 5 3 a 4 2 2 9 9 7 6 1 9 6 0 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 4 - 3 0 3 7 . h t m l \" > E L S A - 2 0 1 4 - 3 0 3 7 / a > / t d > / t r > t r > t d > / t d > t d > d t r a c e - m o d u l e s - p r o v i d e r - h e a d e r s - 0 . 4 . 2 - 3 . e l 6 . x 8 6 _ 6 4 . r p m / t d > t d > b 8 9 b 4 0 3 2 5 0 3 5 e 1 e 3 8 0 f 1 d a f 5 7 f 3 6 2 8 6 4 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L B A - 2 0 1 7 - 3 5 4 3 . h t m l \" > E L B A - 2 0 1 7 - 3 5 4 3 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - 3 . 8 . 1 3 - 2 6 . e l 6 u e k . x 8 6 _ 6 4 . r p m / t d > t d > e b a 7 8 a d 6 0 1 8 8 f 8 9 c 6 9 3 5 1 0 b d c 5 3 d e d 3 6 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e b u g - 3 . 8 . 1 3 - 2 6 . e l 6 u e k . x 8 6 _ 6 4 . r p m / t d > t d > 7 e 3 6 4 a c 3 1 e b b 3 8 f 7 c 7 8 1 2 9 a e 7 c b 4 5 d 7 b / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e b u g - d e v e l - 3 . 8 . 1 3 - 2 6 . e l 6 u e k . x 8 6 _ 6 4 . r p m / t d > t d > 0 3 e 0 a a 0 f 7 4 d 0 3 7 f 3 d f 9 8 d f d 2 1 4 8 6 a e 3 3 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e v e l - 3 . 8 . 1 3 - 2 6 . e l 6 u e k . x 8 6 _ 6 4 . r p m / t d > t d > 4 2 d 9 d 8 8 8 c e 4 b 2 5 e 6 4 f 6 d 2 7 f c 2 2 b 3 6 f b 1 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d o c - 3 . 8 . 1 3 - 2 6 . e l 6 u e k . n o a r c h . r p m / t d > t d > 5 5 b 2 2 f 8 a d 4 7 d b 2 4 c f 1 8 5 2 5 6 9 2 a 6 8 4 d 3 e / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - f i r m w a r e - 3 . 8 . 1 3 - 2 6 . e l 6 u e k . n o a r c h . r p m / t d > t d > 1 b 9 8 2 5 8 c 3 4 b 4 8 d 7 6 0 f 8 9 2 1 b 3 1 8 b 9 f d f a / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - h e a d e r s - 3 . 8 . 1 3 - 2 6 . e l 6 u e k . x 8 6 _ 6 4 . r p m / t d > t d > c 9 7 c 5 3 c f e d 4 a 0 7 1 3 7 b e e 9 4 0 e b c e 8 0 2 9 c / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L B A - 2 0 1 4 - 3 1 0 1 . h t m l \" > E L B A - 2 0 1 4 - 3 1 0 1 / a > / t d > / t r > \n / t b o d y > / t a b l e > \n \n \n b r > b r > \n b r > p > \n T h i s p a g e i s g e n e r a t e d a u t o m a t i c a l l y a n d h a s n o t b e e n c h e c k e d f o r e r r o r s o r o m i s s i o n s . F o r c l a r i f i c a t i o n \n o r c o r r e c t i o n s p l e a s e c o n t a c t t h e a h r e f = \" h t t p s : / / l i n u x . o r a c l e . c o m / \" > O r a c l e L i n u x U L N t e a m / a > / p > \n \n \n \n / d i v > \n ! - - \n / d i v > \n - - > \n / d i v > \n / d i v > \n \n \n d i v i d = \" m c 1 6 \" c l a s s = \" m c 1 6 v 0 \" > \n d i v c l a s s = \" m c 1 6 w 1 \" > \n h 2 > T e c h n i c a l i n f o r m a t i o n / h 2 > \n u l > \n l i > a h r e f = \" h t t p s : / / l i n u x . o r a c l e . c o m / h a r d w a r e - c e r t i f i c a t i o n s \" t a r g e t = \" _ b l a n k \" > O r a c l e L i n u x C e r t i f i e d H a r d w a r e / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / l i b r a r y / e l s p - l i f e t i m e - 0 6 9 3 3 8 . p d f \" > O r a c l e L i n u x S u p p o r t e d R e l e a s e s / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 1 \" > \n h 2 > O r a c l e L i n u x S u p p o r t / h 2 > \n u l > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / t e c h n o l o g i e s / l i n u x / O r a c l e L i n u x S u p p o r t / i n d e x . h t m l \" t a r g e t = \" _ b l a n k \" > O r a c l e L i n u x S u p p o r t / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / p r e m i e r / s e r v e r s - s t o r a g e / o v e r v i e w / i n d e x . h t m l \" t a r g e t = \" _ b l a n k \" > O r a c l e P r e m i e r S u p p o r t f o r S y s t e m s / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / a d v a n c e d - c u s t o m e r - s e r v i c e s / o v e r v i e w / \" > A d v a n c e d C u s t o m e r S e r v i c e s / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 2 \" > \n h 2 > C o n n e c t / h 2 > \n u l > \n l i c l a s s = \" f b i c o n \" > a h r e f = \" h t t p : / / w w w . f a c e b o o k . c o m / o r a c l e l i n u x \" t i t l e = \" F a c e b o o k \" n a m e = \" F a c e b o o k \" t a r g e t = \" _ b l a n k \" i d = \" F a c e b o o k \" > F a c e b o o k / a > / l i > \n l i c l a s s = \" t w i c o n \" > a h r e f = \" h t t p : / / w w w . t w i t t e r . c o m / O r a c l e L i n u x \" t i t l e = \" T w i t t e r \" n a m e = \" T w i t t e r \" t a r g e t = \" _ b l a n k \" i d = \" T w i t t e r \" > T w i t t e r / a > / l i > \n l i c l a s s = \" i n i c o n \" > a h r e f = \" h t t p : / / w w w . l i n k e d i n . c o m / g r o u p s ? g i d = 1 2 0 2 3 8 \" t i t l e = \" L i n k e d I n \" n a m e = \" L i n k e d I n \" t a r g e t = \" _ b l a n k \" i d = \" L i n k e d I n \" > L i n k e d I n / a > / l i > \n l i c l a s s = \" y t i c o n \" > a h r e f = \" h t t p : / / w w w . y o u t u b e . c o m / o r a c l e l i n u x c h a n n e l \" t i t l e = \" Y o u T u b e \" n a m e = \" Y o u T u b e \" t a r g e t = \" _ b l a n k \" i d = \" Y o u T u b e \" > Y o u T u b e / a > / l i > \n l i c l a s s = \" b l o g i c o n \" > a h r e f = \" h t t p : / / b l o g s . o r a c l e . c o m / l i n u x \" t i t l e = \" B l o g \" n a m e = \" B l o g \" > B l o g / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 3 \" > \n h 2 > C o n t a c t U s / h 2 > \n u l > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / c o r p o r a t e / c o n t a c t / g l o b a l - 0 7 0 5 1 1 . h t m l \" > G l o b a l c o n t a c t s / a > / l i > \n l i > O r a c l e 1 - 8 0 0 - 6 3 3 - 0 6 9 1 / l i > \n / u l > \n / d i v > \n / d i v > \n / d i v > \n \n d i v i d = \" m c 0 4 \" c l a s s = \" m c 0 4 v 1 \" > \n d i v c l a s s = \" m c 0 4 w 1 \" > \n a h r e f = \" h t t p : / / o r a c l e . c o m \" > i m g s r c = \" / / w w w . o r a c l e i m g . c o m / a s s e t s / m c 0 4 - f o o t e r - l o g o . p n g \" b o r d e r = \" 0 \" a l t = \" s o f t w a r e . h a r d w a r e . c o m p l e t e \" / > / a > \n / d i v > \n \n d i v c l a s s = \" m c 0 4 w 2 \" > \n a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / s u b s c r i b e / i n d e x . h t m l \" > S u b s c r i b e / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / c o r p o r a t e / e m p l o y m e n t / i n d e x . h t m l \" > C a r e e r s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / c o r p o r a t e / c o n t a c t / i n d e x . h t m l \" > C o n t a c t U s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / c o p y r i g h t . h t m l \" > L e g a l N o t i c e s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / t e r m s . h t m l \" > T e r m s o f U s e / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / p r i v a c y . h t m l \" > Y o u r P r i v a c y R i g h t s / a > \n / d i v > \n / d i v > \n / d i v > \n / b o d y > \n / h t m l > \n ", "published": "2014-02-11T00:00:00", "cvss": {"score": 7.9, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://linux.oracle.com/errata/ELSA-2014-3002.html", "cvelist": ["CVE-2013-4345", "CVE-2013-2896", "CVE-2013-2898", "CVE-2013-6431", "CVE-2013-4592", "CVE-2013-4270", "CVE-2013-2147", "CVE-2013-4300", "CVE-2013-2897", "CVE-2013-2148", "CVE-2013-6368", "CVE-2013-2850", "CVE-2013-2899", "CVE-2013-6367", "CVE-2013-6376", "CVE-2013-4247", "CVE-2013-4205", "CVE-2013-4350", "CVE-2013-2895", "CVE-2013-4470", "CVE-2013-2893"], "lastseen": "2018-04-04T13:07:20"}, {"id": "ELSA-2013-1348", "type": "oraclelinux", "title": "Oracle linux 5 kernel update", "description": "kernel\r\n[2.6.18-371]\r\n- [net] be2net: enable polling prior enabling interrupts globally (Ivan Vecera) [987539]\r\n \n[2.6.18-370]\r\n- [net] be2net: Fix to avoid hardware workaround when not needed (Ivan Vecera) [995961]\r\n- [kernel] signals: stop info leak via tkill and tgkill syscalls (Oleg Nesterov) [970875] {CVE-2013-2141}\r\n \n[2.6.18-369]\r\n- [fs] nlm: Ensure we resend pending blocking locks after a reclaim (Steve Dickson) [918592]\r\n- [kernel] kmod: kthread_run causes oom killer deadlock (Frantisek Hrbata) [983506]\r\n- [fs] nfs4: ratelimit some messages, add name to bad seq-id mess (Dave Wysochanski) [953121]\r\n- [fs] nfsd: fix EXDEV checking in rename (J. Bruce Fields) [515599]\r\n- [misc] tty: Fix abusers of current-sighand->tty (Aaron Tomlin) [858981]\r\n- [net] ipv6: don't call addrconf_dst_alloc again when enable lo (Jiri Benc) [981417]\r\n- [redhat] kabi: Adding symbol fc_fabric_login (Jiri Olsa) [864256]\r\n- [redhat] kabi: Adding symbol fcoe_ctlr_recv (Jiri Olsa) [864256]\r\n- [redhat] kabi: Adding symbol fc_exch_mgr_reset (Jiri Olsa) [864256]\r\n- [redhat] kabi: Adding symbol fc_lport_init (Jiri Olsa) [864256]\r\n- [redhat] kabi: Adding symbol fc_exch_recv (Jiri Olsa) [864256]\r\n- [redhat] kabi: Adding symbol fc_lport_destroy (Jiri Olsa) [864256]\r\n- [redhat] kabi: Adding symbol fcoe_ctlr_els_send (Jiri Olsa) [864256]\r\n- [redhat] kabi: Adding symbol fcoe_ctlr_destroy (Jiri Olsa) [864256]\r\n- [redhat] kabi: Adding symbol fc_exch_init (Jiri Olsa) [864256]\r\n- [redhat] kabi: Adding symbol fc_fabric_logoff (Jiri Olsa) [864256]\r\n- [redhat] kabi: Adding symbol fc_set_mfs (Jiri Olsa) [864256]\r\n- [redhat] kabi: Adding symbol fc_elsct_init (Jiri Olsa) [864256]\r\n- [redhat] kabi: Adding symbol fcoe_ctlr_link_up (Jiri Olsa) [864256]\r\n- [redhat] kabi: Adding symbol fcoe_ctlr_recv_flogi (Jiri Olsa) [864256]\r\n- [redhat] kabi: Adding symbol fc_change_queue_depth (Jiri Olsa) [864256]\r\n- [redhat] kabi: Adding symbol fcoe_ctlr_init (Jiri Olsa) [864256]\r\n- [redhat] kabi: Adding symbol fcoe_ctlr_link_down (Jiri Olsa) [864256]\r\n- [redhat] kabi: Adding symbol fc_change_queue_type (Jiri Olsa) [864256]\r\n- [redhat] kabi: Adding symbol fc_exch_mgr_free (Jiri Olsa) [864256]\r\n- [redhat] kabi: Adding symbol fc_exch_mgr_alloc (Jiri Olsa) [864256]\r\n- [redhat] kabi: Adding symbol fc_lport_config (Jiri Olsa) [864256]\r\n- [redhat] kabi: Adding symbol fc_disc_init (Jiri Olsa) [864256]\r\n- [redhat] kabi: Adding symbol strict_strtoul (Jiri Olsa) [864256]\r\n- [redhat] kabi: Adding symbol fc_rport_init (Jiri Olsa) [864256]\r\n- [redhat] kabi: Adding symbol fc_get_host_port_state (Jiri Olsa) [864256]\r\n \n[2.6.18-368]\r\n- [net] tg3: Add read dma workaround for 5720 (Ivan Vecera) [984064]\r\n- [net] tg3: Add New 5719 Read DMA workaround (Ivan Vecera) [984064]\r\n- [net] vlan: fix perf regression due to missing features flags (Michal Schmidt) [977711]\r\n \n[2.6.18-367]\r\n- [net] ipv6: do udp_push_pending_frames AF_INET sock pending data (Jiri Benc) [987648] {CVE-2013-4162}\r\n- [net] mlx4: restore pre-RHEL5.9 default value of log_num_mac (Michal Schmidt) [968352]\r\n- [x86_64] Fix kdump failure due to 'x86_64: Early segment setup' (Paolo Bonzini) [987244]\r\n- [fs] vfs: remove unused __d_splice_alias argument (J. Bruce Fields) [785916]\r\n- [fs] vfs: stop d_splice_alias creating directory aliases (J. Bruce Fields) [785916]\r\n- [xen] skip tracing if it was disabled instead of dying (Igor Mammedov) [967053]\r\n \n[2.6.18-366]\r\n- [net] be2net: Activate new FW after FW download for Lancer (Ivan Vecera) [982590]\r\n- [net] be2net: Fix initialization sequence for Lancer (Ivan Vecera) [982590]\r\n- [net] be2net: Fix FW download in Lancer (Ivan Vecera) [982590]\r\n- [net] qlge: Fix receive path to drop error frames (Chad Dupuis) [975852]\r\n- [net] qlge: remove NETIF_F_TSO6 flag (Chad Dupuis) [975852]\r\n- [net] qlge: Moving low level frame error to ethtool statistics (Chad Dupuis) [975852]\r\n- [net] qlge: Fixed double pci free on tx_ring->q allocation fail (Chad Dupuis) [975852]\r\n \n[2.6.18-365]\r\n- [net] be2net: Mark checksum fail for IP fragmented packets (Ivan Vecera) [956322]\r\n- [net] be2net: Avoid double insertion of vlan tags (Ivan Vecera) [956322]\r\n- [net] be2net: disable TX in be_close() (Ivan Vecera) [956322]\r\n- [net] be2net: fix EQ from getting full while cleaning RX CQ (Ivan Vecera) [956322]\r\n- [net] be2net: avoid napi_disable() when not enabled (Ivan Vecera) [956322]\r\n- [net] be2net: Fix receive Multicast Packets w/ Promiscuous mode (Ivan Vecera) [956322]\r\n- [net] be2net: Fixed memory leak (Ivan Vecera) [956322]\r\n- [net] be2net: Fix PVID tag offload for packets w/ inline VLAN tag (Ivan Vecera) [956322]\r\n- [net] be2net: fix a Tx stall bug caused by a specific ipv6 packet (Ivan Vecera) [956322]\r\n- [net] be2net: Remove an incorrect pvid check in Tx (Ivan Vecera) [956322]\r\n- [net] be2net: Fix issues in error recovery with wrong queue state (Ivan Vecera) [956322]\r\n- [net] netpoll: revert 6bdb7fe3104 and fix be_poll() instead (Ivan Vecera) [956322]\r\n- [net] be2net: Fix to parse RSS hash Receive completions correctly (Ivan Vecera) [956322]\r\n- [net] be2net: Fix cleanup path when EQ creation fails (Ivan Vecera) [956322]\r\n- [net] be2net: Fix Endian (Ivan Vecera) [956322]\r\n- [net] be2net: Fix to trim skb for padded vlan packets (Ivan Vecera) [956322]\r\n- [net] be2net: Explicitly clear reserved field in Tx Descriptor (Ivan Vecera) [956322]\r\n- [net] be2net: remove unnecessary usage of unlikely() (Ivan Vecera) [956322]\r\n- [net] be2net: do not modify PCI MaxReadReq size (Ivan Vecera) [956322]\r\n- [net] be2net: cleanup be_vid_config() (Ivan Vecera) [956322]\r\n- [net] be2net: don't call vid_config() when there no vlan config (Ivan Vecera) [956322]\r\n- [net] be2net: Ignore status of some ioctls during driver load (Ivan Vecera) [956322]\r\n- [net] be2net: Fix wrong status getting returned for MCC commands (Ivan Vecera) [956322]\r\n- [net] be2net: Fix VLAN/multicast packet reception (Ivan Vecera) [956322]\r\n- [net] be2net: fix wrong frag_idx reported by RX CQ (Ivan Vecera) [956322]\r\n- [infiniband] cxgb4: Compile when CXGB4 is set, not CXGB3 (Doug Ledford) [871555]\r\n- Revert: [infiniband] qib: add qib, mod ipath to only support HTX (Doug Ledford) [871555]\r\n- Revert: [infiniband] Enable Kconfig for ipath (Doug Ledford) [871555]\r\n- Revert: [infiniband] Revert upstream 'Infiniband: make ipath' (Doug Ledford) [871555]\r\n- Revert: [infiniband] Revert upstream 'IB/ipath: Make ipath_port' (Doug Ledford) [871555]\r\n- Revert: [infiniband] Revert upstream 'IB/ipath: Convert from ...' (Doug Ledford) [871555]\r\n- Revert: [infiniband] Revert upstream 'cpumask: use new cpumask' (Doug Ledford) [871555]\r\n- Revert: [infiniband] Import of backport patch from ofed 1.4.2 (Doug Ledford) [871555]\r\n- Revert: [infiniband] Pull in backport from ofed 1.4.2 (Doug Ledford) [871555]\r\n- Revert: [infiniband] aio_write not right entrypoint to use in our (Doug Ledford) [871555]\r\n- Revert: [infiniband] make up for lack of HT_IRQ config option (Doug Ledford) [871555]\r\n- Revert: [infiniband] Don't use vmalloc_user (Doug Ledford) [871555]\r\n- Revert: [infiniband] More device->class_device conversions (Doug Ledford) [871555]\r\n- Revert: [scsi] qla4xxx: ISP8xxx: Correct retry of adapter initial (Chad Dupuis) [978150]\r\n- [net] af_key: fix info leaks in notify messages (Jiri Benc) [981000] {CVE-2013-2234}\r\n- [net] af_key: initialize satype in key_notify_policy_flush() (Jiri Benc) [981224] {CVE-2013-2237}\r\n- [net] Fix panic for vlan over gre via tun (Thomas Graf) [981337]\r\n- [net] ipv6: ip6_sk_dst_check() must not assume ipv6 dst (Jiri Pirko) [981557] {CVE-2013-2232}\r\n \n[2.6.18-364]\r\n- [net] sctp: Disallow new connection on a closing socket (Daniel Borkmann) [974936] {CVE-2013-2206}\r\n- [net] sctp: Use correct sideffect command in dup cookie handling (Daniel Borkmann) [974936] {CVE-2013-2206}\r\n- [net] sctp: deal with multiple COOKIE_ECHO chunks (Daniel Borkmann) [974936] {CVE-2013-2206}\r\n- [scsi] qla4xxx: Update vers to 5.02.04.06.05.10-d0 for Inbox rel (Chad Dupuis) [978150]\r\n- [scsi] qla4xxx: ISP8xxx: Correct retry of adapter initialization (Chad Dupuis) [978150]\r\n- [scsi] qla4xxx: Fix req queue count manipulation on response path (Chad Dupuis) [978150]\r\n- [scsi] qla4xxx: Fix targets not coming back if chap is enabled (Chad Dupuis) [978150]\r\n- [scsi] qla4xxx: Correct early completion of pending mbox (Chad Dupuis) [978150]\r\n- [net] fix invalid free in ip_cmsg_send() callers (Petr Matousek) [980142] {CVE-2013-2224}\r\n- [x86_64] Early segment setup for VT (Paolo Bonzini) [978305]\r\n- [block] cpqarray: info leak in ida_locked_ioctl() (Tomas Henzl) [971246] {CVE-2013-2147}\r\n- [net] tcp: bind() use stronger condition for bind_conflict (Flavio Leitner) [957604]\r\n \n[2.6.18-363]\r\n- [virt] netback: don't disconnect frontend with oversize packet (Andrew Jones) [971155]\r\n- [virt] netfront: reduce gso_max_size to account max TCP header (Andrew Jones) [971155]\r\n- [block] cdrom: use kzalloc() for failing hardware (Frantisek Hrbata) [973104] {CVE-2013-2164}\r\n- [block] cciss: Update version string (Linda Knippers) [919633]\r\n \n[2.6.18-362]\r\n- [block] cciss: Silence noisy per-device cciss messages (Tomas Henzl) [827515]\r\n- [fs] gfs2: flush work queue before clearing glock hash tables (Abhijith Das) [959532]\r\n- [fs] extN: tighten restrictions on inode flags (Eric Sandeen) [756309]\r\n- [mm] use-after-free in madvise_remove() (Jacob Tanenbaum) [849736] {CVE-2012-3511}\r\n- [internal] kernel.spec: add Provides line to kernel-debug-devel (Phillip Lougher) [709658]\r\n \n[2.6.18-361]\r\n- [fs] ext4: Avoid crashing on NULL ptr dereference on fs error (Carlos Maiolino) [867748]\r\n- [fs] ext4: set extents flag when migrating file to use extents (Carlos Maiolino) [867748]\r\n- [fs] ext4: Convert more i_flags references to use accessors (Carlos Maiolino) [867748]\r\n- [fs] ext4: Fix remaining racy updates of EXT4_I(inode)->i_flags (Carlos Maiolino) [867748]\r\n- [fs] ext4: Use bitops to read/modify i_flags in ext4_inode_info (Carlos Maiolino) [867748]\r\n- [fs] ext3/4: don't clear orphan list on ro mount with errors (Eric Sandeen) [850803]\r\n- [fs] jbd2: round commit timer up to avoid uncommitted transaction (Carlos Maiolino) [892393]\r\n- [scsi] ibmvfc: Ignore fabric RSCNs when link is dead (Steve Best) [964334]\r\n- [mm] Page migration: Don't accept invalid nodes in target nodeset (Jan Stancek) [848473]\r\n- [mm] Break out when there is nothing more to write for the fs. (Larry Woodman) [965359]\r\n- [sound] ALSA - fix the no-sound issue for Creative Recon3D cards (Jaroslav Kysela) [796912]\r\n \n[2.6.18-360]\r\n- [fs] zisofs: fix readpage() outside i_size (Eric Sandeen) [952860]\r\n- [net] fixed: fix module unloading for the 'fixed' driver (Nikolay Aleksandrov) [647894]\r\n- [net] ipv6: assign rt6_info to inet6_ifaddr in init_loopback (Jiri Benc) [971067]\r\n- [net] Bluetooth: fix possible info leak in bt_sock_recvmsg() (Radomir Vrbovsky) [955601] {CVE-2013-3224}\r\n- [block] gen8plus Smart Array IDs (Linda Knippers) [919633]\r\n- [net] Bluetooth: HCI & L2CAP information leaks (Jacob Tanenbaum) [922416] {CVE-2012-6544}\r\n- [virt] xen PV passthru: assign SR-IOV VFs to sep virtual slots (Laszlo Ersek) [865736]\r\n- [scsi] be2iscsi: This patch bumps the version number (Rob Evers) [962503]\r\n- [scsi] be2iscsi: This patch fixes the NOPIN issues (Rob Evers) [962503]\r\n- [xen] cap physmem at 1TB (Andrew Jones) [961667]\r\n- [xen] cleanup invalid checksum error (Andrew Jones) [914814]\r\n- [xen] mask cpuid avx (Andrew Jones) [894360]\r\n \n[2.6.18-359]\r\n- [fs] autofs4: use __simple_empty() for empty directory check (Ian Kent) [873922]\r\n- [fs] autofs: remove autofs dentry mount check (Ian Kent) [928098]\r\n- [redhat] kabi: Adding symbol register_lro_netdev (Jiri Olsa) [873514]\r\n- [redhat] kabi: Adding symbol unregister_lro_netdev (Jiri Olsa) [873514]\r\n- [misc] signal: use __ARCH_HAS_SA_RESTORER instead of SA_RESTORER (Nikola Pajkovsky) [920504] {CVE-2013-0914}\r\n- [misc] signal: always clear sa_restorer on execve (Nikola Pajkovsky) [920504] {CVE-2013-0914}\r\n- [misc] signal: Def __ARCH_HAS_SA_RESTORER for sa_restorer clear (Nikola Pajkovsky) [920504] {CVE-2013-0914}\r\n- [net] ipv6: Fix broken IPv6 routing table after loopback down-up (Jiri Benc) [745321]\r\n- [v i r t ] h v : u s e g r a c e f u l l y s h u t d o w n i n s t e a d o f p o w e r o f f ( J a s o n W a n g ) [ 9 0 3 4 6 0 ] \r b r > - [ m d ] d m k c o p y d t h r o t t l i n g ( M i k u l a s P a t o c k a ) [ 9 5 8 5 5 6 ] \r b r > - [ s c s i ] s t o r v s c : P r o p e r l y h a n d l e i n - t r a n s i t p a c k e t s d u r i n g a r e s e t ( J a s o n W a n g ) [ 8 6 5 2 9 2 ] \r b r > - [ n e t ] s k y 2 : f i x s c h e d u l i n g w h i l e a t o m i c i n s k y 2 _ v l a n _ r x _ r e g i s t e r ( N i k o l a y A l e k s a n d r o v ) [ 9 2 0 7 5 7 ] \r b r > - [ x 8 6 ] f i x t i m e o u t o f p o l l ( 2 ) w / 3 2 - b i t p r o c e s s e s o n x 8 6 _ 6 4 ( N a o y a H o r i g u c h i ) [ 7 9 4 6 7 0 ] \r b r > \r b r > [ 2 . 6 . 1 8 - 3 5 8 ] \r b r > - [ n e t ] t g 3 : b u f f e r o v e r f l o w i n V P D f i r m w a r e p a r s i n g ( J a c o b T a n e n b a u m ) [ 9 4 9 9 4 0 ] { C V E - 2 0 1 3 - 1 9 2 9 } \r b r > - [ n e t ] a t m : u p d a t e m s g _ n a m e l e n i n v c c _ r e c v m s g ( ) ( N i k o l a P a j k o v s k y ) [ 9 5 5 2 2 3 ] { C V E - 2 0 1 3 - 3 2 2 2 } \r b r > - [ i a 6 4 ] f i x K A B I b r e a k a g e o n i a 6 4 ( P r a r i t B h a r g a v a ) [ 9 6 0 7 8 3 ] \r b r > - [ c p u f r e q ] a c p i - c p u f r e q m o r e d e f e n s i v e a g a i n s t B I O S f r e q c h a n g e s ( L e n n y S z u b o w i c z ) [ 9 2 1 8 5 6 ] \r b r > - [ n e t ] t c p : c o n n e c t ( ) r a c e w i t h t i m e w a i t r e u s e ( J i r i P i r k o ) [ 9 4 7 0 3 8 ] \r b r > - [ b l o c k ] i d e : A l l o w c o n f i g u r a t i o n o f p r e f e r _ m s _ h y p e r v ( R a d o m i r V r b o v s k y ) [ 9 0 7 2 3 1 ] \r b r > - [ i n f i n i b a n d ] R e t u r n l i n k l a y e r t y p e t o u s e r s p a c e q u e r y p o r t o p ( J a y F e n l a s o n ) [ 8 6 6 3 3 1 ] \r b r > - [ s c s i ] i p r : F i x o o p s w h i l e r e s e t t i n g a n i p r a d a p t e r ( S t e v e B e s t ) [ 9 1 4 3 9 1 ] \r b r > - [ n e t ] i p v 6 : R e m o v e I P V 6 _ A D D R _ R E S E R V E D ( A m e r i g o W a n g ) [ 7 2 8 9 2 2 ] \r b r > - [ n e t ] I P _ M U L T I C A S T _ I F s e t s o c k o p t n o w r e c o g n i z e s s t r u c t m r e q ( J i r i P i r k o ) [ 8 4 7 6 1 3 ] \r b r > - [ n e t ] r e d u c e p e r c p u r a m u s e d f o r l o o p b a c k s t a t s ( W e i p i n g P a n ) [ 8 7 2 4 6 6 ] \r b r > - [ n e t ] i p v 4 : c h e c k o p t l e n f o r I P _ M U L T I C A S T _ I F o p t i o n ( J i r i P i r k o ) [ 8 6 6 7 4 3 ] \r b r > \r b r > [ 2 . 6 . 1 8 - 3 5 7 ] \r b r > - [ f s ] e x t 4 : p r e v e n t r a c e w h i l e w a l k i n g e x t e n t t r e e f o r f i e m a p ( L u k a s C z e r n e r ) [ 6 9 2 0 7 1 ] \r b r > - [ f s ] e x t 4 : F i x p o s s i b l y v e r y l o n g l o o p i n f i e m a p ( L u k a s C z e r n e r ) [ 6 9 2 0 7 1 ] \r b r > - [ f s ] e x t 4 : m a k e F I E M A P a n d d e l a y e d a l l o c a t i o n p l a y w e l l t o g e t h e r ( L u k a s C z e r n e r ) [ 6 9 2 0 7 1 ] \r b r > - [ f s ] e x t 4 : h a n d l e N U L L p _ e x t i n e x t 4 _ e x t _ n e x t _ a l l o c a t e d _ b l o c k ( ) ( L u k a s C z e r n e r ) [ 6 9 2 0 7 1 ] \r b r > - [ f s ] e x t 4 : d r o p e c _ t y p e f r o m t h e e x t 4 _ e x t _ c a c h e s t r u c t u r e ( L u k a s C z e r n e r ) [ 6 9 2 0 7 1 ] \r b r > - [ f s ] a f s : e x p o r t a c o u p l e o f c o r e f u n c t i o n s f o r A F S w r i t e s u p p o r t ( L u k a s C z e r n e r ) [ 6 9 2 0 7 1 ] \r b r > - [ f s ] c i f s : s h o w s e c = o p t i o n i n / p r o c / m o u n t s ( S a c h i n P r a b h u ) [ 8 0 6 4 8 1 ] \r b r > - [ f s ] c i f s : I n t r o d u c e w o r k a r o u n d f o r c r y p t o m o d u l e l o a d i n g p r o b l e m ( S a c h i n P r a b h u ) [ 8 0 6 4 8 1 ] \r b r > - [ f s ] c i f s : F i x e x t e n d e d s e c u r i t y a u t h f a i l u r e ( S a c h i n P r a b h u ) [ 8 0 6 4 8 1 ] \r b r > - [ f s ] c i f s : s i l e n c e p r i n t k w h e n e s t a b l i s h i n g f i r s t s e s s o n s o c k e t ( S a c h i n P r a b h u ) [ 8 0 6 4 8 1 ] \r b r > - [ f s ] c i f s : F i x s i g n f a i l u r e w h e n s e r v m a n d a t e s s i g n f o r N T L M S S P ( S a c h i n P r a b h u ) [ 8 0 6 4 8 1 ] \r b r > - [ f s ] c i f s : S u p p o r t N T L M 2 s e s s s e c u r i t y d u r N T L M S S P a u t h e n t i c a t e ( S a c h i n P r a b h u ) [ 8 0 6 4 8 1 ] \r b r > - [ f s ] c i f s : i g n o r e e v e r y t h i n g i n S P N E G O b l o b a f t e r m e c h T y p e s ( S a c h i n P r a b h u ) [ 8 0 6 4 8 1 ] \r b r > - [ f s ] c i f s : c h e c k o f f s e t i n d e c o d e _ n t l m s s p _ c h a l l e n g e ( ) ( S a c h i n P r a b h u ) [ 8 0 6 4 8 1 ] \r b r > - [ f s ] c i f s : e n d i a n f i x i n d e c o d e _ n t l m s s p _ c h a l l e n g e ( S a c h i n P r a b h u ) [ 8 0 6 4 8 1 ] \r b r > - [ f s ] c i f s : N T L M a u t h / s i g n - c r e a t e & s e n d k e y s f o r k e y e x c h a n g e ( S a c h i n P r a b h u ) [ 8 0 6 4 8 1 ] \r b r > - [ f s ] c i f s : m v ' n t l m s s p ' & ' l o c a l _ l e a s e s ' o p t s f r o m e x p e r i m e n t a l ( S a c h i n P r a b h u ) [ 8 0 6 4 8 1 ] \r b r > - [ f s ] c i f s : R e m o v e d i s t i n c t i o n b e t w e e n r a w n t l m s s p a n d n t l m s s p . ( S a c h i n P r a b h u ) [ 8 0 6 4 8 1 ] \r b r > - [ f s ] c i f s : F i x b r o k e n s e c = n t l m v 2 / i s e c o p t i o n ( t r y # 2 ) ( S a c h i n P r a b h u ) [ 8 0 6 4 8 1 ] \r b r > - [ f s ] c i f s : N T L M a u t h / s i g n - m i n o r e r r o r c o r r e c t i o n s a n d c l e a n u p ( S a c h i n P r a b h u ) [ 8 0 6 4 8 1 ] \r b r > - [ f s ] c i f s : N T L M a u t h / s i g n - A l l o c s e s s k e y / c l i e n t r e s d y n a m i c a l l y ( S a c h i n P r a b h u ) [ 8 0 6 4 8 1 ] \r b r > - [ f s ] c i f s : N T L M a u t h e n t & s i g n i n g - C a l c a u t h r e s p o n s e p e r s e s s ( S a c h i n P r a b h u ) [ 8 0 6 4 8 1 ] \r b r > - [ f s ] c i f s : n t l m a u t h e n t & s i g n i n g - p r o p e r a v / t i p a i r f o r n t l m v 2 ( S a c h i n P r a b h u ) [ 8 0 6 4 8 1 ] \r b r > - [ f s ] c i f s : f i x m o d u l e r e f c o u n t l e a k i n f i n d _ d o m a i n _ n a m e ( S a c h i n P r a b h u ) [ 8 0 6 4 8 1 ] \r b r > - [ f s ] c i f s : n t l m a u t h e n t & s i g n i n g - F i x r e s p o n s e l e n f o r n t l m v 2 ( S a c h i n P r a b h u ) [ 8 0 6 4 8 1 ] \r b r > - [ f s ] c i f s : N T L M v 2 / N T L M S S P n t l m v 2 w i t h i n n t l m s s p a u t h e n t i c a t e c o d e ( S a c h i n P r a b h u ) [ 8 0 6 4 8 1 ] \r b r > - [ f s ] c i f s : N T L M v 2 / N T L M S S P C h a n g e v a r n a m e m a c _ k e y t o s e s s i o n k e y ( S a c h i n P r a b h u ) [ 8 0 6 4 8 1 ] \r b r > - [ f s ] c i f s : n t l m v 2 / n t l m s s p r e m f u n c t i o n C a l c N T L M v 2 _ p a r t i a l _ m a c _ k e y ( S a c h i n P r a b h u ) [ 8 0 6 4 8 1 ] \r b r > - [ f s ] c i f s : h a v e d e c o d e _ n e g T o k e n I n i t s e t f l a g s i n s e r v e r s t r u c t ( S a c h i n P r a b h u ) [ 8 0 6 4 8 1 ] \r b r > - [ f s ] c i f s : e l i m i n a t e ' f i r s t _ t i m e ' p a r m t o C I F S _ S e s s S e t u p ( S a c h i n P r a b h u ) [ 8 0 6 4 8 1 ] \r b r > - [ f s ] c i f s : A l l o w r a w n t l m s s p c o d e t o b e e n a b l e d w i t h s e c = n t l m s s p ( S a c h i n P r a b h u ) [ 8 0 6 4 8 1 ] \r b r > - [ f s ] c i f s : F i x S M B u i d i n N T L M S S P a u t h e n t i c a t e r e q u e s t ( S a c h i n P r a b h u ) [ 8 0 6 4 8 1 ] \r b r > - [ f s ] c i f s : N T L M S S P r e e n a b l e d a f t e r m o v e f r o m c o n n e c t . c t o s e s s . c ( S a c h i n P r a b h u ) [ 8 0 6 4 8 1 ] \r b r > - [ f s ] c i f s : A d d r e m a i n i n g n t l m s s p f l a g s & s t a n d a r d i z e f i e l d n a m e s ( S a c h i n P r a b h u ) [ 8 0 6 4 8 1 ] \r b r > - [ m i s c ] g e n a l l o c : s t o p c r a s h i n g t h e s y s t e m w h e n d e s t r o y i n g a p o o l ( S t e v e B e s t ) [ 8 5 9 1 9 4 ] \r b r > - [ x 8 6 ] m m : i n t r o d u c e p r o p e r m e m b a r r i e r s s m p _ i n v a l i d a t e _ i n t e r r u p t ( R a f a e l A q u i n i ) [ 8 6 5 0 9 5 ] \r b r > - [ x 8 6 ] A d d s y s c t l t o a l l o w p a n i c o n I O C K N M I e r r o r ( P r a r i t B h a r g a v a ) [ 9 1 8 2 7 9 ] \r b r > \r b r > [ 2 . 6 . 1 8 - 3 5 6 ] \r b r > - [ f s ] n f s : f l u s h c a c h e d d i r i n f o r m a t i o n s l i g h t l y m o r e r e a d i l y ( S c o t t M a y h e w ) [ 8 5 3 1 4 5 ] \r b r > - [ f s ] n f s : F i x r e s o l u t i o n p r o b w i t h c a c h e _ c h a n g e _ a t t r i b u t e ( S c o t t M a y h e w ) [ 8 5 3 1 4 5 ] \r b r > - [ f s ] n f s : d e f i n e f u n c t i o n t o u p d a t e n f s i - > c a c h e _ c h a n g e _ a t t r i b u t e ( S c o t t M a y h e w ) [ 8 5 3 1 4 5 ] \r b r > - [ f s ] n f s v 4 : S a v e t h e o w n e r / g r o u p n a m e s t r i n g w h e n d o i n g o p e n ( S c o t t M a y h e w ) [ 6 0 9 2 5 2 ] \r b r > - [ f s ] n f s v 4 : D o n ' t d o i d m a p p e r u p c a l l s f o r a s y n c h r o n o u s R P C c a l l s ( S c o t t M a y h e w ) [ 6 0 9 2 5 2 ] \r b r > - [ f s ] n f s v 4 : F i x c a c h e v a l i d a t e b u g w h e r e g e t c w d ( ) r e t u r n s E N O E N T ( S c o t t M a y h e w ) [ 6 0 9 2 5 2 ] \r b r > - [ f s ] n f s v 4 : S i m p l i f y s o m e c a c h e c o n s i s t e n c y p o s t - o p G E T A T T R s ( S c o t t M a y h e w ) [ 6 0 9 2 5 2 ] \r b r > - [ f s ] n f s v 4 : s e t f a t t r - > v a l i d t o r e f l e c t w h a t w a s d e c o d e d ( S c o t t M a y h e w ) [ 6 0 9 2 5 2 ] \r b r > - [ f s ] n f s v 4 : C l e a n u p d e c o d e _ g e t f a t t r ( ) ( S c o t t M a y h e w ) [ 6 0 9 2 5 2 ] \r b r > - [ f s ] n f s v 4 : S u p p o r t N F S v 4 o p t i o n a l a t t r s i n t h e s t r u c t n f s _ f a t t r ( S c o t t M a y h e w ) [ 6 0 9 2 5 2 ] \r b r > - [ f s ] n f s : F i x n f s _ p o s t _ o p _ u p d a t e _ i n o d e _ f o r c e _ w c c ( ) ( S c o t t M a y h e w ) [ 6 0 9 2 5 2 ] \r b r > - [ m d ] s h u t d o w n , d o n ' t s w i t c h t o R O , m a r k c l e a n a n d s e t s a f e m o d e = 2 ( J e s S o r e n s e n ) [ 8 6 4 7 2 7 ] \r b r > - [ n e t ] c x g b 4 : z e r o o u t a n o t h e r f i r m w a r e r e q u e s t s t r u c t ( J a y F e n l a s o n ) [ 8 7 2 5 3 1 ] \r b r > - [ n e t ] c x g b 4 : c l e a r o u t m o s t f i r m w a r e r e q u e s t s t r u c t u r e s ( J a y F e n l a s o n ) [ 8 7 2 5 3 1 ] \r b r > - [ n e t ] e t h t o o l : a l l o w e n a b l e G R O e v e n i f R X c s u m i s d i s a b l e d ( I v a n V e c e r a ) [ 8 9 4 6 3 6 ] \r b r > - [ n e t ] e n a b l e G R O b y d e f a u l t f o r v l a n d e v i c e s ( I v a n V e c e r a ) [ 8 9 4 6 3 6 ] \r b r > - [ n e t ] b o n d i n g : e n a b l e g r o b y d e f a u l t ( I v a n V e c e r a ) [ 8 9 4 6 3 6 ] \r b r > - [ m m ] w r i t e b a c k : r e m o v e u n n e c e s s a r y w a i t i n t h r o t t l e _ v m _ w r i t e o u t ( ) ( F r a n t i s e k H r b a t a ) [ 8 2 2 7 6 8 ] \r b r > - [ m m ] t h r o t t l e _ v m _ w r i t e o u t : d o n ' t l o o p o n G F P _ N O F S / G F P _ N O I O a l l o c ( F r a n t i s e k H r b a t a ) [ 8 2 2 7 6 8 ] \r b r > - [ c h a r ] r a n d o m : m i x i n a r c h i t e c t u r a l r a n d o m n e s s i n e x t r a c t _ b u f ( ) ( P r a r i t B h a r g a v a ) [ 8 7 1 5 5 9 ] \r b r > - [ c h a r ] r a n d o m : U s e a r c h - s p e c i f i c R N G t o i n i t t h e e n t r o p y s t o r e ( P r a r i t B h a r g a v a ) [ 8 7 1 5 5 9 ] \r b r > - [ x 8 6 ] r a n d o m : V e r i f y R D R A N D f u n c t i o n a n d a l l o w i t t o b e d i s a b l e d ( P r a r i t B h a r g a v a ) [ 8 7 1 5 5 9 ] \r b r > - [ x 8 6 ] r a n d o m : A r c h i n l i n e s t o g e t r a n d o m i n t e g e r s w i t h R D R A N D ( P r a r i t B h a r g a v a ) [ 8 7 1 5 5 9 ] \r b r > - [ c h a r ] r a n d o m : A d d s u p p o r t f o r a r c h i t e c t u r a l r a n d o m h o o k s ( P r a r i t B h a r g a v a ) [ 8 7 1 5 5 9 ] \r b r > - [ c h a r ] r a n d o m : m a k e m i x i n g i n t e r f a c e b y t e - o r i e n t e d ( P r a r i t B h a r g a v a ) [ 8 7 1 5 5 9 ] \r b r > - [ c h a r ] r a n d o m : r e m o v e s o m e p r e f e t c h l o g i c ( P r a r i t B h a r g a v a ) [ 8 7 1 5 5 9 ] \r b r > - [ c h a r ] r a n d o m : i m p r o v e v a r i a b l e n a m i n g , c l e a r e x t r a c t b u f f e r ( P r a r i t B h a r g a v a ) [ 8 7 1 5 5 9 ] \r b r > - [ x 8 6 ] a d d c l e a r _ c p u _ c a p ( ) o p e r a t i o n ( P r a r i t B h a r g a v a ) [ 8 7 1 5 5 9 ] \r b r > - [ x 8 6 ] 3 2 - b i t , a d d a l t e r n a t i v e _ i o ( ) ( P r a r i t B h a r g a v a ) [ 8 7 1 5 5 9 ] \r b r > - [ x 8 6 ] a d d X 8 6 _ F E A T U R E _ R D R A N D ( P r a r i t B h a r g a v a ) [ 8 7 1 5 5 9 ] \r b r > - [ x 8 6 ] a d d A S M _ O U T P U T 2 ( P r a r i t B h a r g a v a ) [ 8 7 1 5 5 9 ] \r b r > - [ x 8 6 ] m c e , k e r n e l s u p p o r t s M C E f o r N e h a l e m ( P r a r i t B h a r g a v a ) [ 9 5 8 9 0 5 ] \r b r > - [ s c s i ] q l a 2 x x x : A d d a m u t e x a r o u n d u s e o f o p t r o m v a r i a b l e s . ( C h a d D u p u i s ) [ 7 9 5 5 5 0 ] \r b r > - [ n e t ] b e 2 n e t : f i x w r o n g f r a g _ i d x r e p o r t e d b y R X C Q ( I v a n V e c e r a ) [ 8 6 2 5 2 0 ] \r b r > - [ n e t ] b n x 2 x : P r e v e n t N U L L p o i n t e r d e r e f e r e n c e i n k d u m p ( M i c h a l S c h m i d t ) [ 8 6 7 3 0 2 ] \r b r > - [ s c s i ] c x g b 4 i h o t - u n p l u g ( J a y F e n l a s o n ) [ 7 8 6 0 2 4 ] \r b r > - [ n e t ] b o n d : a d d s u p p o r t t o r e a d s p e e d a n d d u p l e x v i a e t h t o o l ( A n d y G o s p o d a r e k ) [ 7 0 4 5 7 5 ] \r b r > - [ n e t ] n e t p o l l : w o r k a r o u n d a r a c e c o n d i t i o n ( A m e r i g o W a n g ) [ 7 4 2 4 9 5 ] \r b r > - [ n e t ] I P V 6 : A l l o w a d d r e s s c h a n g e s w h i l e a d m i n i s t r a t i v e d o w n ( F l a v i o L e i t n e r ) [ 8 6 8 6 2 2 ] \r b r > - [ s o u n d ] A L S A - H D A - f i x N U L L p o i n t e r d e r e f e r e n c e f o r A L C 2 6 8 ( J a r o s l a v K y s e l a ) [ 9 0 1 3 3 7 ] \r b r > - [ s c s i ] c c i s s : u s e l u n r e s e t n o t t a r g e t r e s e t ( T o m a s H e n z l ) [ 8 9 3 0 4 9 ] \r b r > - [ n e t ] i g b v f : w o r k a r o u n d i 3 5 0 e r r a t u m ( S t e f a n A s s m a n n ) [ 8 7 8 9 0 4 ] \r b r > - [ n e t ] l l c : F i x m i s s i n g m s g _ n a m e l e n u p d a t e i n l l c _ u i _ r e c v m s g ( ) ( J e s p e r B r o u e r ) [ 9 5 6 0 9 7 ] { C V E - 2 0 1 3 - 3 2 3 1 } \r b r > - [ n e t ] t i p c : f i x i n f o l e a k s v i a m s g _ n a m e i n r e c v _ m s g / r e c v _ s t r e a m ( J e s p e r B r o u e r ) [ 9 5 6 1 4 9 ] { C V E - 2 0 1 3 - 3 2 3 5 } \r b r > - [ n e t ] B l u e t o o t h : R F C O M M F i x i n f o l e a k i n i o c t l ( R F C O M M G E T D E V L I S T ) ( R a d o m i r V r b o v s k y ) [ 9 2 2 4 0 7 ] { C V E - 2 0 1 2 - 6 5 4 5 } \r b r > - [ n e t ] B l u e t o o t h : R F C O M M - F i x i n f o l e a k v i a g e t s o c k n a m e ( ) ( R a d o m i r V r b o v s k y ) [ 9 2 2 4 0 7 ] { C V E - 2 0 1 2 - 6 5 4 5 } \r b r > - [ k e r n e l ] M a k e f u t e x _ w a i t ( ) u s e a n h r t i m e r f o r t i m e o u t ( P r a r i t B h a r g a v a ) [ 8 6 4 6 4 8 ] \r b r > \r b r > [ 2 . 6 . 1 8 - 3 5 5 ] \r b r > - [ c h a r ] i p m i : u s e a t a s k l e t f o r h a n d l i n g r e c e i v e d m e s s a g e s ( T o n y C a m u s o ) [ 9 4 7 7 3 2 ] \r b r > - [ c h a r ] i p m i : d o r u n _ t o _ c o m p l e t i o n p r o p e r l y i n d e l i v e r _ r e c v _ m s g ( T o n y C a m u s o ) [ 9 4 7 7 3 2 ] \r b r > - [ f s ] n f s 4 : f i x l o c k i n g a r o u n d c l _ s t a t e _ o w n e r s l i s t ( D a v e W y s o c h a n s k i ) [ 9 4 8 3 1 7 ] \r b r > - [ s 3 9 0 ] q e t h : f i x q e t h _ w a i t _ f o r _ t h r e a d s ( ) d e a d l o c k f o r O S N d e v i c e s ( H e n d r i k B r u e c k n e r ) [ 9 5 2 4 5 1 ] \r b r > - [ f s ] e x t 4 : c h e c k f o r z e r o l e n g t h e x t e n t ( L u k a s C z e r n e r ) [ 8 6 6 4 3 3 ] \r b r > - [ n e t ] b e 2 n e t : f i x b e _ c l o s e ( ) t o e n s u r e a l l e v e n t s a r e a c k ' e d ( I v a n V e c e r a ) [ 9 5 0 1 3 7 ] \r b r > - [ n e t ] b e 2 n e t : f i x a r a c e i n b e _ x m i t ( ) ( I v a n V e c e r a ) [ 9 4 9 9 5 9 ] \r b r > - [ k e r n e l ] k m o d : a v o i d d e a d l o c k f r o m r e c u r s i v e r e q u e s t _ m o d u l e c a l l ( F r a n t i s e k H r b a t a ) [ 9 4 9 5 6 8 ] \r b r > - [ n e t ] n e t x e n : w r i t e I P a d d r e s s t o f i r m w a r e w h e n u s i n g b o n d i n g ( N i k o l a y A l e k s a n d r o v ) [ 7 5 6 5 0 2 ] \r b r > - [ s 3 9 0 ] k e r n e l : s c h e d _ c l o c k ( ) o v e r f l o w ( H e n d r i k B r u e c k n e r ) [ 9 0 3 3 3 8 ] \r b r > - [ n e t ] d e v i n e t : R e g i s t e r i n e t d e v e a r l i e r ( J i r i P i r k o ) [ 7 7 0 8 1 3 ] \r b r > - [ f s ] n f s : F i x b u g s o n s h o r t r e a d ( S a c h i n P r a b h u ) [ 9 2 4 0 1 1 ] \r b r > - [ f s ] n f s : D o n ' t a l l o w N F S s i l l y - r e n a m e d f i l e s t o b e d e l e t e d ( D a v e W y s o c h a n s k i ) [ 9 0 6 4 7 2 ] \r b r > - [ x e n ] A M D I O M M U : s p o t m i s s i n g I O - A P I C e n t r i e s i n I V R S t a b l e ( I g o r M a m m e d o v ) [ 9 1 0 9 1 3 ] { C V E - 2 0 1 3 - 0 1 5 3 } \r b r > - [ x e n ] A M D , I O M M U : M a k e p e r - d e v i c e i n t e r r u p t r e m a p t a b l e d e f a u l t ( I g o r M a m m e d o v ) [ 9 1 0 9 1 3 ] { C V E - 2 0 1 3 - 0 1 5 3 } \r b r > - [ x e n ] A M D , I O M M U : D i s a b l e I O M M U i f S A T A C o m b i n e d m o d e i s o n ( I g o r M a m m e d o v ) [ 9 1 0 9 1 3 ] { C V E - 2 0 1 3 - 0 1 5 3 } \r b r > - [ x e n ] A M D , I O M M U : O n c r e a t i n g e n t r y c l e a n u p i n r e m a p p i n g t a b l e s ( I g o r M a m m e d o v ) [ 9 1 0 9 1 3 ] { C V E - 2 0 1 3 - 0 1 5 3 } \r b r > - [ x e n ] A C P I : a c p i _ t a b l e _ p a r s e ( ) s h o u l d r e t u r n h a n d l e r ' s e r r c o d e ( I g o r M a m m e d o v ) [ 9 1 0 9 1 3 ] { C V E - 2 0 1 3 - 0 1 5 3 } \r b r > - [ x e n ] i n t r o d u c e x z a l l o c ( ) & C o ( I g o r M a m m e d o v ) [ 9 1 0 9 1 3 ] { C V E - 2 0 1 3 - 0 1 5 3 } \r b r > \r b r > [ 2 . 6 . 1 8 - 3 5 4 ] \r b r > - [ x 8 6 ] f p u : f i x C O N F I G _ P R E E M P T = y c o r r u p t i o n o f F P U s t a c k ( P r a r i t B h a r g a v a ) [ 7 3 1 5 3 1 ] \r b r > - [ i 3 8 6 ] a d d s l e a z y F P U o p t i m i z a t i o n ( P r a r i t B h a r g a v a ) [ 7 3 1 5 3 1 ] \r b r > - [ x 8 6 - 6 4 ] n o n l a z y ' s l e a z y ' f p u i m p l e m e n t a t i o n ( P r a r i t B h a r g a v a ) [ 7 3 1 5 3 1 ] \r b r > - [ n e t ] b e 2 n e t : f i x c a l l i n g _ _ v l a n _ p u t _ t a g ( ) a f t e r e t h _ t y p e _ t r a n s ( ) ( I v a n V e c e r a ) [ 9 1 6 6 4 0 ] \r b r > - [ n e t ] b e 2 n e t : i n c r e m e n t / d e c r e m e n t v l a n s _ a d d e d o n l y o n c e ( I v a n V e c e r a ) [ 9 2 2 2 2 3 ] \r b r > - [ n e t ] t g 3 : u s e P C I P M c o r e f u n c s n o t d i r e c t a c c e s s t o r e g i s t e r s ( I v a n V e c e r a ) [ 8 6 6 8 2 2 ] \r b r > - [ f s ] e x t 3 : f i x u p d a t e o f m t i m e a n d c t i m e o n r e n a m e ( C a r l o s M a i o l i n o ) [ 9 1 9 1 9 1 ] \r b r > - [ f s ] n f s : h a n d l e g e t a t t r f a i l u r e d u r i n g n f s v 4 o p e n ( D a v i d J e f f e r y ) [ 9 0 6 9 0 9 ] \r b r > - [ p c i ] r e a d - m o d i f y - w r i t e P C I e d e v c o n t r o l r e g w h e n i n i t i a t i n g F L R ( M y r o n S t o w e ) [ 8 5 4 0 0 1 ] \r b r > - [ f s ] e x t 3 : f i x w r o n g g f p t y p e u n d e r t r a n s a c t i o n ( L u k a s C z e r n e r ) [ 8 1 6 6 6 5 ] \r b r > - [ p c i ] i n t e l - i o m m u : P r e v d e v s w i t h R M R R s f r o m g o i n g i n S I D o m a i n ( T o n y C a m u s o ) [ 8 3 9 3 3 4 ] \r b r > - [ n e t ] t c p : f i x > 2 i w s e l e c t i o n ( D a n i e l B o r k m a n n ) [ 8 7 1 7 8 7 ] \r b r > - [ a t a ] s a t a _ s v w : c h e c k D M A s t a r t b i t b e f o r e r e s e t ( D a v i d M i l b u r n ) [ 7 5 4 3 1 1 ] \r b r > - [ s 3 9 0 ] q e t h : s e t n e w m a c e v e n i f o l d m a c i s g o n e ( H e n d r i k B r u e c k n e r ) [ 8 8 3 4 5 9 ] \r b r > - [ s 3 9 0 ] q e t h : f i x d e a d l o c k b e t w e e n r e c o v e r y a n d b o n d i n g d r i v e r ( H e n d r i k B r u e c k n e r ) [ 8 6 9 6 4 6 ] \r b r > - [ s 3 9 0 ] d a s d : c h e c k c o u n t a d d r e s s d u r i n g o n l i n e s e t t i n g ( H e n d r i k B r u e c k n e r ) [ 8 5 9 5 2 7 ] \r b r > - [ s 3 9 0 ] h u g e t l b : u s e d i r e c t T L B f l u s h i n g f o r h u g e t l b f s p a g e s ( H e n d r i k B r u e c k n e r ) [ 8 6 1 1 7 8 ] \r b r > \r b r > [ 2 . 6 . 1 8 - 3 5 3 ] \r b r > - [ v i r t ] x e n - n e t b a c k : b a c k p o r t s ( A n d r e w J o n e s ) [ 9 1 0 8 8 5 ] { C V E - 2 0 1 3 - 0 2 1 6 C V E - 2 0 1 3 - 0 2 1 7 } \r b r > - [ v i r t ] x e n - n e t b a c k : n e t i f _ s c h e d u l a b l e s h o u l d t a k e a n e t i f ( A n d r e w J o n e s ) [ 9 1 0 8 8 5 ] { C V E - 2 0 1 3 - 0 2 1 6 C V E - 2 0 1 3 - 0 2 1 7 } \r b r > - [ v i r t ] p c i b a c k : r a t e l i m i t e r r o r m e s s f r o m p c i b a c k _ e n a b l e _ m s i ( ) ( I g o r M a m m e d o v ) [ 9 1 0 8 7 7 ] { C V E - 2 0 1 3 - 0 2 3 1 } \r b r > - [ n e t ] b e 2 n e t : r e m o v e B U G _ O N ( ) i n b e _ m c c _ c o m p l _ i s _ n e w ( ) ( I v a n V e c e r a ) [ 9 0 7 5 2 4 ] \r b r > - [ n e t ] i p v 4 : U p d a t e M T U t o a l l r e l a t e d c a c h e e n t r i e s ( A m e r i g o W a n g ) [ 9 0 5 1 9 0 ] \r b r > - [ n e t ] a n n o t a t e r t _ h a s h _ c o d e ( ) u s e r s ( A m e r i g o W a n g ) [ 9 0 5 1 9 0 ] \r b r > - [ n e t ] x f r m _ u s e r : f i x i n f o l e a k i n c o p y _ t o _ u s e r _ s t a t e ( ) ( T h o m a s G r a f ) [ 9 2 2 4 2 7 ] { C V E - 2 0 1 2 - 6 5 3 7 } \r b r > - [ n e t ] x f r m _ u s e r : f i x i n f o l e a k i n c o p y _ t o _ u s e r _ p o l i c y ( ) ( T h o m a s G r a f ) [ 9 2 2 4 2 7 ] { C V E - 2 0 1 2 - 6 5 3 7 } \r b r > - [ n e t ] x f r m _ u s e r : f i x i n f o l e a k i n c o p y _ t o _ u s e r _ t m p l ( ) ( T h o m a s G r a f ) [ 9 2 2 4 2 7 ] { C V E - 2 0 1 2 - 6 5 3 7 } \r b r > - [ n e t ] a t m : f i x i n f o l e a k i n g e t s o c k o p t ( S O _ A T M P V C ) ( T h o m a s G r a f ) [ 9 2 2 3 8 5 ] { C V E - 2 0 1 2 - 6 5 4 6 } \r b r > - [ n e t ] a t m : f i x i n f o l e a k v i a g e t s o c k n a m e ( ) ( T h o m a s G r a f ) [ 9 2 2 3 8 5 ] { C V E - 2 0 1 2 - 6 5 4 6 } \r b r > - [ n e t ] t u n : f i x i o c t l ( ) b a s e d i n f o l e a k s ( T h o m a s G r a f ) [ 9 2 2 3 4 9 ] { C V E - 2 0 1 2 - 6 5 4 7 } \r b r > - [ n e t ] l l c , z e r o s o c k a d d r _ l l c s t r u c t ( T h o m a s G r a f ) [ 9 2 2 3 2 9 ] { C V E - 2 0 1 2 - 6 5 4 2 } \r b r > - [ n e t ] l l c : f i x i n f o l e a k v i a g e t s o c k n a m e ( ) ( T h o m a s G r a f ) [ 9 2 2 3 2 9 ] { C V E - 2 0 1 2 - 6 5 4 2 } \r b r > - [ n e t ] x f r m _ u s e r : r e t u r n e r r o r p o i n t e r i n s t e a d o f N U L L ( T h o m a s G r a f ) [ 9 1 9 3 8 7 ] { C V E - 2 0 1 3 - 1 8 2 6 } \r b r > - [ k e r n e l ] w a i t _ f o r _ h e l p e r : S I G C H L D f r o m u / s c a u s e u s e - a f t e r - f r e e ( F r a n t i s e k H r b a t a ) [ 8 5 8 7 5 3 ] { C V E - 2 0 1 2 - 4 3 9 8 } \r b r > - [ k e r n e l ] F i x _ _ _ _ c a l l _ u s e r m o d e h e l p e r e r r s b e i n g s i l e n t l y i g n o r e d ( F r a n t i s e k H r b a t a ) [ 8 5 8 7 5 3 ] { C V E - 2 0 1 2 - 4 3 9 8 } \r b r > - [ k e r n e l ] w a i t _ f o r _ h e l p e r : r e m o v e u n n e e d e d d o _ s i g a c t i o n ( ) ( F r a n t i s e k H r b a t a ) [ 8 5 8 7 5 3 ] { C V E - 2 0 1 2 - 4 3 9 8 } \r b r > - [ k e r n e l ] k m o d : a v o i d d e a d l o c k f r o m r e c u r s i v e k m o d c a l l ( F r a n t i s e k H r b a t a ) [ 8 5 8 7 5 3 ] { C V E - 2 0 1 2 - 4 3 9 8 } \r b r > - [ k e r n e l ] k m o d : m a k e r e q u e s t _ m o d u l e ( ) k i l l a b l e ( F r a n t i s e k H r b a t a ) [ 8 5 8 7 5 3 ] { C V E - 2 0 1 2 - 4 3 9 8 } \r b r > - [ n e t ] i x g b e v f : a l l o c a t e r o o m f o r m a i l b o x M S I - X i n t e r r u p t ' s n a m e ( L a s z l o E r s e k ) [ 8 6 2 8 6 2 ] \r b r > - [ f s ] k n f s d : a l l o w n f s d R E A D D I R t o r e t u r n 6 4 b i t c o o k i e s ( N i e l s d e V o s ) [ 9 1 8 9 5 2 ] \r b r > \r b r > [ 2 . 6 . 1 8 - 3 5 2 ] \r b r > - [ u t r a c e ] e n s u r e a r c h _ p t r a c e ( ) c a n n e v e r r a c e w i t h S I G K I L L ( O l e g N e s t e r o v ) [ 9 1 2 0 7 2 ] { C V E - 2 0 1 3 - 0 8 7 1 } \r b r > - [ x 8 6 ] m s r : A d d c a p a b i l i t i e s c h e c k ( N i k o l a P a j k o v s k y ) [ 9 0 8 6 9 7 ] { C V E - 2 0 1 3 - 0 2 6 8 } \r b r > \r b r > [ 2 . 6 . 1 8 - 3 5 1 ] \r b r > - [ m i s c ] t a i n t e d f l a g s , f i x b u f f e r s i z e ( P r a r i t B h a r g a v a ) [ 9 0 1 5 4 7 ] \r b r > - [ n e t ] b e 2 n e t : f i x u n c o n d i t i o n a l l y r e t u r n i n g I R Q _ H A N D L E D i n I N T x ( I v a n V e c e r a ) [ 8 7 8 3 1 6 ] \r b r > - [ n e t ] b e 2 n e t : f i x I N T x I S R f o r i n t e r r u p t b e h a v i o u r o n B E 2 ( I v a n V e c e r a ) [ 8 7 8 3 1 6 ] \r b r > - [ n e t ] b e 2 n e t : f i x a p o s s i b l e e v e n t s _ g e t ( ) r a c e o n B E 2 ( I v a n V e c e r a ) [ 8 7 8 3 1 6 ] \r b r > \r b r > [ 2 . 6 . 1 8 - 3 5 0 ] \r b r > - [ f i r m w a r e ] E x p a n d k e r n e l b o o t - t i m e s t o r a g e f o r D M I t a b l e s t r u c t s ( L e n n y S z u b o w i c z ) [ 8 6 2 8 6 5 ] \r b r > - [ f s ] u d f : F o r t i f y l o a d i n g o f s p a r i n g t a b l e ( N i k o l a P a j k o v s k y ) [ 8 4 3 1 4 1 ] { C V E - 2 0 1 2 - 3 4 0 0 } \r b r > - [ f s ] u d f : I m p r o v e t a b l e l e n g t h c h e c k t o a v o i d p o s s i b l e o v e r f l o w ( N i k o l a P a j k o v s k y ) [ 8 4 3 1 4 1 ] { C V E - 2 0 1 2 - 3 4 0 0 } \r b r > - [ f s ] u d f : A v o i d r u n a w a y l o o p w h e n p a r t i t i o n t a b l e i s c o r r u p t e d ( N i k o l a P a j k o v s k y ) [ 8 4 3 1 4 1 ] { C V E - 2 0 1 2 - 3 4 0 0 } \r b r > \r b r > [ 2 . 6 . 1 8 - 3 4 9 ] \r b r > - [ p c i ] i n t e l - i o m m u : r e d u c e m a x n u m o f d o m a i n s s u p p o r t e d ( D o n D u t i l e ) [ 8 8 5 1 2 5 ] \r b r > - [ f s ] g f s 2 : F i x l e a k o f c a c h e d d i r e c t o r y h a s h t a b l e ( S t e v e n W h i t e h o u s e ) [ 8 3 1 3 3 0 ] \r b r > - [ x 8 6 ] m m : r a n d o m i z e S H L I B _ B A S E ( P e t r M a t o u s e k ) [ 8 0 4 9 5 4 ] { C V E - 2 0 1 2 - 1 5 6 8 } \r b r > - [ n e t ] b e 2 n e t : c r e a t e R S S r i n g s e v e n i n m u l t i - c h a n n e l c o n f i g s ( I v a n V e c e r a ) [ 8 7 8 2 0 9 ] \r b r > - [ n e t ] t g 3 : A v o i d d m a r e a d e r r o r ( J o h n F e e n e y ) [ 8 7 7 4 7 4 ] \r b r > - [ m i s c ] F i x u n s u p p o r t e d h a r d w a r e m e s s a g e ( P r a r i t B h a r g a v a ) [ 8 7 6 5 8 7 ] \r b r > - [ n e t ] i p v 6 : d i s c a r d o v e r l a p p i n g f r a g m e n t ( J i r i P i r k o ) [ 8 7 4 8 3 8 ] { C V E - 2 0 1 2 - 4 4 4 4 } \r b r > - [ u s b ] F i x s e r i a l p o r t r e f e r e n c e c o u n t i n g o n h o t p l u g r e m o v e ( D o n Z i c k u s ) [ 8 4 5 4 4 7 ] \r b r > - [ n e t ] b r i d g e : e x p o r t i t s p r e s e n c e a n d f i x b o n d i n g i g m p r e p o r t i n g ( V e a c e s l a v F a l i c o ) [ 8 4 3 4 7 3 ] \r b r > - [ f s ] n f s : m o v e w a i t f o r s e r v e r - > a c t i v e f r o m p u t _ s u p e r t o k i l l _ s b ( J e f f L a y t o n ) [ 8 3 9 8 3 9 ] \r b r > - [ s c s i ] l i b f c : f i x i n d e f i n i t e r p o r t r e s t a r t ( N e i l H o r m a n ) [ 5 9 5 1 8 4 ] \r b r > - [ s c s i ] l i b f c : R e t r y a r e j e c t e d P R L I r e q u e s t ( N e i l H o r m a n ) [ 5 9 5 1 8 4 ] \r b r > - [ s c s i ] l i b f c : F i x r e m o t e p o r t r e s t a r t p r o b l e m ( N e i l H o r m a n ) [ 5 9 5 1 8 4 ] \r b r > - [ x e n ] m e m o p : l i m i t g u e s t s p e c i f i e d e x t e n t o r d e r ( L a s z l o E r s e k ) [ 8 7 8 4 5 0 ] { C V E - 2 0 1 2 - 5 5 1 5 } \r b r > - [ x e n ] g e t b o t t o m o f E B D A f r o m t h e m u l t i b o o t d a t a s t r u c t u r e ( P a o l o B o n z i n i ) [ 8 8 1 8 8 5 ] \r b r > / p > \n \n \n b r > h 2 > R e l a t e d C V E s / h 2 > \n b r > t a b l e c e l l p a d d i n g = \" 2 \" c e l l s p a c i n g = \" 2 \" b o r d e r = \" 0 \" w i d t h = \" 1 0 0 % \" > t b o d y > \n t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 2 - 4 3 9 8 . h t m l \" > C V E - 2 0 1 2 - 4 3 9 8 / a > / t d > / t r > \n / t b o d y > / t a b l e > \n \n b r > h 2 > U p d a t e d P a c k a g e s / h 2 > \n b r > t a b l e c e l l p a d d i n g = \" 2 \" c e l l s p a c i n g = \" 2 \" b o r d e r = \" 0 \" w i d t h = \" 1 0 0 % \" > t b o d y > \n t r s t y l e = \" c o l o r : # F F 0 0 0 0 ; \" > t d > b > R e l e a s e / A r c h i t e c t u r e / b > t d > b > F i l e n a m e / b > / t d > t d > b > M D 5 s u m / b > / t d > t d > b > S u p e r s e d e d B y A d v i s o r y / b > / t d > / t r > \n t r > t d c o l s p a n = \" 4 \" > / t d > / t r > t r > t d > O r a c l e L i n u x 5 ( i 3 8 6 ) / t d > t d > k e r n e l - 2 . 6 . 1 8 - 3 7 1 . e l 5 . s r c . r p m / t d > t d > 0 5 f 1 0 a 5 d c 1 6 e a 6 e 0 7 3 3 8 0 7 a c 6 9 7 8 3 9 f e / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > o c f s 2 - 2 . 6 . 1 8 - 3 7 1 . e l 5 - 1 . 4 . 1 0 - 1 . e l 5 . s r c . r p m / t d > t d > 4 9 a 6 c e 2 e a 3 a 1 3 c 1 0 5 a 1 1 9 6 2 2 4 a 0 0 e 5 2 f / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o r a c l e a s m - 2 . 6 . 1 8 - 3 7 1 . e l 5 - 2 . 0 . 5 - 1 . e l 5 . s r c . r p m / t d > t d > 5 0 5 2 4 7 2 0 3 1 0 3 b b 1 6 1 a b 5 3 e 3 c 8 e a e c 1 0 3 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - 2 . 6 . 1 8 - 3 7 1 . e l 5 . i 6 8 6 . r p m / t d > t d > b c 4 c f b 8 5 c b 3 e 4 7 a 7 4 a 8 6 9 b 8 6 9 8 c d d 2 6 c / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - P A E - 2 . 6 . 1 8 - 3 7 1 . e l 5 . i 6 8 6 . r p m / t d > t d > 2 d c f 0 1 3 3 2 2 e d 6 3 6 1 e b 3 b 7 2 f 2 9 c 7 2 6 e f 0 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - P A E - d e v e l - 2 . 6 . 1 8 - 3 7 1 . e l 5 . i 6 8 6 . r p m / t d > t d > 6 0 6 6 8 c c 7 1 5 4 f 7 f d 9 1 4 c f c 2 6 b 0 e 7 3 2 d d a / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d e b u g - 2 . 6 . 1 8 - 3 7 1 . e l 5 . i 6 8 6 . r p m / t d > t d > 6 9 0 b 8 d 1 a 4 e a f 1 c c 4 6 b b 7 f 2 a c 2 6 0 b 9 c 1 9 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d e b u g - d e v e l - 2 . 6 . 1 8 - 3 7 1 . e l 5 . i 6 8 6 . r p m / t d > t d > 7 5 5 e 4 d 4 c 0 5 9 b b e 3 c 5 a 8 c f 6 0 1 b d d e 0 c d f / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d e v e l - 2 . 6 . 1 8 - 3 7 1 . e l 5 . i 6 8 6 . r p m / t d > t d > a 1 e e 8 e 5 f 6 9 1 e 0 f 9 3 a a 3 4 9 9 e 6 3 0 5 4 6 b f 7 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d o c - 2 . 6 . 1 8 - 3 7 1 . e l 5 . n o a r c h . r p m / t d > t d > a a 1 7 0 3 0 a b 5 5 2 a d b b 1 3 1 9 5 0 f 9 e 3 d 1 8 e 6 f / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - h e a d e r s - 2 . 6 . 1 8 - 3 7 1 . e l 5 . i 3 8 6 . r p m / t d > t d > 4 a f 3 4 7 c 0 7 e 0 5 7 a 5 1 6 2 b 6 0 3 c f e 4 f 0 4 6 a 6 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - x e n - 2 . 6 . 1 8 - 3 7 1 . e l 5 . i 6 8 6 . r p m / t d > t d > 0 e 2 f 5 0 a b 2 8 6 3 c c 3 5 7 7 0 9 3 4 7 a 9 a 5 8 e 7 b a / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - x e n - d e v e l - 2 . 6 . 1 8 - 3 7 1 . e l 5 . i 6 8 6 . r p m / t d > t d > 6 0 a 7 b 3 a 1 1 f 8 4 1 2 4 9 b 0 5 2 9 d f 4 7 9 a 3 3 4 4 0 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > o c f s 2 - 2 . 6 . 1 8 - 3 7 1 . e l 5 - 1 . 4 . 1 0 - 1 . e l 5 . i 6 8 6 . r p m / t d > t d > 6 d 0 e 4 4 f 3 8 b 8 7 4 9 4 e 6 0 c 7 e c a a 3 d f 1 0 0 b d / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o c f s 2 - 2 . 6 . 1 8 - 3 7 1 . e l 5 P A E - 1 . 4 . 1 0 - 1 . e l 5 . i 6 8 6 . r p m / t d > t d > 8 a e 0 3 d 1 c 5 8 7 b 3 6 5 7 d 6 a d d b 9 0 0 3 8 c 5 6 4 4 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o c f s 2 - 2 . 6 . 1 8 - 3 7 1 . e l 5 d e b u g - 1 . 4 . 1 0 - 1 . e l 5 . i 6 8 6 . r p m / t d > t d > 5 8 6 9 b a c e 1 6 d 3 b b 7 c c e f 8 b 5 5 e 8 8 1 e 0 0 6 c / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o c f s 2 - 2 . 6 . 1 8 - 3 7 1 . e l 5 x e n - 1 . 4 . 1 0 - 1 . e l 5 . i 6 8 6 . r p m / t d > t d > 2 b a b 6 5 1 4 4 5 d 5 d 9 1 b 5 0 6 e b 3 1 0 3 e 6 8 2 6 6 9 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o r a c l e a s m - 2 . 6 . 1 8 - 3 7 1 . e l 5 - 2 . 0 . 5 - 1 . e l 5 . i 6 8 6 . r p m / t d > t d > e 8 c 6 b 7 3 e 2 8 4 8 4 5 6 8 7 5 d 4 c 2 c 6 2 7 a c 3 7 8 3 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o r a c l e a s m - 2 . 6 . 1 8 - 3 7 1 . e l 5 P A E - 2 . 0 . 5 - 1 . e l 5 . i 6 8 6 . r p m / t d > t d > f 4 c 4 e 7 1 e 5 2 3 c 4 f 4 9 1 1 b b 8 5 7 7 8 7 3 8 8 2 d 4 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o r a c l e a s m - 2 . 6 . 1 8 - 3 7 1 . e l 5 d e b u g - 2 . 0 . 5 - 1 . e l 5 . i 6 8 6 . r p m / t d > t d > 8 e d 0 2 c c 1 2 9 6 b c 6 5 6 8 7 c a e f e 0 a b 7 b b 0 2 d / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o r a c l e a s m - 2 . 6 . 1 8 - 3 7 1 . e l 5 x e n - 2 . 0 . 5 - 1 . e l 5 . i 6 8 6 . r p m / t d > t d > 7 9 e d 3 a 9 3 9 a 0 4 4 4 f 3 8 3 5 d 2 8 f 6 d 5 3 1 6 2 f 2 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d c o l s p a n = \" 4 \" > / t d > / t r > t r > t d > O r a c l e L i n u x 5 ( i a 6 4 ) / t d > t d > k e r n e l - 2 . 6 . 1 8 - 3 7 1 . e l 5 . s r c . r p m / t d > t d > 0 5 f 1 0 a 5 d c 1 6 e a 6 e 0 7 3 3 8 0 7 a c 6 9 7 8 3 9 f e / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > o c f s 2 - 2 . 6 . 1 8 - 3 7 1 . e l 5 - 1 . 4 . 1 0 - 1 . e l 5 . s r c . r p m / t d > t d > 4 9 a 6 c e 2 e a 3 a 1 3 c 1 0 5 a 1 1 9 6 2 2 4 a 0 0 e 5 2 f / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o r a c l e a s m - 2 . 6 . 1 8 - 3 7 1 . e l 5 - 2 . 0 . 5 - 1 . e l 5 . s r c . r p m / t d > t d > 5 0 5 2 4 7 2 0 3 1 0 3 b b 1 6 1 a b 5 3 e 3 c 8 e a e c 1 0 3 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - 2 . 6 . 1 8 - 3 7 1 . e l 5 . i a 6 4 . r p m / t d > t d > 1 0 b b f 3 a 1 8 a e 0 e d 7 7 0 9 9 0 8 2 d 7 c f 9 6 b 4 6 3 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d e b u g - 2 . 6 . 1 8 - 3 7 1 . e l 5 . i a 6 4 . r p m / t d > t d > e a d d 9 c b 3 3 3 6 3 0 5 2 2 4 7 0 9 a e 1 1 e 7 5 d d c 1 a / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d e b u g - d e v e l - 2 . 6 . 1 8 - 3 7 1 . e l 5 . i a 6 4 . r p m / t d > t d > b 6 1 c d 8 a 4 6 8 0 9 2 e e d 8 a 2 c b f 5 3 5 c 2 a 5 1 0 7 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d e v e l - 2 . 6 . 1 8 - 3 7 1 . e l 5 . i a 6 4 . r p m / t d > t d > 5 e 9 e 8 b d d 2 7 c 7 5 8 8 c 7 9 e 8 e e d 6 6 f 8 8 b 2 d d / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d o c - 2 . 6 . 1 8 - 3 7 1 . e l 5 . n o a r c h . r p m / t d > t d > a a 1 7 0 3 0 a b 5 5 2 a d b b 1 3 1 9 5 0 f 9 e 3 d 1 8 e 6 f / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - h e a d e r s - 2 . 6 . 1 8 - 3 7 1 . e l 5 . i a 6 4 . r p m / t d > t d > 5 9 1 9 9 9 f 0 4 7 0 4 d b 8 6 7 c 8 9 8 0 0 8 a a 8 6 c d 4 5 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - x e n - 2 . 6 . 1 8 - 3 7 1 . e l 5 . i a 6 4 . r p m / t d > t d > 4 a 6 c 8 4 2 c 2 9 3 d d 9 f f 7 4 f 7 5 d c 1 e 9 6 f 0 a f f / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - x e n - d e v e l - 2 . 6 . 1 8 - 3 7 1 . e l 5 . i a 6 4 . r p m / t d > t d > 9 f 5 a c c 5 4 8 f b e a 7 c b 9 6 e a 9 4 4 1 7 1 6 f f 9 7 d / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > o c f s 2 - 2 . 6 . 1 8 - 3 7 1 . e l 5 - 1 . 4 . 1 0 - 1 . e l 5 . i a 6 4 . r p m / t d > t d > d f 5 d d a c e b c 9 2 0 e e 8 0 1 5 1 8 7 a 1 4 3 1 6 5 1 3 8 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o c f s 2 - 2 . 6 . 1 8 - 3 7 1 . e l 5 d e b u g - 1 . 4 . 1 0 - 1 . e l 5 . i a 6 4 . r p m / t d > t d > f 7 2 c 2 3 c e d 3 b c d f 6 9 0 2 7 0 5 5 0 6 7 4 f 8 b d c 8 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o c f s 2 - 2 . 6 . 1 8 - 3 7 1 . e l 5 x e n - 1 . 4 . 1 0 - 1 . e l 5 . i a 6 4 . r p m / t d > t d > 1 e e d 8 b 3 1 7 e 4 f f f 7 3 8 8 0 c 8 0 6 8 d 6 e 3 8 d f 0 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o r a c l e a s m - 2 . 6 . 1 8 - 3 7 1 . e l 5 - 2 . 0 . 5 - 1 . e l 5 . i a 6 4 . r p m / t d > t d > 0 6 c 1 6 8 3 e 8 c f 9 8 7 2 2 8 d e e c 8 3 6 1 0 d b 1 3 d 6 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o r a c l e a s m - 2 . 6 . 1 8 - 3 7 1 . e l 5 d e b u g - 2 . 0 . 5 - 1 . e l 5 . i a 6 4 . r p m / t d > t d > d d 0 f 7 c 0 7 4 4 9 9 f 1 0 7 7 7 3 7 6 9 b e 8 7 b 6 6 1 5 7 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o r a c l e a s m - 2 . 6 . 1 8 - 3 7 1 . e l 5 x e n - 2 . 0 . 5 - 1 . e l 5 . i a 6 4 . r p m / t d > t d > e 0 0 1 1 b f 1 d c 3 8 0 d 3 8 7 a 7 4 5 b 5 d 6 e e 2 6 4 d 2 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d c o l s p a n = \" 4 \" > / t d > / t r > t r > t d > O r a c l e L i n u x 5 ( x 8 6 _ 6 4 ) / t d > t d > k e r n e l - 2 . 6 . 1 8 - 3 7 1 . e l 5 . s r c . r p m / t d > t d > 0 5 f 1 0 a 5 d c 1 6 e a 6 e 0 7 3 3 8 0 7 a c 6 9 7 8 3 9 f e / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > o c f s 2 - 2 . 6 . 1 8 - 3 7 1 . e l 5 - 1 . 4 . 1 0 - 1 . e l 5 . s r c . r p m / t d > t d > 4 9 a 6 c e 2 e a 3 a 1 3 c 1 0 5 a 1 1 9 6 2 2 4 a 0 0 e 5 2 f / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o r a c l e a s m - 2 . 6 . 1 8 - 3 7 1 . e l 5 - 2 . 0 . 5 - 1 . e l 5 . s r c . r p m / t d > t d > 5 0 5 2 4 7 2 0 3 1 0 3 b b 1 6 1 a b 5 3 e 3 c 8 e a e c 1 0 3 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - 2 . 6 . 1 8 - 3 7 1 . e l 5 . x 8 6 _ 6 4 . r p m / t d > t d > 7 7 a 2 e 6 4 6 2 4 2 f 1 4 4 6 9 9 5 3 5 1 8 4 1 d 1 a e 1 b d / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d e b u g - 2 . 6 . 1 8 - 3 7 1 . e l 5 . x 8 6 _ 6 4 . r p m / t d > t d > a 1 4 b a b d 4 f c 8 6 9 7 0 d 5 a 8 3 3 b 7 e b 2 8 a 8 2 8 b / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d e b u g - d e v e l - 2 . 6 . 1 8 - 3 7 1 . e l 5 . x 8 6 _ 6 4 . r p m / t d > t d > e e e 1 b f 9 5 b 0 b 9 1 b 2 7 c f 4 5 f f 2 b 7 e f d 3 a f b / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d e v e l - 2 . 6 . 1 8 - 3 7 1 . e l 5 . x 8 6 _ 6 4 . r p m / t d > t d > a 9 e 9 9 3 0 b 2 0 3 4 5 1 8 3 d 5 b e 6 f 2 f 0 6 4 b 0 d a e / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d o c - 2 . 6 . 1 8 - 3 7 1 . e l 5 . n o a r c h . r p m / t d > t d > a a 1 7 0 3 0 a b 5 5 2 a d b b 1 3 1 9 5 0 f 9 e 3 d 1 8 e 6 f / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - h e a d e r s - 2 . 6 . 1 8 - 3 7 1 . e l 5 . x 8 6 _ 6 4 . r p m / t d > t d > e 0 9 0 d 7 b 9 e a 7 c e 4 3 a f 9 d f 7 c 3 7 e 8 c 2 4 a 6 7 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - x e n - 2 . 6 . 1 8 - 3 7 1 . e l 5 . x 8 6 _ 6 4 . r p m / t d > t d > b 0 4 9 8 6 1 8 9 4 9 4 5 f 3 e e 3 c 8 7 a 1 1 4 d a 5 a 6 8 3 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - x e n - d e v e l - 2 . 6 . 1 8 - 3 7 1 . e l 5 . x 8 6 _ 6 4 . r p m / t d > t d > f 2 0 4 f 5 8 8 d d 6 9 7 3 9 c c e 7 6 3 a 2 5 a 7 8 f 0 e 8 5 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > o c f s 2 - 2 . 6 . 1 8 - 3 7 1 . e l 5 - 1 . 4 . 1 0 - 1 . e l 5 . x 8 6 _ 6 4 . r p m / t d > t d > d 9 7 1 6 1 b 5 1 2 0 4 0 e c 3 a 8 6 1 d 5 0 d 2 a d b e 2 b 6 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o c f s 2 - 2 . 6 . 1 8 - 3 7 1 . e l 5 d e b u g - 1 . 4 . 1 0 - 1 . e l 5 . x 8 6 _ 6 4 . r p m / t d > t d > 2 8 6 d 7 c d f 7 8 d 1 e e 2 f d 8 8 e a 7 e 1 d 9 d f 8 9 6 5 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o c f s 2 - 2 . 6 . 1 8 - 3 7 1 . e l 5 x e n - 1 . 4 . 1 0 - 1 . e l 5 . x 8 6 _ 6 4 . r p m / t d > t d > b 5 8 a a e f e f 1 5 9 6 f a 0 e 2 4 4 c 9 7 2 f 9 5 d d f b 4 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o r a c l e a s m - 2 . 6 . 1 8 - 3 7 1 . e l 5 - 2 . 0 . 5 - 1 . e l 5 . x 8 6 _ 6 4 . r p m / t d > t d > 7 6 0 c 8 5 5 7 c c f 2 9 0 3 4 9 c c 1 8 8 a 9 f a 0 2 4 8 c a / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o r a c l e a s m - 2 . 6 . 1 8 - 3 7 1 . e l 5 d e b u g - 2 . 0 . 5 - 1 . e l 5 . x 8 6 _ 6 4 . r p m / t d > t d > 1 9 b 2 7 c f d 5 6 6 9 1 4 a c 8 6 f 1 7 d a 1 8 c 7 f d 7 3 1 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o r a c l e a s m - 2 . 6 . 1 8 - 3 7 1 . e l 5 x e n - 2 . 0 . 5 - 1 . e l 5 . x 8 6 _ 6 4 . r p m / t d > t d > c 2 c d 8 3 0 c 4 a 8 b 6 0 6 8 5 1 a e 6 d 2 d 2 8 0 a 5 2 e 6 / t d > t d > a h r e f = # > - / a > / t d > / t r > \n / t b o d y > / t a b l e > \n \n \n b r > b r > \n b r > p > \n T h i s p a g e i s g e n e r a t e d a u t o m a t i c a l l y a n d h a s n o t b e e n c h e c k e d f o r e r r o r s o r o m i s s i o n s . F o r c l a r i f i c a t i o n \n o r c o r r e c t i o n s p l e a s e c o n t a c t t h e a h r e f = \" h t t p s : / / l i n u x . o r a c l e . c o m / \" > O r a c l e L i n u x U L N t e a m / a > / p > \n \n \n \n / d i v > \n ! - - \n / d i v > \n - - > \n / d i v > \n / d i v > \n \n \n d i v i d = \" m c 1 6 \" c l a s s = \" m c 1 6 v 0 \" > \n d i v c l a s s = \" m c 1 6 w 1 \" > \n h 2 > T e c h n i c a l i n f o r m a t i o n / h 2 > \n u l > \n l i > a h r e f = \" h t t p s : / / l i n u x . o r a c l e . c o m / h a r d w a r e - c e r t i f i c a t i o n s \" t a r g e t = \" _ b l a n k \" > O r a c l e L i n u x C e r t i f i e d H a r d w a r e / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / l i b r a r y / e l s p - l i f e t i m e - 0 6 9 3 3 8 . p d f \" > O r a c l e L i n u x S u p p o r t e d R e l e a s e s / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 1 \" > \n h 2 > O r a c l e L i n u x S u p p o r t / h 2 > \n u l > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / t e c h n o l o g i e s / l i n u x / O r a c l e L i n u x S u p p o r t / i n d e x . h t m l \" t a r g e t = \" _ b l a n k \" > O r a c l e L i n u x S u p p o r t / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / p r e m i e r / s e r v e r s - s t o r a g e / o v e r v i e w / i n d e x . h t m l \" t a r g e t = \" _ b l a n k \" > O r a c l e P r e m i e r S u p p o r t f o r S y s t e m s / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / a d v a n c e d - c u s t o m e r - s e r v i c e s / o v e r v i e w / \" > A d v a n c e d C u s t o m e r S e r v i c e s / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 2 \" > \n h 2 > C o n n e c t / h 2 > \n u l > \n l i c l a s s = \" f b i c o n \" > a h r e f = \" h t t p : / / w w w . f a c e b o o k . c o m / o r a c l e l i n u x \" t i t l e = \" F a c e b o o k \" n a m e = \" F a c e b o o k \" t a r g e t = \" _ b l a n k \" i d = \" F a c e b o o k \" > F a c e b o o k / a > / l i > \n l i c l a s s = \" t w i c o n \" > a h r e f = \" h t t p : / / w w w . t w i t t e r . c o m / O r a c l e L i n u x \" t i t l e = \" T w i t t e r \" n a m e = \" T w i t t e r \" t a r g e t = \" _ b l a n k \" i d = \" T w i t t e r \" > T w i t t e r / a > / l i > \n l i c l a s s = \" i n i c o n \" > a h r e f = \" h t t p : / / w w w . l i n k e d i n . c o m / g r o u p s ? g i d = 1 2 0 2 3 8 \" t i t l e = \" L i n k e d I n \" n a m e = \" L i n k e d I n \" t a r g e t = \" _ b l a n k \" i d = \" L i n k e d I n \" > L i n k e d I n / a > / l i > \n l i c l a s s = \" y t i c o n \" > a h r e f = \" h t t p : / / w w w . y o u t u b e . c o m / o r a c l e l i n u x c h a n n e l \" t i t l e = \" Y o u T u b e \" n a m e = \" Y o u T u b e \" t a r g e t = \" _ b l a n k \" i d = \" Y o u T u b e \" > Y o u T u b e / a > / l i > \n l i c l a s s = \" b l o g i c o n \" > a h r e f = \" h t t p : / / b l o g s . o r a c l e . c o m / l i n u x \" t i t l e = \" B l o g \" n a m e = \" B l o g \" > B l o g / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 3 \" > \n h 2 > C o n t a c t U s / h 2 > \n u l > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / c o r p o r a t e / c o n t a c t / g l o b a l - 0 7 0 5 1 1 . h t m l \" > G l o b a l c o n t a c t s / a > / l i > \n l i > O r a c l e 1 - 8 0 0 - 6 3 3 - 0 6 9 1 / l i > \n / u l > \n / d i v > \n / d i v > \n / d i v > \n \n d i v i d = \" m c 0 4 \" c l a s s = \" m c 0 4 v 1 \" > \n d i v c l a s s = \" m c 0 4 w 1 \" > \n a h r e f = \" h t t p : / / o r a c l e . c o m \" > i m g s r c = \" / / w w w . o r a c l e i m g . c o m / a s s e t s / m c 0 4 - f o o t e r - l o g o . p n g \" b o r d e r = \" 0 \" a l t = \" s o f t w a r e . h a r d w a r e . c o m p l e t e \" / > / a > \n / d i v > \n \n d i v c l a s s = \" m c 0 4 w 2 \" > \n a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / s u b s c r i b e / i n d e x . h t m l \" > S u b s c r i b e / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / c o r p o r a t e / e m p l o y m e n t / i n d e x . h t m l \" > C a r e e r s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / c o r p o r a t e / c o n t a c t / i n d e x . h t m l \" > C o n t a c t U s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / c o p y r i g h t . h t m l \" > L e g a l N o t i c e s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / t e r m s . h t m l \" > T e r m s o f U s e / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / p r i v a c y . h t m l \" > Y o u r P r i v a c y R i g h t s / a > \n / d i v > \n / d i v > \n / d i v > \n / b o d y > \n / h t m l > \n ", "published": "2013-10-02T00:00:00", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://linux.oracle.com/errata/ELSA-2013-1348.html", "cvelist": ["CVE-2013-2234", "CVE-2012-6546", "CVE-2013-0871", "CVE-2012-6537", "CVE-2013-2141", "CVE-2012-5515", "CVE-2013-2206", "CVE-2013-0268", "CVE-2012-4444", "CVE-2013-3231", "CVE-2012-3511", "CVE-2013-1826", "CVE-2013-3224", "CVE-2012-6545", "CVE-2013-2147", "CVE-2013-4162", "CVE-2012-6542", "CVE-2013-0153", "CVE-2012-1568", "CVE-2013-0217", "CVE-2013-1929", "CVE-2012-6547", "CVE-2013-2232", "CVE-2012-6544", "CVE-2013-0231", "CVE-2013-3222", "CVE-2012-4398", "CVE-2013-0914", "CVE-2013-2237", "CVE-2013-0216", "CVE-2013-2224", "CVE-2012-3400", "CVE-2013-3235", "CVE-2013-2164"], "lastseen": "2018-04-04T13:04:36"}, {"id": "ELSA-2013-2577", "type": "oraclelinux", "title": "unbreakable enterprise kernel security update", "description": "kernel-uek\n[3.8.13-16.1.1.el6uek]\n- dm snapshot: fix data corruption (Mikulas Patocka) [Orabug: 17617582] {CVE-2013-4299}", "published": "2013-10-23T00:00:00", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://linux.oracle.com/errata/ELSA-2013-2577.html", "cvelist": ["CVE-2013-4299"], "lastseen": "2016-09-04T11:17:01"}, {"id": "ELSA-2013-2576", "type": "oraclelinux", "title": "unbreakable enterprise kernel security update", "description": "[2.6.39-400.209.2]\n- dm snapshot: fix data corruption (Mikulas Patocka) [Orabug: 17618492] {CVE-2013-4299}", "published": "2013-10-18T00:00:00", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://linux.oracle.com/errata/ELSA-2013-2576.html", "cvelist": ["CVE-2013-4299"], "lastseen": "2016-09-04T11:16:48"}, {"id": "ELSA-2013-1436", "type": "oraclelinux", "title": "kernel security and bug fix update", "description": "[2.6.32-358.23.2]\n- [md] dm-snapshot: fix data corruption (Mikulas Patocka) [1004252 1004233] {CVE-2013-4299}\n[2.6.32-358.23.1]\n- [md] raid1, raid10: use freeze_array in place of raise_barrier in various places (Jes Sorensen) [1003765 997845]\n- [scsi] megaraid_sas: megaraid_sas driver init fails in kdump kernel (Nikola Pajkovsky) [1001963 833299]\n- [char] ipmi: eliminate long delay in ipmi_si on SGI UV2 (Nikola Pajkovsky) [988228 876778]\n- [net] bridge: Add multicast_querier toggle and disable queries by default (Nikola Pajkovsky) [995334 905561]\n- [net] bridge: Fix fatal typo in setup of multicast_querier_expired (Nikola Pajkovsky) [995334 905561]\n- [net] bridge: Restart queries when last querier expires (Nikola Pajkovsky) [995334 905561]\n- [net] bridge: Add br_multicast_start_querier (Flavio Leitner) [995334 905561]\n- [kernel] Prevent RT process stall due to missing upstream scheduler bug fix (Larry Woodman) [1006932 1002765]\n- [fs] nfs: Minor cleanups for nfs4_handle_exception and nfs4_async_handle_error (Dave Wysochanski) [1006956 998752]\n- [firmware] efivars: Use correct efi_pstore_info struct when calling pstore_register (Lenny Szubowicz) [993547 867689]\n- [net] bridge: do not call setup_timer() multiple times (Amerigo Wang) [997746 994430]\n- [fs] lockd: protect nlm_blocked list (David Jeffery) [993544 967095]\n- [net] ipv6: call udp_push_pending_frames when uncorking a socket with AF_INET pending data (Jiri Benc) [987649 987651] {CVE-2013-4162}\n- [fs] fuse: readdirplus sanity checks (Niels de Vos) [988708 981741]\n- [fs] fuse: readdirplus cleanup (Niels de Vos) [988708 981741]\n- [fs] fuse: readdirplus change attributes once (Niels de Vos) [988708 981741]\n- [fs] fuse: readdirplus fix instantiate (Niels de Vos) [988708 981741]\n- [fs] fuse: fix readdirplus dentry leak (Niels de Vos) [988708 981741]\n- [fs] cifs: fix issue mounting of DFS ROOT when redirecting from one domain controller to the next (Sachin Prabhu) [994866 976535]\n- [fs] nfs: Make nfs_readdir revalidate less often (Scott Mayhew) [994867 976879]\n- [fs] nfs: Make nfs_attribute_cache_expired() non-static (Scott Mayhew) [994867 976879]\n- [fs] nfs: set verifier on existing dentries in nfs_prime_dcache (Scott Mayhew) [994867 976879]\n- [fs] nfs: Allow nfs_updatepage to extend a write under additional circumstances (Scott Mayhew) [987262 983288]\n- [fs] nfs: fix a leak at nfs_lookup_revalidate() (Dave Wysochanski) [987261 975211]\n- [acpi] efivars: If pstore_register fails, free unneeded pstore buffer (Lenny Szubowicz) [993547 867689]\n- [acpi] Eliminate console msg if pstore.backend excludes ERST (Lenny Szubowicz) [993547 867689]\n- [acpi] Return unique error if backend registration excluded by kernel param (Lenny Szubowicz) [993547 867689]\n- [net] bridge: fix some kernel warning in multicast timer (Amerigo Wang) [997745 952012]\n- [net] bridge: send query as soon as leave is received (Amerigo Wang) [997745 952012]\n- [net] bridge: only expire the mdb entry when query is received (Amerigo Wang) [997745 952012]\n- [net] bridge: Replace mp->mglist hlist with a bool (Amerigo Wang) [997745 952012]\n- [mm] fadvise: drain all pagevecs if POSIX_FADV_DONTNEED fails to discard all pages (Larry Woodman) [994140 957821]\n- [net] sunrpc: don't use a credential with extra groups (Mateusz Guzik) [1003931 955712]\n- [virt] xen-netfront: reduce gso_max_size to account for max TCP header (Andrew Jones) [1004657 957231]\n- [pps] Fix a use-after free bug when unregistering a source (Jiri Benc) [997916 920155]\n- [scsi] fnic: Fix SGEs limit (Chris Leech) [991346 829506]\n[2.6.32-358.22.1]\n- [x86] Round the calculated scale factor in set_cyc2ns_scale() (Prarit Bhargava) [1001954 975507]\n- [x86] sched: Fix overflow in cyc2ns_offset (Prarit Bhargava) [1001954 975507]\n[2.6.32-358.21.1]\n- [fs] autofs: remove autofs dentry mount check (Ian Kent) [1000314 947275]\n- [net] sctp: Fix list corruption resulting from freeing an association on a list (Jiri Pirko) [1002184 887868]\n[2.6.32-358.20.1]\n- [fs] nfs: Add functionality to allow waiting on all outstanding reads to complete (Dave Wysochanski) [996424 976915]\n- [fs] nfs: Ensure that NFS file unlock waits for readahead to complete (Dave Wysochanski) [996424 976915]\n- [fs] nfs: Convert nfs_get_lock_context to return an ERR_PTR on failure (Dave Wysochanski) [996424 976915]\n- [x86] thermal: Disable power limit notification interrupt (Shyam Iyer) [999328 908990]\n- [x86] thermal: Delete power-limit-notification console messages (Shyam Iyer) [999328 908990]\n[2.6.32-358.19.1]\n- [fs] gfs2: Reserve journal space for quota change in do_grow (Robert S Peterson) [988384 976823]\n- [netdrv] bonding: properly unset current_arp_slave on slave link up (Veaceslav Falico) [995458 988460]\n- [fs] nfs4: Fix infinite loop in nfs4_lookup_root (Scott Mayhew) [996014 987426]", "published": "2013-10-16T00:00:00", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://linux.oracle.com/errata/ELSA-2013-1436.html", "cvelist": ["CVE-2013-4162", "CVE-2013-4299"], "lastseen": "2016-09-04T11:16:25"}, {"id": "ELSA-2013-2575", "type": "oraclelinux", "title": "unbreakable enterprise kernel security update", "description": "kernel-uek\n[2.6.32-400.33.2]\n- dm snapshot: fix data corruption (Mikulas Patocka) [Orabug: 17618900] {CVE-2013-4299}\n- ipv6: call udp_push_pending_frames when uncorking a socket with AF_INET pending data (Hannes Frederic Sowa) [Orabug: 17618897] {CVE-2013-4162}", "published": "2013-10-18T00:00:00", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://linux.oracle.com/errata/ELSA-2013-2575.html", "cvelist": ["CVE-2013-4162", "CVE-2013-4299"], "lastseen": "2016-09-04T11:17:09"}, {"id": "ELSA-2013-1790", "type": "oraclelinux", "title": "kernel security and bug fix update", "description": "kernel\n[2.6.18-371.3.1]\n- [net] be2net: don't use GRO for packets w/ re-inserted VLAN tags (Ivan Vecera) [1023348 1008691]\n- [net] tg3: call pci_enable_wake() to set power state (John Feeney) [1014973 996331]\n- [misc] backport fixes for percpu-rw-semaphore (Mikulas Patocka) [1014715 867997]\n- [xen] information leak via I/O instruction emulation (Igor Mammedov) [1009602 1009603] {CVE-2013-4355}\n[2.6.18-371.2.1]\n- [scsi] mpt2sas: bump version (Tomas Henzl) [1018458 956330]\n- [scsi] mpt2sas: fix the incorrect scsi_dma_map error checking (Tomas Henzl) [1018458 956330]\n- [xen] x86: check segment descriptor read result in 64-bit OUTS emulation (Radim Krcmar) [1012958 1012959] {CVE-2013-4368}\n- [md] dm snapshot: fix data corruption (Mikulas Patocka) [1004734 975353] {CVE-2013-4299}", "published": "2013-12-05T00:00:00", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://linux.oracle.com/errata/ELSA-2013-1790.html", "cvelist": ["CVE-2013-4368", "CVE-2013-4299", "CVE-2013-4355"], "lastseen": "2016-09-04T11:16:54"}, {"id": "ELSA-2013-1449", "type": "oraclelinux", "title": "kernel security and bug fix update", "description": "kernel\n[2.6.18-371.1.2]\n- [xen] x86: check segment descriptor read result in 64-bit OUTS emulation (Radim Krcmar) [1012958 1012959] {CVE-2013-4368}\n- [md] dm snapshot: fix data corruption (Mikulas Patocka) [1004734 975353] {CVE-2013-4299}\n[2.6.18-371.1.1]\n- [crypto] ansi_cprng fix off by one err in non-block size request (Neil Horman) [1007692 1007693] {CVE-2013-4345}\n- [fs] gfs2: yield() in shrinker to allow glock_workqueues to run (Abhijith Das) [1014714 928518]\n- [net] ipv6: ipv6_create_tempaddr cleanup (Petr Holasek) [999361 999362] {CVE-2013-0343}\n- [net] ipv6: remove max_addresses check from ipv6_create_tempaddr (Petr Holasek) [999361 999362] {CVE-2013-0343}", "published": "2013-10-22T00:00:00", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://linux.oracle.com/errata/ELSA-2013-1449.html", "cvelist": ["CVE-2013-4345", "CVE-2013-4368", "CVE-2013-0343", "CVE-2013-4299"], "lastseen": "2016-09-04T11:16:41"}], "vmware": [{"id": "VMSA-2013-0015", "type": "vmware", "title": "VMware ESX updates to third party libraries", "description": "a. Update to ESX service console kernel \n\n\nThe ESX service console kernel is updated to resolve multiple \nsecurity issues.\n\nThe Common Vulnerabilities and Exposures project (cve.mitre.org) \nhas assigned the names CVE-2012-2372, CVE-2012-3552, CVE-2013-2147, \nCVE-2013-2164, CVE-2013-2206, CVE-2013-2224, CVE-2013-2234, \nCVE-2013-2237, CVE-2013-2232 to these issues. \n \nColumn 4 of the following table lists the action required to \nremediate the vulnerability in each release, if a solution is \navailable. \n \n\n", "published": "2013-12-05T00:00:00", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.vmware.com/security/advisories/VMSA-2013-0015.html", "cvelist": ["CVE-2013-2234", "CVE-2013-2206", "CVE-2013-0791", "CVE-2013-2147", "CVE-2013-2232", "CVE-2013-2237", "CVE-2012-3552", "CVE-2013-2224", "CVE-2012-2372", "CVE-2013-2164", "CVE-2013-1620"], "lastseen": "2016-09-04T11:19:35"}], "debian": [{"id": "DSA-2906", "type": "debian", "title": "linux-2.6 -- privilege escalation/denial of service/information leak", "description": "Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leak or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems:\n\n * [CVE-2013-0343](<https://security-tracker.debian.org/tracker/CVE-2013-0343>)\n\nGeorge Kargiotakis reported an issue in the temporary address handling of the IPv6 privacy extensions. Users on the same LAN can cause a denial of service or obtain access to sensitive information by sending router advertisement messages that cause temporary address generation to be disabled.\n\n * [CVE-2013-2147](<https://security-tracker.debian.org/tracker/CVE-2013-2147>)\n\nDan Carpenter reported issues in the cpqarray driver for Compaq Smart2 Controllers and the cciss driver for HP Smart Array controllers allowing users to gain access to sensitive kernel memory.\n\n * [CVE-2013-2889](<https://security-tracker.debian.org/tracker/CVE-2013-2889>)\n\nKees Cook discovered missing input sanitization in the HID driver for Zeroplus game pads that could lead to a local denial of service.\n\n * [CVE-2013-2893](<https://security-tracker.debian.org/tracker/CVE-2013-2893>)\n\nKees Cook discovered that missing input sanitization in the HID driver for various Logitech force feedback devices could lead to a local denial of service.\n\n * [CVE-2013-2929](<https://security-tracker.debian.org/tracker/CVE-2013-2929>)\n\nVasily Kulikov discovered that a flaw in the get_dumpable() function of the ptrace subsytsem could lead to information disclosure. Only systems with the fs.suid_dumpable sysctl set to a non-default value of 2 are vulnerable.\n\n * [CVE-2013-4162](<https://security-tracker.debian.org/tracker/CVE-2013-4162>)\n\nHannes Frederic Sowa discovered that incorrect handling of IPv6 sockets using the UDP_CORK option could result in denial of service.\n\n * [CVE-2013-4299](<https://security-tracker.debian.org/tracker/CVE-2013-4299>)\n\nFujitsu reported an issue in the device-mapper subsystem. Local users could gain access to sensitive kernel memory.\n\n * [CVE-2013-4345](<https://security-tracker.debian.org/tracker/CVE-2013-4345>)\n\nStephan Mueller found in bug in the ANSI pseudo random number generator which could lead to the use of less entropy than expected.\n\n * [CVE-2013-4512](<https://security-tracker.debian.org/tracker/CVE-2013-4512>)\n\nNico Golde and Fabian Yamaguchi reported an issue in the user mode linux port. A buffer overflow condition exists in the write method for the /proc/exitcode file. Local users with sufficient privileges allowing them to write to this file could gain further elevated privileges.\n\n * [CVE-2013-4587](<https://security-tracker.debian.org/tracker/CVE-2013-4587>)\n\nAndrew Honig of Google reported an issue in the KVM virtualization subsystem. A local user could gain elevated privileges by passing a large vcpu_id parameter.\n\n * [CVE-2013-6367](<https://security-tracker.debian.org/tracker/CVE-2013-6367>)\n\nAndrew Honig of Google reported an issue in the KVM virtualization subsystem. A divide-by-zero condition could allow a guest user to cause a denial of service on the host (crash).\n\n * [CVE-2013-6380](<https://security-tracker.debian.org/tracker/CVE-2013-6380>)\n\nMahesh Rajashekhara reported an issue in the aacraid driver for storage products from various vendors. Local users with CAP_SYS_ADMIN privileges could gain further elevated privileges.\n\n * [CVE-2013-6381](<https://security-tracker.debian.org/tracker/CVE-2013-6381>)\n\nNico Golde and Fabian Yamaguchi reported an issue in the Gigabit Ethernet device support for s390 systems. Local users could cause a denial of service or gain elevated privileges via the SIOC_QETH_ADP_SET_SNMP_CONTROL ioctl.\n\n * [CVE-2013-6382](<https://security-tracker.debian.org/tracker/CVE-2013-6382>)\n\nNico Golde and Fabian Yamaguchi reported an issue in the XFS filesystem. Local users with CAP_SYS_ADMIN privileges could gain further elevated privileges.\n\n * [CVE-2013-6383](<https://security-tracker.debian.org/tracker/CVE-2013-6383>)\n\nDan Carpenter reported an issue in the aacraid driver for storage devices from various vendors. A local user could gain elevated privileges due to a missing privilege level check in the aac_compat_ioctl function.\n\n * [CVE-2013-7263](<https://security-tracker.debian.org/tracker/CVE-2013-7263>) [CVE-2013-7264](<https://security-tracker.debian.org/tracker/CVE-2013-7264>) [CVE-2013-7265](<https://security-tracker.debian.org/tracker/CVE-2013-7265>)\n\nmpb reported an information leak in the recvfrom, recvmmsg and recvmsg system calls. A local user could obtain access to sensitive kernel memory.\n\n * [CVE-2013-7339](<https://security-tracker.debian.org/tracker/CVE-2013-7339>)\n\nSasha Levin reported an issue in the RDS network protocol over Infiniband. A local user could cause a denial of service condition.\n\n * [CVE-2014-0101](<https://security-tracker.debian.org/tracker/CVE-2014-0101>)\n\nNokia Siemens Networks reported an issue in the SCTP network protocol subsystem. Remote users could cause a denial of service (NULL pointer dereference).\n\n * [CVE-2014-1444](<https://security-tracker.debian.org/tracker/CVE-2014-1444>)\n\nSalva Peiro reported an issue in the FarSync WAN driver. Local users with the CAP_NET_ADMIN capability could gain access to sensitive kernel memory.\n\n * [CVE-2014-1445](<https://security-tracker.debian.org/tracker/CVE-2014-1445>)\n\nSalva Peiro reported an issue in the wanXL serial card driver. Local users could gain access to sensitive kernel memory.\n\n * [CVE-2014-1446](<https://security-tracker.debian.org/tracker/CVE-2014-1446>)\n\nSalva Peiro reported an issue in the YAM radio modem driver. Local users with the CAP_NET_ADMIN capability could gain access to sensitive kernel memory.\n\n * [CVE-2014-1874](<https://security-tracker.debian.org/tracker/CVE-2014-1874>)\n\nMatthew Thode reported an issue in the SELinux subsystem. A local user with CAP_MAC_ADMIN privileges could cause a denial of service by setting an empty security context on a file.\n\n * [CVE-2014-2039](<https://security-tracker.debian.org/tracker/CVE-2014-2039>)\n\nMartin Schwidefsky reported an issue on s390 systems. A local user could cause a denial of service (kernel oops) by executing an application with a linkage stack instruction.\n\n * [CVE-2014-2523](<https://security-tracker.debian.org/tracker/CVE-2014-2523>)\n\nDaniel Borkmann provided a fix for an issue in the nf_conntrack_dccp module. Remote users could cause a denial of service (system crash) or potentially gain elevated privileges.\n\nFor the oldstable distribution (squeeze), this problem has been fixed in version 2.6.32-48squeeze5.\n\nThe following matrix lists additional source packages that were rebuilt for compatibility with or to take advantage of this update:\n\n| Debian 6.0 (squeeze) \n---|--- \nuser-mode-linux | 2.6.32-1um-4+48squeeze5 \n \nWe recommend that you upgrade your linux-2.6 and user-mode-linux packages. \n\n**Note**: Debian carefully tracks all known security issues across every linux kernel package in all releases under active security support. However, given the high frequency at which low-severity security issues are discovered in the kernel and the resource requirements of doing an update, updates for lower priority issues will normally not be released for all kernels at the same time. Rather, they will be released in a staggered or leap-frog fashion.", "published": "2014-04-24T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://www.debian.org/security/dsa-2906", "cvelist": ["CVE-2013-4345", "CVE-2013-4512", "CVE-2013-7265", "CVE-2013-6383", "CVE-2013-2929", "CVE-2014-1874", "CVE-2013-2147", "CVE-2013-4162", "CVE-2013-7264", "CVE-2014-1446", "CVE-2013-7339", "CVE-2013-6382", "CVE-2014-2039", "CVE-2013-6367", "CVE-2013-7263", "CVE-2014-1444", "CVE-2013-6380", "CVE-2013-0343", "CVE-2013-4587", "CVE-2013-6381", "CVE-2014-1445", "CVE-2014-2523", "CVE-2014-0101", "CVE-2013-4299", "CVE-2013-2889", "CVE-2013-2893"], "lastseen": "2016-09-02T18:27:10"}], "suse": [{"id": "SUSE-SU-2015:0812-1", "type": "suse", "title": "Security update for Linux Kernel (important)", "description": "The SUSE Linux Enterprise 10 SP4 LTSS kernel was updated to receive\n various security and bugfixes.\n\n The following security bugs have been fixed:\n\n * CVE-2015-2041: A information leak in the llc2_timeout_table was\n fixed (bnc#919007).\n * CVE-2014-9322: arch/x86/kernel/entry_64.S in the Linux kernel did\n not properly handle faults associated with the Stack Segment (SS)\n segment register, which allowed local users to gain privileges by\n triggering an IRET instruction that leads to access to a GS Base\n address from the wrong space (bnc#910251).\n * CVE-2014-9090: The do_double_fault function in\n arch/x86/kernel/traps.c in the Linux kernel did not properly handle\n faults associated with the Stack Segment (SS) segment register,\n which allowed local users to cause a denial of service (panic) via a\n modify_ldt system call, as demonstrated by sigreturn_32 in the\n 1-clock-tests test suite (bnc#907818).\n * CVE-2014-4667: The sctp_association_free function in\n net/sctp/associola.c in the Linux kernel did not properly manage a\n certain backlog value, which allowed remote attackers to cause a\n denial of service (socket outage) via a crafted SCTP packet\n (bnc#885422).\n * CVE-2014-3673: The SCTP implementation in the Linux kernel allowed\n remote attackers to cause a denial of service (system crash) via a\n malformed ASCONF chunk, related to net/sctp/sm_make_chunk.c and\n net/sctp/sm_statefuns.c (bnc#902346).\n * CVE-2014-3185: Multiple buffer overflows in the\n command_port_read_callback function in\n drivers/usb/serial/whiteheat.c in the Whiteheat USB Serial Driver in\n the Linux kernel allowed physically proximate attackers to execute\n arbitrary code or cause a denial of service (memory corruption and\n system crash) via a crafted device that provides a large amount of\n (1) EHCI or (2) XHCI data associated with a bulk response\n (bnc#896391).\n * CVE-2014-3184: The report_fixup functions in the HID subsystem in\n the Linux kernel might have allowed physically proximate attackers\n to cause a denial of service (out-of-bounds write) via a crafted\n device that provides a small report descriptor, related to (1)\n drivers/hid/hid-cherry.c, (2) drivers/hid/hid-kye.c, (3)\n drivers/hid/hid-lg.c, (4) drivers/hid/hid-monterey.c, (5)\n drivers/hid/hid-petalynx.c, and (6) drivers/hid/hid-sunplus.c\n (bnc#896390).\n * CVE-2014-1874: The security_context_to_sid_core function in\n security/selinux/ss/services.c in the Linux kernel allowed local\n users to cause a denial of service (system crash) by leveraging the\n CAP_MAC_ADMIN capability to set a zero-length security context\n (bnc#863335).\n * CVE-2014-0181: The Netlink implementation in the Linux kernel did\n not provide a mechanism for authorizing socket operations based on\n the\n opener of a socket, which allowed local users to bypass intended\n access restrictions and modify network configurations by using a Netlink\n socket for the (1) stdout or (2) stderr of a setuid program (bnc#875051).\n * CVE-2013-4299: Interpretation conflict in\n drivers/md/dm-snap-persistent.c in the Linux kernel allowed remote\n authenticated users to obtain sensitive information or modify data\n via a crafted mapping to a snapshot block device (bnc#846404).\n * CVE-2013-2147: The HP Smart Array controller disk-array driver and\n Compaq SMART2 controller disk-array driver in the Linux kernel did\n not initialize certain data structures, which allowed local users to\n obtain sensitive information from kernel memory via (1) a crafted\n IDAGETPCIINFO command for a /dev/ida device, related to the\n ida_locked_ioctl function in drivers/block/cpqarray.c or (2) a crafted\n CCISS_PASSTHRU32 command for a /dev/cciss device, related to the\n cciss_ioctl32_passthru function in drivers/block/cciss.c (bnc#823260).\n * CVE-2012-6657: The sock_setsockopt function in net/core/sock.c in\n the Linux kernel did not ensure that a keepalive action is\n associated with a stream socket, which allowed local users to cause\n a denial of service (system crash) by leveraging the ability to\n create a raw socket (bnc#896779).\n * CVE-2012-3400: Heap-based buffer overflow in the udf_load_logicalvol\n function in fs/udf/super.c in the Linux kernel allowed remote\n attackers to cause a denial of service (system crash) or possibly\n have unspecified other impact via a crafted UDF filesystem\n (bnc#769784).\n * CVE-2012-2319: Multiple buffer overflows in the hfsplus filesystem\n implementation in the Linux kernel allowed local users to gain\n privileges via a crafted HFS plus filesystem, a related issue to\n CVE-2009-4020 (bnc#760902).\n * CVE-2012-2313: The rio_ioctl function in\n drivers/net/ethernet/dlink/dl2k.c in the Linux kernel did not\n restrict access to the SIOCSMIIREG command, which allowed local\n users to write data to an Ethernet adapter via an ioctl call\n (bnc#758813).\n * CVE-2011-4132: The cleanup_journal_tail function in the Journaling\n Block Device (JBD) functionality in the Linux kernel 2.6 allowed\n local users to cause a denial of service (assertion error and kernel\n oops) via an ext3 or ext4 image with an "invalid log first block\n value" (bnc#730118).\n * CVE-2011-4127: The Linux kernel did not properly restrict SG_IO\n ioctl calls, which allowed local users to bypass intended\n restrictions on disk read and write operations by sending a SCSI\n command to (1) a partition block device or (2) an LVM volume\n (bnc#738400).\n * CVE-2011-1585: The cifs_find_smb_ses function in fs/cifs/connect.c\n in the Linux kernel did not properly determine the associations\n between users and sessions, which allowed local users to bypass CIFS\n share authentication by leveraging a mount of a share by a different\n user (bnc#687812).\n * CVE-2011-1494: Integer overflow in the _ctl_do_mpt_command function\n in drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel might have\n allowed local users to gain privileges or cause a denial of service\n (memory corruption) via an ioctl call specifying a crafted value\n that triggers a heap-based buffer overflow (bnc#685402).\n * CVE-2011-1495: drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux\n kernel did not validate (1) length and (2) offset values before\n performing memory copy operations, which might allow local users to\n gain privileges, cause a denial of service (memory corruption), or\n obtain sensitive information from kernel memory via a crafted ioctl\n call, related to the _ctl_do_mpt_command and _ctl_diag_read_buffer\n functions (bnc#685402).\n * CVE-2011-1493: Array index error in the rose_parse_national function\n in net/rose/rose_subr.c in the Linux kernel allowed remote attackers\n to cause a denial of service (heap memory corruption) or possibly\n have unspecified other impact by composing FAC_NATIONAL_DIGIS data\n that specifies a large number of digipeaters, and then sending this\n data to a ROSE socket (bnc#681175).\n * CVE-2011-4913: The rose_parse_ccitt function in net/rose/rose_subr.c\n in the Linux kernel did not validate the FAC_CCITT_DEST_NSAP and\n FAC_CCITT_SRC_NSAP fields, which allowed remote attackers to (1)\n cause a denial of service (integer underflow, heap memory\n corruption, and panic) via a small length value in data sent to a\n ROSE socket, or (2) conduct stack-based buffer overflow attacks via\n a large length value in data sent to a ROSE socket (bnc#681175).\n * CVE-2011-4914: The ROSE protocol implementation in the Linux kernel\n did not verify that certain data-length values are consistent with\n the amount of data sent, which might allow remote attackers to\n obtain sensitive information from kernel memory or cause a denial of\n service (out-of-bounds read) via crafted data to a ROSE socket\n (bnc#681175).\n * CVE-2011-1476: Integer underflow in the Open Sound System (OSS)\n subsystem in the Linux kernel on unspecified non-x86 platforms\n allowed local users to cause a denial of service (memory corruption)\n by leveraging write access to /dev/sequencer (bnc#681999).\n * CVE-2011-1477: Multiple array index errors in sound/oss/opl3.c in\n the Linux kernel allowed local users to cause a denial of service\n (heap memory corruption) or possibly gain privileges by leveraging\n write access to /dev/sequencer (bnc#681999).\n * CVE-2011-1163: The osf_partition function in fs/partitions/osf.c in\n the Linux kernel did not properly handle an invalid number of\n partitions, which might allow local users to obtain potentially\n sensitive information from kernel heap memory via vectors related to\n partition-table parsing (bnc#679812).\n * CVE-2011-1090: The __nfs4_proc_set_acl function in fs/nfs/nfs4proc.c\n in the Linux kernel stored NFSv4 ACL data in memory that is\n allocated by kmalloc but not properly freed, which allowed local\n users to cause a denial of service (panic) via a crafted attempt to\n set an ACL (bnc#677286).\n * CVE-2014-9584: The parse_rock_ridge_inode_internal function in\n fs/isofs/rock.c in the Linux kernel did not validate a length value\n in the Extensions Reference (ER) System Use Field, which allowed\n local users to obtain sensitive information from kernel memory via a\n crafted iso9660 image (bnc#912654).\n * CVE-2014-9420: The rock_continue function in fs/isofs/rock.c in the\n Linux kernel did not restrict the number of Rock Ridge continuation\n entries, which allowed local users to cause a denial of service\n (infinite loop, and system crash or hang) via a crafted iso9660\n image (bnc#911325).\n * CVE-2014-5471: Stack consumption vulnerability in the\n parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the\n Linux kernel allowed local users to cause a denial of service\n (uncontrolled recursion, and system crash or reboot) via a crafted\n iso9660 image with a CL entry referring to a directory entry that\n has a CL entry (bnc#892490).\n * CVE-2014-5472: The parse_rock_ridge_inode_internal function in\n fs/isofs/rock.c in the Linux kernel allowed local users to cause a\n denial of service (unkillable mount process) via a crafted iso9660\n image with a self-referential CL entry (bnc#892490).\n * CVE-2014-3917: kernel/auditsc.c in the Linux kernel, when\n CONFIG_AUDITSYSCALL is enabled with certain syscall rules, allowed\n local users to obtain potentially sensitive single-bit values from\n kernel memory or cause a denial of service (OOPS) via a large value\n of a syscall number (bnc#880484).\n * CVE-2014-4652: Race condition in the tlv handler functionality in\n the snd_ctl_elem_user_tlv function in sound/core/control.c in the\n ALSA control implementation in the Linux kernel allowed local users\n to\n obtain sensitive information from kernel memory by leveraging\n /dev/snd/controlCX access (bnc#883795).\n * CVE-2014-4654: The snd_ctl_elem_add function in sound/core/control.c\n in the ALSA control implementation in the Linux kernel did not check\n authorization for SNDRV_CTL_IOCTL_ELEM_REPLACE commands, which\n allowed local users to remove kernel controls and cause a denial of\n service (use-after-free and system crash) by leveraging\n /dev/snd/controlCX access for an ioctl call (bnc#883795).\n * CVE-2014-4655: The snd_ctl_elem_add function in sound/core/control.c\n in the ALSA control implementation in the Linux kernel did not\n properly maintain the user_ctl_count value, which allowed local\n users to cause a denial of service (integer overflow and limit\n bypass) by leveraging /dev/snd/controlCX access for a large number\n of SNDRV_CTL_IOCTL_ELEM_REPLACE ioctl calls (bnc#883795).\n * CVE-2014-4653: sound/core/control.c in the ALSA control\n implementation in the Linux kernel did not ensure possession of a\n read/write lock, which allowed local users to cause a denial of\n service (use-after-free) and obtain sensitive information from\n kernel memory by leveraging /dev/snd/controlCX access (bnc#883795).\n * CVE-2014-4656: Multiple integer overflows in sound/core/control.c in\n the ALSA control implementation in the Linux kernel allowed local\n users to cause a denial of service by leveraging /dev/snd/controlCX\n access, related to (1) index values in the snd_ctl_add function and\n (2) numid values in the snd_ctl_remove_numid_conflict function\n (bnc#883795).\n\n The following non-security bugs have been fixed:\n\n * usb: class: cdc-acm: Be careful with bInterval (bnc#891844).\n * Fix BUG due to racing lookups with reiserfs extended attribute\n backing directories (bnc#908382).\n * reiserfs: eliminate per-super xattr lock (bnc#908382).\n * reiserfs: eliminate private use of struct file in xattr (bnc#908382).\n * reiserfs: Expand i_mutex to enclose lookup_one_len (bnc#908382).\n * reiserfs: fix up lockdep warnings (bnc#908382).\n * reiserfs: fix xattr root locking/refcount bug (bnc#908382).\n * reiserfs: make per-inode xattr locking more fine grained\n (bnc#908382).\n * reiserfs: remove IS_PRIVATE helpers (bnc#908382).\n * reiserfs: simplify xattr internal file lookups/opens (bnc#908382).\n * netfilter: TCP conntrack: improve dead connection detection\n (bnc#874307).\n * Fix kABI breakage due to addition of user_ctl_lock (bnc#883795).\n * isofs: Fix unchecked printing of ER records.\n * kabi: protect struct ip_ct_tcp for bnc#874307 fix (bnc#874307).\n * s390: fix system hang on shutdown because of sclp_con (bnc#883223).\n * udf: Check component length before reading it.\n * udf: Check path length when reading symlink.\n * udf: Verify i_size when loading inode.\n * udf: Verify symlink size before loading it.\n * x86, 64-bit: Move K8 B step iret fixup to fault entry asm\n (preparatory patch).\n * x86, asm: Flip RESTORE_ARGS arguments logic (preparatory patch).\n * x86, asm: Thin down SAVE/RESTORE_* asm macros (preparatory patch).\n * x86: move dwarf2 related macro to dwarf2.h (preparatory patch).\n * xen: x86, asm: Flip RESTORE_ARGS arguments logic (preparatory patch).\n\n Security Issues:\n\n * CVE-2011-1090\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1090\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1090</a>>\n * CVE-2011-1163\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1163\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1163</a>>\n * CVE-2011-1476\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1476\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1476</a>>\n * CVE-2011-1477\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1477\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1477</a>>\n * CVE-2011-1493\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1493\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1493</a>>\n * CVE-2011-1494\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1494\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1494</a>>\n * CVE-2011-1495\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1495\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1495</a>>\n * CVE-2011-1585\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1585\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1585</a>>\n * CVE-2011-4127\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4127\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4127</a>>\n * CVE-2011-4132\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4132\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4132</a>>\n * CVE-2011-4913\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4913\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4913</a>>\n * CVE-2011-4914\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4914\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4914</a>>\n * CVE-2012-2313\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2313\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2313</a>>\n * CVE-2012-2319\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2319\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2319</a>>\n * CVE-2012-3400\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3400\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3400</a>>\n * CVE-2012-6657\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6657\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6657</a>>\n * CVE-2013-2147\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2147\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2147</a>>\n * CVE-2013-4299\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4299\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4299</a>>\n * CVE-2013-6405\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6405\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6405</a>>\n * CVE-2013-6463\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6463\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6463</a>>\n * CVE-2014-0181\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0181\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0181</a>>\n * CVE-2014-1874\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1874\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1874</a>>\n * CVE-2014-3184\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3184\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3184</a>>\n * CVE-2014-3185\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3185\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3185</a>>\n * CVE-2014-3673\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3673\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3673</a>>\n * CVE-2014-3917\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3917\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3917</a>>\n * CVE-2014-4652\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4652\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4652</a>>\n * CVE-2014-4653\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4653\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4653</a>>\n * CVE-2014-4654\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4654\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4654</a>>\n * CVE-2014-4655\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4655\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4655</a>>\n * CVE-2014-4656\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4656\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4656</a>>\n * CVE-2014-4667\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4667\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4667</a>>\n * CVE-2014-5471\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5471\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5471</a>>\n * CVE-2014-5472\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5472\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5472</a>>\n * CVE-2014-9090\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9090\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9090</a>>\n * CVE-2014-9322\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9322\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9322</a>>\n * CVE-2014-9420\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9420\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9420</a>>\n * CVE-2014-9584\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9584\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9584</a>>\n * CVE-2015-2041\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2041\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2041</a>>\n", "published": "2015-04-30T21:04:52", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html", "cvelist": ["CVE-2011-1476", "CVE-2012-2319", "CVE-2014-9420", "CVE-2014-4655", "CVE-2014-3673", "CVE-2011-1494", "CVE-2014-9090", "CVE-2011-4127", "CVE-2014-1874", "CVE-2014-9322", "CVE-2013-2147", "CVE-2014-4653", "CVE-2014-5472", "CVE-2014-3185", "CVE-2011-4132", "CVE-2012-2313", "CVE-2014-3917", "CVE-2014-4654", "CVE-2011-1495", "CVE-2011-1163", "CVE-2011-4913", "CVE-2009-4020", "CVE-2014-4656", "CVE-2013-6405", "CVE-2011-4914", "CVE-2014-9584", "CVE-2013-6463", "CVE-2014-0181", "CVE-2014-4652", "CVE-2012-6657", "CVE-2011-1477", "CVE-2011-1493", "CVE-2014-5471", "CVE-2015-2041", "CVE-2014-4667", "CVE-2012-3400", "CVE-2011-1090", "CVE-2013-4299", "CVE-2014-3184", "CVE-2011-1585"], "lastseen": "2016-09-04T12:13:42"}, {"id": "SUSE-SU-2014:1693-1", "type": "suse", "title": "Security update for Linux kernel (important)", "description": "The SUSE Linux Enterprise 11 Service Pack 3 kernel has been updated to fix\n various bugs and security issues.\n\n The following security bugs have been fixed:\n\n * CVE-2012-4398: The __request_module function in kernel/kmod.c in the\n Linux kernel before 3.4 did not set a certain killable attribute,\n which allowed local users to cause a denial of service (memory\n consumption) via a crafted application (bnc#779488).\n * CVE-2013-2889: drivers/hid/hid-zpff.c in the Human Interface Device\n (HID) subsystem in the Linux kernel through 3.11, when\n CONFIG_HID_ZEROPLUS is enabled, allowed physically proximate\n attackers to cause a denial of service (heap-based out-of-bounds\n write) via a crafted device (bnc#835839).\n * CVE-2013-2893: The Human Interface Device (HID) subsystem in the\n Linux kernel through 3.11, when CONFIG_LOGITECH_FF,\n CONFIG_LOGIG940_FF, or CONFIG_LOGIWHEELS_FF is enabled, allowed\n physically proximate attackers to cause a denial of service\n (heap-based out-of-bounds write) via a crafted device, related to\n (1) drivers/hid/hid-lgff.c, (2) drivers/hid/hid-lg3ff.c, and (3)\n drivers/hid/hid-lg4ff.c (bnc#835839).\n * CVE-2013-2897: Multiple array index errors in\n drivers/hid/hid-multitouch.c in the Human Interface Device (HID)\n subsystem in the Linux kernel through 3.11, when\n CONFIG_HID_MULTITOUCH is enabled, allowed physically proximate\n attackers to cause a denial of service (heap memory corruption, or\n NULL pointer dereference and OOPS) via a crafted device (bnc#835839).\n * CVE-2013-2899: drivers/hid/hid-picolcd_core.c in the Human Interface\n Device (HID) subsystem in the Linux kernel through 3.11, when\n CONFIG_HID_PICOLCD is enabled, allowed physically proximate\n attackers to cause a denial of service (NULL pointer dereference and\n OOPS) via a crafted device (bnc#835839).\n * CVE-2013-7263: The Linux kernel before 3.12.4 updates certain length\n values before ensuring that associated data structures have been\n initialized, which allowed local users to obtain sensitive\n information from kernel stack memory via a (1) recvfrom, (2)\n recvmmsg, or (3) recvmsg system call, related to net/ipv4/ping.c,\n net/ipv4/raw.c, net/ipv4/udp.c, net/ipv6/raw.c, and net/ipv6/udp.c\n (bnc#853040, bnc#857643).\n * CVE-2014-3181: Multiple stack-based buffer overflows in the\n magicmouse_raw_event function in drivers/hid/hid-magicmouse.c in the\n Magic Mouse HID driver in the Linux kernel through 3.16.3 allowed\n physically proximate attackers to cause a denial of service (system\n crash) or possibly execute arbitrary code via a crafted device that\n provides a large amount of (1) EHCI or (2) XHCI data associated with\n an event (bnc#896382).\n * CVE-2014-3184: The report_fixup functions in the HID subsystem in\n the Linux kernel before 3.16.2 allowed physically proximate\n attackers to cause a denial of service (out-of-bounds write) via a\n crafted device that provides a small report descriptor, related to\n (1) drivers/hid/hid-cherry.c, (2) drivers/hid/hid-kye.c, (3)\n drivers/hid/hid-lg.c, (4) drivers/hid/hid-monterey.c, (5)\n drivers/hid/hid-petalynx.c, and (6) drivers/hid/hid-sunplus.c\n (bnc#896390).\n * CVE-2014-3185: Multiple buffer overflows in the\n command_port_read_callback function in\n drivers/usb/serial/whiteheat.c in the Whiteheat USB Serial Driver in\n the Linux kernel before 3.16.2 allowed physically proximate\n attackers to execute arbitrary code or cause a denial of service\n (memory corruption and system crash) via a crafted device that\n provides a large amount of (1) EHCI or (2) XHCI data associated with\n a bulk response (bnc#896391).\n * CVE-2014-3186: Buffer overflow in the picolcd_raw_event function in\n devices/hid/hid-picolcd_core.c in the PicoLCD HID device driver in\n the Linux kernel through 3.16.3, as used in Android on Nexus 7\n devices, allowed physically proximate attackers to cause a denial of\n service (system crash) or possibly execute arbitrary code via a\n crafted device that sends a large report (bnc#896392).\n * CVE-2014-3601: The kvm_iommu_map_pages function in virt/kvm/iommu.c\n in the Linux kernel through 3.16.1 miscalculated the number of pages\n during the handling of a mapping failure, which allowed guest OS\n users to (1) cause a denial of service (host OS memory corruption)\n or possibly have unspecified other impact by triggering a large gfn\n value or (2) cause a denial of service (host OS memory consumption)\n by triggering a small gfn value that leads to permanently pinned\n pages (bnc#892782).\n * CVE-2014-3610: The WRMSR processing functionality in the KVM\n subsystem in the Linux kernel through 3.17.2 did not properly handle\n the writing of a non-canonical address to a model-specific register,\n which allowed guest OS users to cause a denial of service (host OS\n crash) by leveraging guest OS privileges, related to the\n wrmsr_interception function in arch/x86/kvm/svm.c and the\n handle_wrmsr function in arch/x86/kvm/vmx.c (bnc#899192).\n * CVE-2014-3646: arch/x86/kvm/vmx.c in the KVM subsystem in the Linux\n kernel through 3.17.2 did not have an exit handler for the INVVPID\n instruction, which allowed guest OS users to cause a denial of\n service (guest OS crash) via a crafted application (bnc#899192).\n * CVE-2014-3647: arch/x86/kvm/emulate.c in the KVM subsystem in the\n Linux kernel through 3.17.2 did not properly perform RIP changes,\n which allowed guest OS users to cause a denial of service (guest OS\n crash) via a crafted application (bnc#899192).\n * CVE-2014-3673: The SCTP implementation in the Linux kernel through\n 3.17.2 allowed remote attackers to cause a denial of service (system\n crash) via a malformed ASCONF chunk, related to\n net/sctp/sm_make_chunk.c and net/sctp/sm_statefuns.c (bnc#902346,\n bnc#902349).\n * CVE-2014-4508: arch/x86/kernel/entry_32.S in the Linux kernel\n through 3.15.1 on 32-bit x86 platforms, when syscall auditing is\n enabled and the sep CPU feature flag is set, allowed local users to\n cause a denial of service (OOPS and system crash) via an invalid\n syscall number, as demonstrated by number 1000 (bnc#883724).\n * CVE-2014-4608: * DISPUTED * Multiple integer overflows in the\n lzo1x_decompress_safe function in lib/lzo/lzo1x_decompress_safe.c in\n the LZO decompressor in the Linux kernel before 3.15.2 allowed\n context-dependent attackers to cause a denial of service (memory\n corruption) via a crafted Literal Run. NOTE: the author of the LZO\n algorithms says: The Linux kernel is not affected; media hype\n (bnc#883948).\n * CVE-2014-7826: kernel/trace/trace_syscalls.c in the Linux kernel\n through 3.17.2 did not properly handle private syscall numbers\n during use of the ftrace subsystem, which allowed local users to\n gain privileges or cause a denial of service (invalid pointer\n dereference) via a crafted application (bnc#904013).\n * CVE-2014-7841: An SCTP server doing ASCONF would panic on malformed\n INIT ping-of-death (bnc#905100).\n * CVE-2014-8709: The ieee80211_fragment function in net/mac80211/tx.c\n in the Linux kernel before 3.13.5 did not properly maintain a\n certain tail pointer, which allowed remote attackers to obtain\n sensitive cleartext information by reading packets (bnc#904700).\n * CVE-2014-8884: A local user with write access could have used this\n flaw to crash the kernel or elevate privileges (bnc#905522).\n\n The following non-security bugs have been fixed:\n\n * Build the KOTD against the SP3 Update project\n * HID: fix kabi breakage.\n * NFS: Provide stub nfs_fscache_wait_on_invalidate() for when\n CONFIG_NFS_FSCACHE=n.\n * NFS: fix inverted test for delegation in nfs4_reclaim_open_state\n (bnc#903331).\n * NFS: remove incorrect Lock reclaim failed! warning (bnc#903331).\n * NFSv4: nfs4_open_done first must check that GETATTR decoded a file\n type (bnc#899574).\n * PCI: pciehp: Clear Data Link Layer State Changed during init\n (bnc#898295).\n * PCI: pciehp: Enable link state change notifications (bnc#898295).\n * PCI: pciehp: Handle push button event asynchronously (bnc#898295).\n * PCI: pciehp: Make check_link_active() non-static (bnc#898295).\n * PCI: pciehp: Use link change notifications for hot-plug and removal\n (bnc#898295).\n * PCI: pciehp: Use per-slot workqueues to avoid deadlock (bnc#898295).\n * PCI: pciehp: Use symbolic constants, not hard-coded bitmask\n (bnc#898295).\n * PM / hibernate: Iterate over set bits instead of PFNs in\n swsusp_free() (bnc#860441).\n * be2net: Fix invocation of be_close() after be_clear() (bnc#895468).\n * block: Fix bogus partition statistics reports (bnc#885077\n bnc#891211).\n * block: Fix computation of merged request priority.\n * btrfs: Fix wrong device size when we are resizing the device.\n * btrfs: Return right extent when fiemap gives unaligned offset and\n len.\n * btrfs: abtract out range locking in clone ioctl().\n * btrfs: always choose work from prio_head first.\n * btrfs: balance delayed inode updates.\n * btrfs: cache extent states in defrag code path.\n * btrfs: check file extent type before anything else (bnc#897694).\n * btrfs: clone, do not create invalid hole extent map.\n * btrfs: correctly determine if blocks are shared in\n btrfs_compare_trees.\n * btrfs: do not bug_on if we try to cow a free space cache inode.\n * btrfs: ensure btrfs_prev_leaf does not miss 1 item.\n * btrfs: ensure readers see new data after a clone operation.\n * btrfs: fill_holes: Fix slot number passed to hole_mergeable() call.\n * btrfs: filter invalid arg for btrfs resize.\n * btrfs: fix EINVAL checks in btrfs_clone.\n * btrfs: fix EIO on reading file after ioctl clone works on it.\n * btrfs: fix a crash of clone with inline extents split.\n * btrfs: fix crash of compressed writes (bnc#898375).\n * btrfs: fix crash when starting transaction.\n * btrfs: fix deadlock with nested trans handles.\n * btrfs: fix hang on error (such as ENOSPC) when writing extent pages.\n * btrfs: fix leaf corruption after __btrfs_drop_extents.\n * btrfs: fix race between balance recovery and root deletion.\n * btrfs: fix wrong extent mapping for DirectIO.\n * btrfs: handle a missing extent for the first file extent.\n * btrfs: limit delalloc pages outside of find_delalloc_range\n (bnc#898375).\n * btrfs: read lock extent buffer while walking backrefs.\n * btrfs: remove unused wait queue in struct extent_buffer.\n * btrfs: replace EINVAL with ERANGE for resize when ULLONG_MAX.\n * btrfs: replace error code from btrfs_drop_extents.\n * btrfs: unlock extent and pages on error in cow_file_range.\n * btrfs: unlock inodes in correct order in clone ioctl.\n * btrfs_ioctl_clone: Move clone code into its own function.\n * cifs: delay super block destruction until all cifsFileInfo objects\n are gone (bnc#903653).\n * drm/i915: Flush the PTEs after updating them before suspend\n (bnc#901638).\n * drm/i915: Undo gtt scratch pte unmapping again (bnc#901638).\n * ext3: return 32/64-bit dir name hash according to usage type\n (bnc#898554).\n * ext4: return 32/64-bit dir name hash according to usage type\n (bnc#898554).\n * fix: use after free of xfs workqueues (bnc#894895).\n * fs: add new FMODE flags: FMODE_32bithash and FMODE_64bithash\n (bnc#898554).\n * futex: Ensure get_futex_key_refs() always implies a barrier\n (bnc#851603 (futex scalability series)).\n * futex: Fix a race condition between REQUEUE_PI and task death\n (bnc#851603 (futex scalability series)).\n * ipv6: add support of peer address (bnc#896415).\n * ipv6: fix a refcnt leak with peer addr (bnc#896415).\n * megaraid_sas: Disable fastpath writes for non-RAID0 (bnc#897502).\n * mm: change __remove_pages() to call release_mem_region_adjustable()\n (bnc#891790).\n * netxen: Fix link event handling (bnc#873228).\n * netxen: fix link notification order (bnc#873228).\n * nfsd: rename int access to int may_flags in nfsd_open() (bnc#898554).\n * nfsd: vfs_llseek() with 32 or 64 bit offsets (hashes) (bnc#898554).\n * ocfs2: fix NULL pointer dereference in\n ocfs2_duplicate_clusters_by_page (bnc#899843).\n * powerpc: Add smp_mb() to arch_spin_is_locked() (bsc#893758).\n * powerpc: Add smp_mb()s to arch_spin_unlock_wait() (bsc#893758).\n * powerpc: Add support for the optimised lockref implementation\n (bsc#893758).\n * powerpc: Implement arch_spin_is_locked() using\n arch_spin_value_unlocked() (bsc#893758).\n * refresh patches.xen/xen-blkback-multi-page-ring (bnc#897708)).\n * remove filesize checks for sync I/O journal commit (bnc#800255).\n * resource: add __adjust_resource() for internal use (bnc#891790).\n * resource: add release_mem_region_adjustable() (bnc#891790).\n * revert PM / Hibernate: Iterate over set bits instead of PFNs in\n swsusp_free() (bnc#860441).\n * rpm/mkspec: Generate specfiles according to Factory requirements.\n * rpm/mkspec: Generate a per-architecture per-package _constraints file\n * sched: Fix unreleased llc_shared_mask bit during CPU hotplug\n (bnc#891368).\n * scsi_dh_alua: disable ALUA handling for non-disk devices\n (bnc#876633).\n * usb: Do not re-read descriptors for wired devices in\n usb_authorize_device() (bnc#904358).\n * usbback: Do not access request fields in shared ring more than once.\n * usbhid: add another mouse that needs QUIRK_ALWAYS_POLL (bnc#888607).\n * vfs,proc: guarantee unique inodes in /proc (bnc#868049).\n * x86, cpu hotplug: Fix stack frame warning\n incheck_irq_vectors_for_cpu_disable() (bnc#887418).\n * x86, ioremap: Speed up check for RAM pages (Boot time optimisations\n (bnc#895387)).\n * x86: Add check for number of available vectors before CPU down\n (bnc#887418).\n * x86: optimize resource lookups for ioremap (Boot time optimisations\n (bnc#895387)).\n * x86: use optimized ioresource lookup in ioremap function (Boot time\n optimisations (bnc#895387)).\n * xfs: Do not free EFIs before the EFDs are committed (bsc#755743).\n * xfs: Do not reference the EFI after it is freed (bsc#755743).\n * xfs: fix cil push sequence after log recovery (bsc#755743).\n * zcrypt: support for extended number of ap domains (bnc#894058,\n LTC#117041).\n * zcrypt: toleration of new crypto adapter hardware (bnc#894058,\n LTC#117041).\n\n Security Issues:\n\n * CVE-2012-4398\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4398\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4398</a>>\n * CVE-2013-2889\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2889\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2889</a>>\n * CVE-2013-2893\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2893\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2893</a>>\n * CVE-2013-2897\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2897\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2897</a>>\n * CVE-2013-2899\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2899\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2899</a>>\n * CVE-2013-7263\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7263\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7263</a>>\n * CVE-2014-3181\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3181\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3181</a>>\n * CVE-2014-3184\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3184\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3184</a>>\n * CVE-2014-3185\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3185\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3185</a>>\n * CVE-2014-3186\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3186\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3186</a>>\n * CVE-2014-3601\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3601\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3601</a>>\n * CVE-2014-3610\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3610\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3610</a>>\n * CVE-2014-3646\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3646\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3646</a>>\n * CVE-2014-3647\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3647\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3647</a>>\n * CVE-2014-4508\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4508\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4508</a>>\n * CVE-2014-4608\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4608\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4608</a>>\n * CVE-2014-7826\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7826\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7826</a>>\n * CVE-2014-7841\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7841\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7841</a>>\n * CVE-2014-8709\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8709\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8709</a>>\n * CVE-2014-8884\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8884\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8884</a>>\n * CVE-2014-3673\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3673\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3673</a>>\n", "published": "2014-12-23T19:06:22", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00027.html", "cvelist": ["CVE-2014-3646", "CVE-2014-3186", "CVE-2014-3673", "CVE-2014-7841", "CVE-2014-4508", "CVE-2014-3647", "CVE-2014-3610", "CVE-2014-3181", "CVE-2014-8709", "CVE-2014-3185", "CVE-2013-2897", "CVE-2014-3601", "CVE-2014-8884", "CVE-2013-2899", "CVE-2014-4608", "CVE-2013-7263", "CVE-2012-4398", "CVE-2014-7826", "CVE-2013-2889", "CVE-2013-2893", "CVE-2014-3184"], "lastseen": "2016-09-04T12:10:59"}, {"id": "SUSE-SU-2014:1693-2", "type": "suse", "title": "Security update for Linux kernel (important)", "description": "The SUSE Linux Enterprise 11 Service Pack 3 kernel has been updated to fix\n various bugs and security issues.\n\n The following security bugs have been fixed:\n\n * CVE-2012-4398: The __request_module function in kernel/kmod.c in the\n Linux kernel before 3.4 did not set a certain killable attribute,\n which allowed local users to cause a denial of service (memory\n consumption) via a crafted application (bnc#779488).\n * CVE-2013-2889: drivers/hid/hid-zpff.c in the Human Interface Device\n (HID) subsystem in the Linux kernel through 3.11, when\n CONFIG_HID_ZEROPLUS is enabled, allowed physically proximate\n attackers to cause a denial of service (heap-based out-of-bounds\n write) via a crafted device (bnc#835839).\n * CVE-2013-2893: The Human Interface Device (HID) subsystem in the\n Linux kernel through 3.11, when CONFIG_LOGITECH_FF,\n CONFIG_LOGIG940_FF, or CONFIG_LOGIWHEELS_FF is enabled, allowed\n physically proximate attackers to cause a denial of service\n (heap-based out-of-bounds write) via a crafted device, related to\n (1) drivers/hid/hid-lgff.c, (2) drivers/hid/hid-lg3ff.c, and (3)\n drivers/hid/hid-lg4ff.c (bnc#835839).\n * CVE-2013-2897: Multiple array index errors in\n drivers/hid/hid-multitouch.c in the Human Interface Device (HID)\n subsystem in the Linux kernel through 3.11, when\n CONFIG_HID_MULTITOUCH is enabled, allowed physically proximate\n attackers to cause a denial of service (heap memory corruption, or\n NULL pointer dereference and OOPS) via a crafted device (bnc#835839).\n * CVE-2013-2899: drivers/hid/hid-picolcd_core.c in the Human Interface\n Device (HID) subsystem in the Linux kernel through 3.11, when\n CONFIG_HID_PICOLCD is enabled, allowed physically proximate\n attackers to cause a denial of service (NULL pointer dereference and\n OOPS) via a crafted device (bnc#835839).\n * CVE-2013-7263: The Linux kernel before 3.12.4 updates certain length\n values before ensuring that associated data structures have been\n initialized, which allowed local users to obtain sensitive\n information from kernel stack memory via a (1) recvfrom, (2)\n recvmmsg, or (3) recvmsg system call, related to net/ipv4/ping.c,\n net/ipv4/raw.c, net/ipv4/udp.c, net/ipv6/raw.c, and net/ipv6/udp.c\n (bnc#853040, bnc#857643).\n * CVE-2014-3181: Multiple stack-based buffer overflows in the\n magicmouse_raw_event function in drivers/hid/hid-magicmouse.c in the\n Magic Mouse HID driver in the Linux kernel through 3.16.3 allowed\n physically proximate attackers to cause a denial of service (system\n crash) or possibly execute arbitrary code via a crafted device that\n provides a large amount of (1) EHCI or (2) XHCI data associated with\n an event (bnc#896382).\n * CVE-2014-3184: The report_fixup functions in the HID subsystem in\n the Linux kernel before 3.16.2 allowed physically proximate\n attackers to cause a denial of service (out-of-bounds write) via a\n crafted device that provides a small report descriptor, related to\n (1) drivers/hid/hid-cherry.c, (2) drivers/hid/hid-kye.c, (3)\n drivers/hid/hid-lg.c, (4) drivers/hid/hid-monterey.c, (5)\n drivers/hid/hid-petalynx.c, and (6) drivers/hid/hid-sunplus.c\n (bnc#896390).\n * CVE-2014-3185: Multiple buffer overflows in the\n command_port_read_callback function in\n drivers/usb/serial/whiteheat.c in the Whiteheat USB Serial Driver in\n the Linux kernel before 3.16.2 allowed physically proximate\n attackers to execute arbitrary code or cause a denial of service\n (memory corruption and system crash) via a crafted device that\n provides a large amount of (1) EHCI or (2) XHCI data associated with\n a bulk response (bnc#896391).\n * CVE-2014-3186: Buffer overflow in the picolcd_raw_event function in\n devices/hid/hid-picolcd_core.c in the PicoLCD HID device driver in\n the Linux kernel through 3.16.3, as used in Android on Nexus 7\n devices, allowed physically proximate attackers to cause a denial of\n service (system crash) or possibly execute arbitrary code via a\n crafted device that sends a large report (bnc#896392).\n * CVE-2014-3601: The kvm_iommu_map_pages function in virt/kvm/iommu.c\n in the Linux kernel through 3.16.1 miscalculated the number of pages\n during the handling of a mapping failure, which allowed guest OS\n users to (1) cause a denial of service (host OS memory corruption)\n or possibly have unspecified other impact by triggering a large gfn\n value or (2) cause a denial of service (host OS memory consumption)\n by triggering a small gfn value that leads to permanently pinned\n pages (bnc#892782).\n * CVE-2014-3610: The WRMSR processing functionality in the KVM\n subsystem in the Linux kernel through 3.17.2 did not properly handle\n the writing of a non-canonical address to a model-specific register,\n which allowed guest OS users to cause a denial of service (host OS\n crash) by leveraging guest OS privileges, related to the\n wrmsr_interception function in arch/x86/kvm/svm.c and the\n handle_wrmsr function in arch/x86/kvm/vmx.c (bnc#899192).\n * CVE-2014-3646: arch/x86/kvm/vmx.c in the KVM subsystem in the Linux\n kernel through 3.17.2 did not have an exit handler for the INVVPID\n instruction, which allowed guest OS users to cause a denial of\n service (guest OS crash) via a crafted application (bnc#899192).\n * CVE-2014-3647: arch/x86/kvm/emulate.c in the KVM subsystem in the\n Linux kernel through 3.17.2 did not properly perform RIP changes,\n which allowed guest OS users to cause a denial of service (guest OS\n crash) via a crafted application (bnc#899192).\n * CVE-2014-3673: The SCTP implementation in the Linux kernel through\n 3.17.2 allowed remote attackers to cause a denial of service (system\n crash) via a malformed ASCONF chunk, related to\n net/sctp/sm_make_chunk.c and net/sctp/sm_statefuns.c (bnc#902346,\n bnc#902349).\n * CVE-2014-4508: arch/x86/kernel/entry_32.S in the Linux kernel\n through 3.15.1 on 32-bit x86 platforms, when syscall auditing is\n enabled and the sep CPU feature flag is set, allowed local users to\n cause a denial of service (OOPS and system crash) via an invalid\n syscall number, as demonstrated by number 1000 (bnc#883724).\n * CVE-2014-4608: * DISPUTED * Multiple integer overflows in the\n lzo1x_decompress_safe function in lib/lzo/lzo1x_decompress_safe.c in\n the LZO decompressor in the Linux kernel before 3.15.2 allowed\n context-dependent attackers to cause a denial of service (memory\n corruption) via a crafted Literal Run. NOTE: the author of the LZO\n algorithms says: The Linux kernel is not affected; media hype\n (bnc#883948).\n * CVE-2014-7826: kernel/trace/trace_syscalls.c in the Linux kernel\n through 3.17.2 did not properly handle private syscall numbers\n during use of the ftrace subsystem, which allowed local users to\n gain privileges or cause a denial of service (invalid pointer\n dereference) via a crafted application (bnc#904013).\n * CVE-2014-7841: An SCTP server doing ASCONF would panic on malformed\n INIT ping-of-death (bnc#905100).\n * CVE-2014-8709: The ieee80211_fragment function in net/mac80211/tx.c\n in the Linux kernel before 3.13.5 did not properly maintain a\n certain tail pointer, which allowed remote attackers to obtain\n sensitive cleartext information by reading packets (bnc#904700).\n * CVE-2014-8884: A local user with write access could have used this\n flaw to crash the kernel or elevate privileges (bnc#905522).\n\n The following non-security bugs have been fixed:\n\n * Build the KOTD against the SP3 Update project\n * HID: fix kabi breakage.\n * NFS: Provide stub nfs_fscache_wait_on_invalidate() for when\n CONFIG_NFS_FSCACHE=n.\n * NFS: fix inverted test for delegation in nfs4_reclaim_open_state\n (bnc#903331).\n * NFS: remove incorrect Lock reclaim failed! warning (bnc#903331).\n * NFSv4: nfs4_open_done first must check that GETATTR decoded a file\n type (bnc#899574).\n * PCI: pciehp: Clear Data Link Layer State Changed during init\n (bnc#898295).\n * PCI: pciehp: Enable link state change notifications (bnc#898295).\n * PCI: pciehp: Handle push button event asynchronously (bnc#898295).\n * PCI: pciehp: Make check_link_active() non-static (bnc#898295).\n * PCI: pciehp: Use link change notifications for hot-plug and removal\n (bnc#898295).\n * PCI: pciehp: Use per-slot workqueues to avoid deadlock (bnc#898295).\n * PCI: pciehp: Use symbolic constants, not hard-coded bitmask\n (bnc#898295).\n * PM / hibernate: Iterate over set bits instead of PFNs in\n swsusp_free() (bnc#860441).\n * be2net: Fix invocation of be_close() after be_clear() (bnc#895468).\n * block: Fix bogus partition statistics reports (bnc#885077\n bnc#891211).\n * block: Fix computation of merged request priority.\n * btrfs: Fix wrong device size when we are resizing the device.\n * btrfs: Return right extent when fiemap gives unaligned offset and\n len.\n * btrfs: abtract out range locking in clone ioctl().\n * btrfs: always choose work from prio_head first.\n * btrfs: balance delayed inode updates.\n * btrfs: cache extent states in defrag code path.\n * btrfs: check file extent type before anything else (bnc#897694).\n * btrfs: clone, do not create invalid hole extent map.\n * btrfs: correctly determine if blocks are shared in\n btrfs_compare_trees.\n * btrfs: do not bug_on if we try to cow a free space cache inode.\n * btrfs: ensure btrfs_prev_leaf does not miss 1 item.\n * btrfs: ensure readers see new data after a clone operation.\n * btrfs: fill_holes: Fix slot number passed to hole_mergeable() call.\n * btrfs: filter invalid arg for btrfs resize.\n * btrfs: fix EINVAL checks in btrfs_clone.\n * btrfs: fix EIO on reading file after ioctl clone works on it.\n * btrfs: fix a crash of clone with inline extents split.\n * btrfs: fix crash of compressed writes (bnc#898375).\n * btrfs: fix crash when starting transaction.\n * btrfs: fix deadlock with nested trans handles.\n * btrfs: fix hang on error (such as ENOSPC) when writing extent pages.\n * btrfs: fix leaf corruption after __btrfs_drop_extents.\n * btrfs: fix race between balance recovery and root deletion.\n * btrfs: fix wrong extent mapping for DirectIO.\n * btrfs: handle a missing extent for the first file extent.\n * btrfs: limit delalloc pages outside of find_delalloc_range\n (bnc#898375).\n * btrfs: read lock extent buffer while walking backrefs.\n * btrfs: remove unused wait queue in struct extent_buffer.\n * btrfs: replace EINVAL with ERANGE for resize when ULLONG_MAX.\n * btrfs: replace error code from btrfs_drop_extents.\n * btrfs: unlock extent and pages on error in cow_file_range.\n * btrfs: unlock inodes in correct order in clone ioctl.\n * btrfs_ioctl_clone: Move clone code into its own function.\n * cifs: delay super block destruction until all cifsFileInfo objects\n are gone (bnc#903653).\n * drm/i915: Flush the PTEs after updating them before suspend\n (bnc#901638).\n * drm/i915: Undo gtt scratch pte unmapping again (bnc#901638).\n * ext3: return 32/64-bit dir name hash according to usage type\n (bnc#898554).\n * ext4: return 32/64-bit dir name hash according to usage type\n (bnc#898554).\n * fix: use after free of xfs workqueues (bnc#894895).\n * fs: add new FMODE flags: FMODE_32bithash and FMODE_64bithash\n (bnc#898554).\n * futex: Ensure get_futex_key_refs() always implies a barrier\n (bnc#851603 (futex scalability series)).\n * futex: Fix a race condition between REQUEUE_PI and task death\n (bnc#851603 (futex scalability series)).\n * ipv6: add support of peer address (bnc#896415).\n * ipv6: fix a refcnt leak with peer addr (bnc#896415).\n * megaraid_sas: Disable fastpath writes for non-RAID0 (bnc#897502).\n * mm: change __remove_pages() to call release_mem_region_adjustable()\n (bnc#891790).\n * netxen: Fix link event handling (bnc#873228).\n * netxen: fix link notification order (bnc#873228).\n * nfsd: rename int access to int may_flags in nfsd_open() (bnc#898554).\n * nfsd: vfs_llseek() with 32 or 64 bit offsets (hashes) (bnc#898554).\n * ocfs2: fix NULL pointer dereference in\n ocfs2_duplicate_clusters_by_page (bnc#899843).\n * powerpc: Add smp_mb() to arch_spin_is_locked() (bsc#893758).\n * powerpc: Add smp_mb()s to arch_spin_unlock_wait() (bsc#893758).\n * powerpc: Add support for the optimised lockref implementation\n (bsc#893758).\n * powerpc: Implement arch_spin_is_locked() using\n arch_spin_value_unlocked() (bsc#893758).\n * refresh patches.xen/xen-blkback-multi-page-ring (bnc#897708)).\n * remove filesize checks for sync I/O journal commit (bnc#800255).\n * resource: add __adjust_resource() for internal use (bnc#891790).\n * resource: add release_mem_region_adjustable() (bnc#891790).\n * revert PM / Hibernate: Iterate over set bits instead of PFNs in\n swsusp_free() (bnc#860441).\n * rpm/mkspec: Generate specfiles according to Factory requirements.\n * rpm/mkspec: Generate a per-architecture per-package _constraints file\n * sched: Fix unreleased llc_shared_mask bit during CPU hotplug\n (bnc#891368).\n * scsi_dh_alua: disable ALUA handling for non-disk devices\n (bnc#876633).\n * usb: Do not re-read descriptors for wired devices in\n usb_authorize_device() (bnc#904358).\n * usbback: Do not access request fields in shared ring more than once.\n * usbhid: add another mouse that needs QUIRK_ALWAYS_POLL (bnc#888607).\n * vfs,proc: guarantee unique inodes in /proc (bnc#868049).\n * x86, cpu hotplug: Fix stack frame warning\n incheck_irq_vectors_for_cpu_disable() (bnc#887418).\n * x86, ioremap: Speed up check for RAM pages (Boot time optimisations\n (bnc#895387)).\n * x86: Add check for number of available vectors before CPU down\n (bnc#887418).\n * x86: optimize resource lookups for ioremap (Boot time optimisations\n (bnc#895387)).\n * x86: use optimized ioresource lookup in ioremap function (Boot time\n optimisations (bnc#895387)).\n * xfs: Do not free EFIs before the EFDs are committed (bsc#755743).\n * xfs: Do not reference the EFI after it is freed (bsc#755743).\n * xfs: fix cil push sequence after log recovery (bsc#755743).\n * zcrypt: support for extended number of ap domains (bnc#894058,\n LTC#117041).\n * zcrypt: toleration of new crypto adapter hardware (bnc#894058,\n LTC#117041).\n\n Security Issues:\n\n * CVE-2012-4398\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4398\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4398</a>>\n * CVE-2013-2889\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2889\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2889</a>>\n * CVE-2013-2893\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2893\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2893</a>>\n * CVE-2013-2897\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2897\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2897</a>>\n * CVE-2013-2899\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2899\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2899</a>>\n * CVE-2013-7263\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7263\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7263</a>>\n * CVE-2014-3181\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3181\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3181</a>>\n * CVE-2014-3184\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3184\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3184</a>>\n * CVE-2014-3185\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3185\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3185</a>>\n * CVE-2014-3186\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3186\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3186</a>>\n * CVE-2014-3601\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3601\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3601</a>>\n * CVE-2014-3610\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3610\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3610</a>>\n * CVE-2014-3646\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3646\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3646</a>>\n * CVE-2014-3647\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3647\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3647</a>>\n * CVE-2014-4508\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4508\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4508</a>>\n * CVE-2014-4608\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4608\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4608</a>>\n * CVE-2014-7826\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7826\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7826</a>>\n * CVE-2014-7841\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7841\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7841</a>>\n * CVE-2014-8709\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8709\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8709</a>>\n * CVE-2014-8884\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8884\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8884</a>>\n * CVE-2014-3673\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3673\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3673</a>>\n", "published": "2014-12-24T08:08:49", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00033.html", "cvelist": ["CVE-2014-3646", "CVE-2014-3186", "CVE-2014-3673", "CVE-2014-7841", "CVE-2014-4508", "CVE-2014-3647", "CVE-2014-3610", "CVE-2014-3181", "CVE-2014-8709", "CVE-2014-3185", "CVE-2013-2897", "CVE-2014-3601", "CVE-2014-8884", "CVE-2013-2899", "CVE-2014-4608", "CVE-2013-7263", "CVE-2012-4398", "CVE-2014-7826", "CVE-2013-2889", "CVE-2013-2893", "CVE-2014-3184"], "lastseen": "2016-09-04T12:38:48"}, {"id": "SUSE-SU-2014:1695-1", "type": "suse", "title": "Security update for Linux kernel (important)", "description": "The SUSE Linux Enterprise 11 Service Pack 3 kernel has been updated to fix\n various bugs and security issues.\n\n The following security bugs have been fixed:\n\n * CVE-2012-4398: The __request_module function in kernel/kmod.c in the\n Linux kernel before 3.4 did not set a certain killable attribute,\n which allowed local users to cause a denial of service (memory\n consumption) via a crafted application (bnc#779488).\n * CVE-2013-2889: drivers/hid/hid-zpff.c in the Human Interface Device\n (HID) subsystem in the Linux kernel through 3.11, when\n CONFIG_HID_ZEROPLUS is enabled, allowed physically proximate\n attackers to cause a denial of service (heap-based out-of-bounds\n write) via a crafted device (bnc#835839).\n * CVE-2013-2893: The Human Interface Device (HID) subsystem in the\n Linux kernel through 3.11, when CONFIG_LOGITECH_FF,\n CONFIG_LOGIG940_FF, or CONFIG_LOGIWHEELS_FF is enabled, allowed\n physically proximate attackers to cause a denial of service\n (heap-based out-of-bounds write) via a crafted device, related to\n (1) drivers/hid/hid-lgff.c, (2) drivers/hid/hid-lg3ff.c, and (3)\n drivers/hid/hid-lg4ff.c (bnc#835839).\n * CVE-2013-2897: Multiple array index errors in\n drivers/hid/hid-multitouch.c in the Human Interface Device (HID)\n subsystem in the Linux kernel through 3.11, when\n CONFIG_HID_MULTITOUCH is enabled, allowed physically proximate\n attackers to cause a denial of service (heap memory corruption, or\n NULL pointer dereference and OOPS) via a crafted device (bnc#835839).\n * CVE-2013-2899: drivers/hid/hid-picolcd_core.c in the Human Interface\n Device (HID) subsystem in the Linux kernel through 3.11, when\n CONFIG_HID_PICOLCD is enabled, allowed physically proximate\n attackers to cause a denial of service (NULL pointer dereference and\n OOPS) via a crafted device (bnc#835839).\n * CVE-2013-7263: The Linux kernel before 3.12.4 updates certain length\n values before ensuring that associated data structures have been\n initialized, which allowed local users to obtain sensitive\n information from kernel stack memory via a (1) recvfrom, (2)\n recvmmsg, or (3) recvmsg system call, related to net/ipv4/ping.c,\n net/ipv4/raw.c, net/ipv4/udp.c, net/ipv6/raw.c, and net/ipv6/udp.c\n (bnc#853040, bnc#857643).\n * CVE-2014-3181: Multiple stack-based buffer overflows in the\n magicmouse_raw_event function in drivers/hid/hid-magicmouse.c in the\n Magic Mouse HID driver in the Linux kernel through 3.16.3 allowed\n physically proximate attackers to cause a denial of service (system\n crash) or possibly execute arbitrary code via a crafted device that\n provides a large amount of (1) EHCI or (2) XHCI data associated with\n an event (bnc#896382).\n * CVE-2014-3184: The report_fixup functions in the HID subsystem in\n the Linux kernel before 3.16.2 allowed physically proximate\n attackers to cause a denial of service (out-of-bounds write) via a\n crafted device that provides a small report descriptor, related to\n (1) drivers/hid/hid-cherry.c, (2) drivers/hid/hid-kye.c, (3)\n drivers/hid/hid-lg.c, (4) drivers/hid/hid-monterey.c, (5)\n drivers/hid/hid-petalynx.c, and (6) drivers/hid/hid-sunplus.c\n (bnc#896390).\n * CVE-2014-3185: Multiple buffer overflows in the\n command_port_read_callback function in\n drivers/usb/serial/whiteheat.c in the Whiteheat USB Serial Driver in\n the Linux kernel before 3.16.2 allowed physically proximate\n attackers to execute arbitrary code or cause a denial of service\n (memory corruption and system crash) via a crafted device that\n provides a large amount of (1) EHCI or (2) XHCI data associated with\n a bulk response (bnc#896391).\n * CVE-2014-3186: Buffer overflow in the picolcd_raw_event function in\n devices/hid/hid-picolcd_core.c in the PicoLCD HID device driver in\n the Linux kernel through 3.16.3, as used in Android on Nexus 7\n devices, allowed physically proximate attackers to cause a denial of\n service (system crash) or possibly execute arbitrary code via a\n crafted device that sends a large report (bnc#896392).\n * CVE-2014-3601: The kvm_iommu_map_pages function in virt/kvm/iommu.c\n in the Linux kernel through 3.16.1 miscalculated the number of pages\n during the handling of a mapping failure, which allowed guest OS\n users to (1) cause a denial of service (host OS memory corruption)\n or possibly have unspecified other impact by triggering a large gfn\n value or (2) cause a denial of service (host OS memory consumption)\n by triggering a small gfn value that leads to permanently pinned\n pages (bnc#892782).\n * CVE-2014-3610: The WRMSR processing functionality in the KVM\n subsystem in the Linux kernel through 3.17.2 did not properly handle\n the writing of a non-canonical address to a model-specific register,\n which allowed guest OS users to cause a denial of service (host OS\n crash) by leveraging guest OS privileges, related to the\n wrmsr_interception function in arch/x86/kvm/svm.c and the\n handle_wrmsr function in arch/x86/kvm/vmx.c (bnc#899192).\n * CVE-2014-3646: arch/x86/kvm/vmx.c in the KVM subsystem in the Linux\n kernel through 3.17.2 did not have an exit handler for the INVVPID\n instruction, which allowed guest OS users to cause a denial of\n service (guest OS crash) via a crafted application (bnc#899192).\n * CVE-2014-3647: arch/x86/kvm/emulate.c in the KVM subsystem in the\n Linux kernel through 3.17.2 did not properly perform RIP changes,\n which allowed guest OS users to cause a denial of service (guest OS\n crash) via a crafted application (bnc#899192).\n * CVE-2014-3673: The SCTP implementation in the Linux kernel through\n 3.17.2 allowed remote attackers to cause a denial of service (system\n crash) via a malformed ASCONF chunk, related to\n net/sctp/sm_make_chunk.c and net/sctp/sm_statefuns.c (bnc#902346,\n bnc#902349).\n * CVE-2014-4508: arch/x86/kernel/entry_32.S in the Linux kernel\n through 3.15.1 on 32-bit x86 platforms, when syscall auditing is\n enabled and the sep CPU feature flag is set, allowed local users to\n cause a denial of service (OOPS and system crash) via an invalid\n syscall number, as demonstrated by number 1000 (bnc#883724).\n * CVE-2014-4608: * DISPUTED * Multiple integer overflows in the\n lzo1x_decompress_safe function in lib/lzo/lzo1x_decompress_safe.c in\n the LZO decompressor in the Linux kernel before 3.15.2 allowed\n context-dependent attackers to cause a denial of service (memory\n corruption) via a crafted Literal Run. NOTE: the author of the LZO\n algorithms says: The Linux kernel is not affected; media hype\n (bnc#883948).\n * CVE-2014-7826: kernel/trace/trace_syscalls.c in the Linux kernel\n through 3.17.2 did not properly handle private syscall numbers\n during use of the ftrace subsystem, which allowed local users to\n gain privileges or cause a denial of service (invalid pointer\n dereference) via a crafted application (bnc#904013).\n * CVE-2014-7841: An SCTP server doing ASCONF would panic on malformed\n INIT ping-of-death (bnc#905100).\n * CVE-2014-8709: The ieee80211_fragment function in net/mac80211/tx.c\n in the Linux kernel before 3.13.5 did not properly maintain a\n certain tail pointer, which allowed remote attackers to obtain\n sensitive cleartext information by reading packets (bnc#904700).\n * CVE-2014-8884: A local user with write access could have used this\n flaw to crash the kernel or elevate privileges (bnc#905522).\n\n The following non-security bugs have been fixed:\n\n * Build the KOTD against the SP3 Update project\n * HID: fix kabi breakage.\n * NFS: Provide stub nfs_fscache_wait_on_invalidate() for when\n CONFIG_NFS_FSCACHE=n.\n * NFS: fix inverted test for delegation in nfs4_reclaim_open_state\n (bnc#903331).\n * NFS: remove incorrect Lock reclaim failed! warning (bnc#903331).\n * NFSv4: nfs4_open_done first must check that GETATTR decoded a file\n type (bnc#899574).\n * PCI: pciehp: Clear Data Link Layer State Changed during init\n (bnc#898295).\n * PCI: pciehp: Enable link state change notifications (bnc#898295).\n * PCI: pciehp: Handle push button event asynchronously (bnc#898295).\n * PCI: pciehp: Make check_link_active() non-static (bnc#898295).\n * PCI: pciehp: Use link change notifications for hot-plug and removal\n (bnc#898295).\n * PCI: pciehp: Use per-slot workqueues to avoid deadlock (bnc#898295).\n * PCI: pciehp: Use symbolic constants, not hard-coded bitmask\n (bnc#898295).\n * PM / hibernate: Iterate over set bits instead of PFNs in\n swsusp_free() (bnc#860441).\n * be2net: Fix invocation of be_close() after be_clear() (bnc#895468).\n * block: Fix bogus partition statistics reports (bnc#885077\n bnc#891211).\n * block: Fix computation of merged request priority.\n * btrfs: Fix wrong device size when we are resizing the device.\n * btrfs: Return right extent when fiemap gives unaligned offset and\n len.\n * btrfs: abtract out range locking in clone ioctl().\n * btrfs: always choose work from prio_head first.\n * btrfs: balance delayed inode updates.\n * btrfs: cache extent states in defrag code path.\n * btrfs: check file extent type before anything else (bnc#897694).\n * btrfs: clone, do not create invalid hole extent map.\n * btrfs: correctly determine if blocks are shared in\n btrfs_compare_trees.\n * btrfs: do not bug_on if we try to cow a free space cache inode.\n * btrfs: ensure btrfs_prev_leaf does not miss 1 item.\n * btrfs: ensure readers see new data after a clone operation.\n * btrfs: fill_holes: Fix slot number passed to hole_mergeable() call.\n * btrfs: filter invalid arg for btrfs resize.\n * btrfs: fix EINVAL checks in btrfs_clone.\n * btrfs: fix EIO on reading file after ioctl clone works on it.\n * btrfs: fix a crash of clone with inline extents split.\n * btrfs: fix crash of compressed writes (bnc#898375).\n * btrfs: fix crash when starting transaction.\n * btrfs: fix deadlock with nested trans handles.\n * btrfs: fix hang on error (such as ENOSPC) when writing extent pages.\n * btrfs: fix leaf corruption after __btrfs_drop_extents.\n * btrfs: fix race between balance recovery and root deletion.\n * btrfs: fix wrong extent mapping for DirectIO.\n * btrfs: handle a missing extent for the first file extent.\n * btrfs: limit delalloc pages outside of find_delalloc_range\n (bnc#898375).\n * btrfs: read lock extent buffer while walking backrefs.\n * btrfs: remove unused wait queue in struct extent_buffer.\n * btrfs: replace EINVAL with ERANGE for resize when ULLONG_MAX.\n * btrfs: replace error code from btrfs_drop_extents.\n * btrfs: unlock extent and pages on error in cow_file_range.\n * btrfs: unlock inodes in correct order in clone ioctl.\n * btrfs_ioctl_clone: Move clone code into its own function.\n * cifs: delay super block destruction until all cifsFileInfo objects\n are gone (bnc#903653).\n * drm/i915: Flush the PTEs after updating them before suspend\n (bnc#901638).\n * drm/i915: Undo gtt scratch pte unmapping again (bnc#901638).\n * ext3: return 32/64-bit dir name hash according to usage type\n (bnc#898554).\n * ext4: return 32/64-bit dir name hash according to usage type\n (bnc#898554).\n * fix: use after free of xfs workqueues (bnc#894895).\n * fs: add new FMODE flags: FMODE_32bithash and FMODE_64bithash\n (bnc#898554).\n * futex: Ensure get_futex_key_refs() always implies a barrier\n (bnc#851603 (futex scalability series)).\n * futex: Fix a race condition between REQUEUE_PI and task death\n (bnc#851603 (futex scalability series)).\n * ipv6: add support of peer address (bnc#896415).\n * ipv6: fix a refcnt leak with peer addr (bnc#896415).\n * megaraid_sas: Disable fastpath writes for non-RAID0 (bnc#897502).\n * mm: change __remove_pages() to call release_mem_region_adjustable()\n (bnc#891790).\n * netxen: Fix link event handling (bnc#873228).\n * netxen: fix link notification order (bnc#873228).\n * nfsd: rename int access to int may_flags in nfsd_open() (bnc#898554).\n * nfsd: vfs_llseek() with 32 or 64 bit offsets (hashes) (bnc#898554).\n * ocfs2: fix NULL pointer dereference in\n ocfs2_duplicate_clusters_by_page (bnc#899843).\n * powerpc: Add smp_mb() to arch_spin_is_locked() (bsc#893758).\n * powerpc: Add smp_mb()s to arch_spin_unlock_wait() (bsc#893758).\n * powerpc: Add support for the optimised lockref implementation\n (bsc#893758).\n * powerpc: Implement arch_spin_is_locked() using\n arch_spin_value_unlocked() (bsc#893758).\n * refresh patches.xen/xen-blkback-multi-page-ring (bnc#897708)).\n * remove filesize checks for sync I/O journal commit (bnc#800255).\n * resource: add __adjust_resource() for internal use (bnc#891790).\n * resource: add release_mem_region_adjustable() (bnc#891790).\n * revert PM / Hibernate: Iterate over set bits instead of PFNs in\n swsusp_free() (bnc#860441).\n * rpm/mkspec: Generate specfiles according to Factory requirements.\n * rpm/mkspec: Generate a per-architecture per-package _constraints file\n * sched: Fix unreleased llc_shared_mask bit during CPU hotplug\n (bnc#891368).\n * scsi_dh_alua: disable ALUA handling for non-disk devices\n (bnc#876633).\n * usb: Do not re-read descriptors for wired devices in\n usb_authorize_device() (bnc#904358).\n * usbback: Do not access request fields in shared ring more than once.\n * usbhid: add another mouse that needs QUIRK_ALWAYS_POLL (bnc#888607).\n * vfs,proc: guarantee unique inodes in /proc (bnc#868049).\n * x86, cpu hotplug: Fix stack frame warning\n incheck_irq_vectors_for_cpu_disable() (bnc#887418).\n * x86, ioremap: Speed up check for RAM pages (Boot time optimisations\n (bnc#895387)).\n * x86: Add check for number of available vectors before CPU down\n (bnc#887418).\n * x86: optimize resource lookups for ioremap (Boot time optimisations\n (bnc#895387)).\n * x86: use optimized ioresource lookup in ioremap function (Boot time\n optimisations (bnc#895387)).\n * xfs: Do not free EFIs before the EFDs are committed (bsc#755743).\n * xfs: Do not reference the EFI after it is freed (bsc#755743).\n * xfs: fix cil push sequence after log recovery (bsc#755743).\n * zcrypt: support for extended number of ap domains (bnc#894058,\n LTC#117041).\n * zcrypt: toleration of new crypto adapter hardware (bnc#894058,\n LTC#117041).\n\n Security Issues:\n\n * CVE-2012-4398\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4398\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4398</a>>\n * CVE-2013-2889\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2889\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2889</a>>\n * CVE-2013-2893\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2893\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2893</a>>\n * CVE-2013-2897\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2897\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2897</a>>\n * CVE-2013-2899\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2899\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2899</a>>\n * CVE-2013-7263\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7263\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7263</a>>\n * CVE-2014-3181\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3181\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3181</a>>\n * CVE-2014-3184\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3184\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3184</a>>\n * CVE-2014-3185\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3185\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3185</a>>\n * CVE-2014-3186\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3186\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3186</a>>\n * CVE-2014-3601\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3601\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3601</a>>\n * CVE-2014-3610\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3610\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3610</a>>\n * CVE-2014-3646\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3646\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3646</a>>\n * CVE-2014-3647\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3647\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3647</a>>\n * CVE-2014-4508\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4508\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4508</a>>\n * CVE-2014-4608\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4608\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4608</a>>\n * CVE-2014-7826\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7826\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7826</a>>\n * CVE-2014-7841\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7841\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7841</a>>\n * CVE-2014-8709\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8709\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8709</a>>\n * CVE-2014-8884\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8884\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8884</a>>\n * CVE-2014-3673\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3673\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3673</a>>\n", "published": "2014-12-23T20:05:05", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00029.html", "cvelist": ["CVE-2014-3646", "CVE-2014-3186", "CVE-2014-3673", "CVE-2014-9090", "CVE-2014-7841", "CVE-2014-4508", "CVE-2014-3647", "CVE-2014-3610", "CVE-2014-9322", "CVE-2014-3181", "CVE-2014-8709", "CVE-2014-3185", "CVE-2013-2897", "CVE-2014-3601", "CVE-2014-8884", "CVE-2013-2899", "CVE-2014-4608", "CVE-2013-7263", "CVE-2012-4398", "CVE-2014-8133", "CVE-2014-7826", "CVE-2013-2889", "CVE-2013-2893", "CVE-2014-3184"], "lastseen": "2016-09-04T12:22:34"}, {"id": "SUSE-SU-2014:1695-2", "type": "suse", "title": "Security update for Linux kernel (important)", "description": "The SUSE Linux Enterprise 11 Service Pack 3 kernel has been updated to fix\n various bugs and security issues.\n\n The following security bugs have been fixed:\n\n * CVE-2012-4398: The __request_module function in kernel/kmod.c in the\n Linux kernel before 3.4 did not set a certain killable attribute,\n which allowed local users to cause a denial of service (memory\n consumption) via a crafted application (bnc#779488).\n * CVE-2013-2889: drivers/hid/hid-zpff.c in the Human Interface Device\n (HID) subsystem in the Linux kernel through 3.11, when\n CONFIG_HID_ZEROPLUS is enabled, allowed physically proximate\n attackers to cause a denial of service (heap-based out-of-bounds\n write) via a crafted device (bnc#835839).\n * CVE-2013-2893: The Human Interface Device (HID) subsystem in the\n Linux kernel through 3.11, when CONFIG_LOGITECH_FF,\n CONFIG_LOGIG940_FF, or CONFIG_LOGIWHEELS_FF is enabled, allowed\n physically proximate attackers to cause a denial of service\n (heap-based out-of-bounds write) via a crafted device, related to\n (1) drivers/hid/hid-lgff.c, (2) drivers/hid/hid-lg3ff.c, and (3)\n drivers/hid/hid-lg4ff.c (bnc#835839).\n * CVE-2013-2897: Multiple array index errors in\n drivers/hid/hid-multitouch.c in the Human Interface Device (HID)\n subsystem in the Linux kernel through 3.11, when\n CONFIG_HID_MULTITOUCH is enabled, allowed physically proximate\n attackers to cause a denial of service (heap memory corruption, or\n NULL pointer dereference and OOPS) via a crafted device (bnc#835839).\n * CVE-2013-2899: drivers/hid/hid-picolcd_core.c in the Human Interface\n Device (HID) subsystem in the Linux kernel through 3.11, when\n CONFIG_HID_PICOLCD is enabled, allowed physically proximate\n attackers to cause a denial of service (NULL pointer dereference and\n OOPS) via a crafted device (bnc#835839).\n * CVE-2013-7263: The Linux kernel before 3.12.4 updates certain length\n values before ensuring that associated data structures have been\n initialized, which allowed local users to obtain sensitive\n information from kernel stack memory via a (1) recvfrom, (2)\n recvmmsg, or (3) recvmsg system call, related to net/ipv4/ping.c,\n net/ipv4/raw.c, net/ipv4/udp.c, net/ipv6/raw.c, and net/ipv6/udp.c\n (bnc#853040, bnc#857643).\n * CVE-2014-3181: Multiple stack-based buffer overflows in the\n magicmouse_raw_event function in drivers/hid/hid-magicmouse.c in the\n Magic Mouse HID driver in the Linux kernel through 3.16.3 allowed\n physically proximate attackers to cause a denial of service (system\n crash) or possibly execute arbitrary code via a crafted device that\n provides a large amount of (1) EHCI or (2) XHCI data associated with\n an event (bnc#896382).\n * CVE-2014-3184: The report_fixup functions in the HID subsystem in\n the Linux kernel before 3.16.2 allowed physically proximate\n attackers to cause a denial of service (out-of-bounds write) via a\n crafted device that provides a small report descriptor, related to\n (1) drivers/hid/hid-cherry.c, (2) drivers/hid/hid-kye.c, (3)\n drivers/hid/hid-lg.c, (4) drivers/hid/hid-monterey.c, (5)\n drivers/hid/hid-petalynx.c, and (6) drivers/hid/hid-sunplus.c\n (bnc#896390).\n * CVE-2014-3185: Multiple buffer overflows in the\n command_port_read_callback function in\n drivers/usb/serial/whiteheat.c in the Whiteheat USB Serial Driver in\n the Linux kernel before 3.16.2 allowed physically proximate\n attackers to execute arbitrary code or cause a denial of service\n (memory corruption and system crash) via a crafted device that\n provides a large amount of (1) EHCI or (2) XHCI data associated with\n a bulk response (bnc#896391).\n * CVE-2014-3186: Buffer overflow in the picolcd_raw_event function in\n devices/hid/hid-picolcd_core.c in the PicoLCD HID device driver in\n the Linux kernel through 3.16.3, as used in Android on Nexus 7\n devices, allowed physically proximate attackers to cause a denial of\n service (system crash) or possibly execute arbitrary code via a\n crafted device that sends a large report (bnc#896392).\n * CVE-2014-3601: The kvm_iommu_map_pages function in virt/kvm/iommu.c\n in the Linux kernel through 3.16.1 miscalculated the number of pages\n during the handling of a mapping failure, which allowed guest OS\n users to (1) cause a denial of service (host OS memory corruption)\n or possibly have unspecified other impact by triggering a large gfn\n value or (2) cause a denial of service (host OS memory consumption)\n by triggering a small gfn value that leads to permanently pinned\n pages (bnc#892782).\n * CVE-2014-3610: The WRMSR processing functionality in the KVM\n subsystem in the Linux kernel through 3.17.2 did not properly handle\n the writing of a non-canonical address to a model-specific register,\n which allowed guest OS users to cause a denial of service (host OS\n crash) by leveraging guest OS privileges, related to the\n wrmsr_interception function in arch/x86/kvm/svm.c and the\n handle_wrmsr function in arch/x86/kvm/vmx.c (bnc#899192).\n * CVE-2014-3646: arch/x86/kvm/vmx.c in the KVM subsystem in the Linux\n kernel through 3.17.2 did not have an exit handler for the INVVPID\n instruction, which allowed guest OS users to cause a denial of\n service (guest OS crash) via a crafted application (bnc#899192).\n * CVE-2014-3647: arch/x86/kvm/emulate.c in the KVM subsystem in the\n Linux kernel through 3.17.2 did not properly perform RIP changes,\n which allowed guest OS users to cause a denial of service (guest OS\n crash) via a crafted application (bnc#899192).\n * CVE-2014-3673: The SCTP implementation in the Linux kernel through\n 3.17.2 allowed remote attackers to cause a denial of service (system\n crash) via a malformed ASCONF chunk, related to\n net/sctp/sm_make_chunk.c and net/sctp/sm_statefuns.c (bnc#902346,\n bnc#902349).\n * CVE-2014-4508: arch/x86/kernel/entry_32.S in the Linux kernel\n through 3.15.1 on 32-bit x86 platforms, when syscall auditing is\n enabled and the sep CPU feature flag is set, allowed local users to\n cause a denial of service (OOPS and system crash) via an invalid\n syscall number, as demonstrated by number 1000 (bnc#883724).\n * CVE-2014-4608: * DISPUTED * Multiple integer overflows in the\n lzo1x_decompress_safe function in lib/lzo/lzo1x_decompress_safe.c in\n the LZO decompressor in the Linux kernel before 3.15.2 allowed\n context-dependent attackers to cause a denial of service (memory\n corruption) via a crafted Literal Run. NOTE: the author of the LZO\n algorithms says: The Linux kernel is not affected; media hype\n (bnc#883948).\n * CVE-2014-7826: kernel/trace/trace_syscalls.c in the Linux kernel\n through 3.17.2 did not properly handle private syscall numbers\n during use of the ftrace subsystem, which allowed local users to\n gain privileges or cause a denial of service (invalid pointer\n dereference) via a crafted application (bnc#904013).\n * CVE-2014-7841: An SCTP server doing ASCONF would panic on malformed\n INIT ping-of-death (bnc#905100).\n * CVE-2014-8709: The ieee80211_fragment function in net/mac80211/tx.c\n in the Linux kernel before 3.13.5 did not properly maintain a\n certain tail pointer, which allowed remote attackers to obtain\n sensitive cleartext information by reading packets (bnc#904700).\n * CVE-2014-8884: A local user with write access could have used this\n flaw to crash the kernel or elevate privileges (bnc#905522).\n\n The following non-security bugs have been fixed:\n\n * Build the KOTD against the SP3 Update project\n * HID: fix kabi breakage.\n * NFS: Provide stub nfs_fscache_wait_on_invalidate() for when\n CONFIG_NFS_FSCACHE=n.\n * NFS: fix inverted test for delegation in nfs4_reclaim_open_state\n (bnc#903331).\n * NFS: remove incorrect Lock reclaim failed! warning (bnc#903331).\n * NFSv4: nfs4_open_done first must check that GETATTR decoded a file\n type (bnc#899574).\n * PCI: pciehp: Clear Data Link Layer State Changed during init\n (bnc#898295).\n * PCI: pciehp: Enable link state change notifications (bnc#898295).\n * PCI: pciehp: Handle push button event asynchronously (bnc#898295).\n * PCI: pciehp: Make check_link_active() non-static (bnc#898295).\n * PCI: pciehp: Use link change notifications for hot-plug and removal\n (bnc#898295).\n * PCI: pciehp: Use per-slot workqueues to avoid deadlock (bnc#898295).\n * PCI: pciehp: Use symbolic constants, not hard-coded bitmask\n (bnc#898295).\n * PM / hibernate: Iterate over set bits instead of PFNs in\n swsusp_free() (bnc#860441).\n * be2net: Fix invocation of be_close() after be_clear() (bnc#895468).\n * block: Fix bogus partition statistics reports (bnc#885077\n bnc#891211).\n * block: Fix computation of merged request priority.\n * btrfs: Fix wrong device size when we are resizing the device.\n * btrfs: Return right extent when fiemap gives unaligned offset and\n len.\n * btrfs: abtract out range locking in clone ioctl().\n * btrfs: always choose work from prio_head first.\n * btrfs: balance delayed inode updates.\n * btrfs: cache extent states in defrag code path.\n * btrfs: check file extent type before anything else (bnc#897694).\n * btrfs: clone, do not create invalid hole extent map.\n * btrfs: correctly determine if blocks are shared in\n btrfs_compare_trees.\n * btrfs: do not bug_on if we try to cow a free space cache inode.\n * btrfs: ensure btrfs_prev_leaf does not miss 1 item.\n * btrfs: ensure readers see new data after a clone operation.\n * btrfs: fill_holes: Fix slot number passed to hole_mergeable() call.\n * btrfs: filter invalid arg for btrfs resize.\n * btrfs: fix EINVAL checks in btrfs_clone.\n * btrfs: fix EIO on reading file after ioctl clone works on it.\n * btrfs: fix a crash of clone with inline extents split.\n * btrfs: fix crash of compressed writes (bnc#898375).\n * btrfs: fix crash when starting transaction.\n * btrfs: fix deadlock with nested trans handles.\n * btrfs: fix hang on error (such as ENOSPC) when writing extent pages.\n * btrfs: fix leaf corruption after __btrfs_drop_extents.\n * btrfs: fix race between balance recovery and root deletion.\n * btrfs: fix wrong extent mapping for DirectIO.\n * btrfs: handle a missing extent for the first file extent.\n * btrfs: limit delalloc pages outside of find_delalloc_range\n (bnc#898375).\n * btrfs: read lock extent buffer while walking backrefs.\n * btrfs: remove unused wait queue in struct extent_buffer.\n * btrfs: replace EINVAL with ERANGE for resize when ULLONG_MAX.\n * btrfs: replace error code from btrfs_drop_extents.\n * btrfs: unlock extent and pages on error in cow_file_range.\n * btrfs: unlock inodes in correct order in clone ioctl.\n * btrfs_ioctl_clone: Move clone code into its own function.\n * cifs: delay super block destruction until all cifsFileInfo objects\n are gone (bnc#903653).\n * drm/i915: Flush the PTEs after updating them before suspend\n (bnc#901638).\n * drm/i915: Undo gtt scratch pte unmapping again (bnc#901638).\n * ext3: return 32/64-bit dir name hash according to usage type\n (bnc#898554).\n * ext4: return 32/64-bit dir name hash according to usage type\n (bnc#898554).\n * fix: use after free of xfs workqueues (bnc#894895).\n * fs: add new FMODE flags: FMODE_32bithash and FMODE_64bithash\n (bnc#898554).\n * futex: Ensure get_futex_key_refs() always implies a barrier\n (bnc#851603 (futex scalability series)).\n * futex: Fix a race condition between REQUEUE_PI and task death\n (bnc#851603 (futex scalability series)).\n * ipv6: add support of peer address (bnc#896415).\n * ipv6: fix a refcnt leak with peer addr (bnc#896415).\n * megaraid_sas: Disable fastpath writes for non-RAID0 (bnc#897502).\n * mm: change __remove_pages() to call release_mem_region_adjustable()\n (bnc#891790).\n * netxen: Fix link event handling (bnc#873228).\n * netxen: fix link notification order (bnc#873228).\n * nfsd: rename int access to int may_flags in nfsd_open() (bnc#898554).\n * nfsd: vfs_llseek() with 32 or 64 bit offsets (hashes) (bnc#898554).\n * ocfs2: fix NULL pointer dereference in\n ocfs2_duplicate_clusters_by_page (bnc#899843).\n * powerpc: Add smp_mb() to arch_spin_is_locked() (bsc#893758).\n * powerpc: Add smp_mb()s to arch_spin_unlock_wait() (bsc#893758).\n * powerpc: Add support for the optimised lockref implementation\n (bsc#893758).\n * powerpc: Implement arch_spin_is_locked() using\n arch_spin_value_unlocked() (bsc#893758).\n * refresh patches.xen/xen-blkback-multi-page-ring (bnc#897708)).\n * remove filesize checks for sync I/O journal commit (bnc#800255).\n * resource: add __adjust_resource() for internal use (bnc#891790).\n * resource: add release_mem_region_adjustable() (bnc#891790).\n * revert PM / Hibernate: Iterate over set bits instead of PFNs in\n swsusp_free() (bnc#860441).\n * rpm/mkspec: Generate specfiles according to Factory requirements.\n * rpm/mkspec: Generate a per-architecture per-package _constraints file\n * sched: Fix unreleased llc_shared_mask bit during CPU hotplug\n (bnc#891368).\n * scsi_dh_alua: disable ALUA handling for non-disk devices\n (bnc#876633).\n * usb: Do not re-read descriptors for wired devices in\n usb_authorize_device() (bnc#904358).\n * usbback: Do not access request fields in shared ring more than once.\n * usbhid: add another mouse that needs QUIRK_ALWAYS_POLL (bnc#888607).\n * vfs,proc: guarantee unique inodes in /proc (bnc#868049).\n * x86, cpu hotplug: Fix stack frame warning\n incheck_irq_vectors_for_cpu_disable() (bnc#887418).\n * x86, ioremap: Speed up check for RAM pages (Boot time optimisations\n (bnc#895387)).\n * x86: Add check for number of available vectors before CPU down\n (bnc#887418).\n * x86: optimize resource lookups for ioremap (Boot time optimisations\n (bnc#895387)).\n * x86: use optimized ioresource lookup in ioremap function (Boot time\n optimisations (bnc#895387)).\n * xfs: Do not free EFIs before the EFDs are committed (bsc#755743).\n * xfs: Do not reference the EFI after it is freed (bsc#755743).\n * xfs: fix cil push sequence after log recovery (bsc#755743).\n * zcrypt: support for extended number of ap domains (bnc#894058,\n LTC#117041).\n * zcrypt: toleration of new crypto adapter hardware (bnc#894058,\n LTC#117041).\n\n Security Issues:\n\n * CVE-2012-4398\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4398\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4398</a>>\n * CVE-2013-2889\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2889\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2889</a>>\n * CVE-2013-2893\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2893\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2893</a>>\n * CVE-2013-2897\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2897\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2897</a>>\n * CVE-2013-2899\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2899\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2899</a>>\n * CVE-2013-7263\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7263\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7263</a>>\n * CVE-2014-3181\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3181\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3181</a>>\n * CVE-2014-3184\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3184\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3184</a>>\n * CVE-2014-3185\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3185\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3185</a>>\n * CVE-2014-3186\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3186\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3186</a>>\n * CVE-2014-3601\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3601\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3601</a>>\n * CVE-2014-3610\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3610\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3610</a>>\n * CVE-2014-3646\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3646\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3646</a>>\n * CVE-2014-3647\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3647\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3647</a>>\n * CVE-2014-4508\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4508\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4508</a>>\n * CVE-2014-4608\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4608\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4608</a>>\n * CVE-2014-7826\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7826\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7826</a>>\n * CVE-2014-7841\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7841\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7841</a>>\n * CVE-2014-8709\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8709\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8709</a>>\n * CVE-2014-8884\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8884\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8884</a>>\n * CVE-2014-3673\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3673\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3673</a>>\n", "published": "2015-01-14T19:04:44", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00005.html", "cvelist": ["CVE-2014-3646", "CVE-2014-3186", "CVE-2014-3673", "CVE-2014-9090", "CVE-2014-7841", "CVE-2014-4508", "CVE-2014-3647", "CVE-2014-3610", "CVE-2014-9322", "CVE-2014-3181", "CVE-2014-8709", "CVE-2014-3185", "CVE-2013-2897", "CVE-2014-3601", "CVE-2014-8884", "CVE-2013-2899", "CVE-2014-4608", "CVE-2013-7263", "CVE-2012-4398", "CVE-2014-8133", "CVE-2014-7826", "CVE-2013-2889", "CVE-2013-2893", "CVE-2014-3184"], "lastseen": "2016-09-04T11:28:40"}, {"id": "OPENSUSE-SU-2014:1669-1", "type": "suse", "title": "Security update for the Linux Kernel (important)", "description": "The openSUSE 12.3 kernel was updated to fix security issues:\n\n This will be the final kernel update for openSUSE 13.2 during its\n lifetime, which ends January 4th 2015.\n\n CVE-2014-9322: A local privilege escalation in the x86_64 32bit\n compatibility signal handling was fixed, which could be used by local\n attackers to crash the machine or execute code.\n\n CVE-2014-9090: The do_double_fault function in arch/x86/kernel/traps.c in\n the Linux kernel did not properly handle faults associated with the Stack\n Segment (SS) segment register, which allowed local users to cause a denial\n of service (panic) via a modify_ldt system call, as demonstrated by\n sigreturn_32 in the linux-clock-tests test suite.\n\n CVE-2014-8133: Insufficient validation of TLS register usage could leak\n information from the kernel stack to userspace.\n\n CVE-2014-4508: arch/x86/kernel/entry_32.S in the Linux kernel on 32-bit\n x86 platforms, when syscall auditing is enabled and the sep CPU feature\n flag is set, allowed local users to cause a denial of service (OOPS and\n system crash) via an invalid syscall number, as demonstrated by number\n 1000.\n\n CVE-2014-8884: Stack-based buffer overflow in the\n ttusbdecfe_dvbs_diseqc_send_master_cmd function in\n drivers/media/usb/ttusb-dec/ttusbdecfe.c in the Linux kernel allowed local\n users to cause a denial of service (system crash) or possibly gain\n privileges via a large message length in an ioctl call.\n\n CVE-2014-3186: Buffer overflow in the picolcd_raw_event function in\n devices/hid/hid-picolcd_core.c in the PicoLCD HID device driver in the\n Linux kernel, as used in Android on Nexus 7 devices, allowed physically\n proximate attackers to cause a denial of service (system crash) or\n possibly execute arbitrary code via a crafted device that sends a large\n report.\n\n CVE-2014-7841: The sctp_process_param function in net/sctp/sm_make_chunk.c\n in the SCTP implementation in the Linux kernel, when ASCONF is used,\n allowed remote attackers to cause a denial of service (NULL pointer\n dereference and system crash) via a malformed INIT chunk.\n\n CVE-2014-4608: Multiple integer overflows in the lzo1x_decompress_safe\n function in lib/lzo/lzo1x_decompress_safe.c in the LZO decompressor in the\n Linux kernel allowed context-dependent attackers to cause a denial\n of service (memory corruption) via a crafted Literal Run.\n\n CVE-2014-8709: The ieee80211_fragment function in net/mac80211/tx.c in the\n Linux kernel did not properly maintain a certain tail pointer, which\n allowed remote attackers to obtain sensitive cleartext information by\n reading packets.\n\n CVE-2014-3185: Multiple buffer overflows in the command_port_read_callback\n function in drivers/usb/serial/whiteheat.c in the Whiteheat USB Serial\n Driver in the Linux kernel allowed physically proximate attackers to\n execute arbitrary code or cause a denial of service (memory corruption and\n system crash) via a crafted device that provides a large amount of (1)\n EHCI or (2) XHCI data associated with a bulk response.\n\n CVE-2014-3184: The report_fixup functions in the HID subsystem in the\n Linux kernel might have allowed physically proximate attackers to cause a\n denial of service (out-of-bounds write) via a crafted device that provides\n a small report descriptor, related to (1) drivers/hid/hid-cherry.c, (2)\n drivers/hid/hid-kye.c, (3) drivers/hid/hid-lg.c, (4)\n drivers/hid/hid-monterey.c, (5) drivers/hid/hid-petalynx.c, and (6)\n drivers/hid/hid-sunplus.c.\n\n CVE-2014-3182: Array index error in the logi_dj_raw_event function in\n drivers/hid/hid-logitech-dj.c in the Linux kernel allowed physically\n proximate attackers to execute arbitrary code or cause a denial of service\n (invalid kfree) via a crafted device that provides a malformed\n REPORT_TYPE_NOTIF_DEVICE_UNPAIRED value.\n\n CVE-2014-3181: Multiple stack-based buffer overflows in the\n magicmouse_raw_event function in drivers/hid/hid-magicmouse.c in the Magic\n Mouse HID driver in the Linux kernel allowed physically proximate\n attackers to cause a denial of service (system crash) or possibly execute\n arbitrary code via a crafted device that provides a large amount of (1)\n EHCI or (2) XHCI data associated with an event.\n\n CVE-2014-7826: kernel/trace/trace_syscalls.c in the Linux kernel did not\n properly handle private syscall numbers during use of the ftrace\n subsystem, which allowed local users to gain privileges or cause a denial\n of service (invalid pointer dereference) via a crafted application.\n\n CVE-2013-7263: The Linux kernel updated certain length values before\n ensuring that associated data structures have been initialized, which\n allowed local users to obtain sensitive information from kernel stack\n memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call,\n related to net/ipv4/ping.c, net/ipv4/raw.c, net/ipv4/udp.c,\n net/ipv6/raw.c, and net/ipv6/udp.c. This update fixes the leak of the port\n number when using ipv6 sockets. (bsc#853040).\n\n CVE-2014-6410: The __udf_read_inode function in fs/udf/inode.c in the\n Linux kernel did not restrict the amount of ICB indirection, which allowed\n physically proximate attackers to cause a denial of service (infinite loop\n or stack consumption) via a UDF filesystem with a crafted inode.\n\n CVE-2014-5471: Stack consumption vulnerability in the\n parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux\n kernel allowed local users to cause a denial of service (uncontrolled\n recursion, and system crash or reboot) via a crafted iso9660 image with a\n CL entry referring to a directory entry that has a CL entry.\n\n CVE-2014-5472: The parse_rock_ridge_inode_internal function in\n fs/isofs/rock.c in the Linux kernel allowed local users to cause a denial\n of service (unkillable mount process) via a crafted iso9660 image with a\n self-referential CL entry.\n\n CVE-2014-4508: arch/x86/kernel/entry_32.S in the Linux kernel on 32-bit\n x86 platforms, when syscall auditing is enabled and the sep CPU feature\n flag is set, allowed local users to cause a denial of service (OOPS and\n system crash) via an invalid syscall number, as demonstrated by number\n 1000.\n\n CVE-2014-4943: The PPPoL2TP feature in net/l2tp/l2tp_ppp.c in the Linux\n kernel allowed local users to gain privileges by leveraging data-structure\n differences between an l2tp socket and an inet socket.\n\n CVE-2014-5077: The sctp_assoc_update function in net/sctp/associola.c in\n the Linux kernel, when SCTP authentication is enabled, allowed remote\n attackers to cause a denial of service (NULL pointer dereference and OOPS)\n by starting to establish an association between two endpoints immediately\n after an exchange of INIT and INIT ACK chunks to establish an earlier\n association between these endpoints in the opposite direction.\n\n CVE-2014-4171: mm/shmem.c in the Linux kernel did not properly implement\n the interaction between range notification and hole punching, which\n allowed local users to cause a denial of service (i_mutex hold) by using\n the mmap system call to access a hole, as demonstrated by interfering with\n intended shmem activity by blocking completion of (1) an MADV_REMOVE\n madvise call or (2) an FALLOC_FL_PUNCH_HOLE fallocate call.\n\n\n\n CVE-2013-2888, CVE-2013-2889, CVE-2013-2890, CVE-2013-2891, CVE-2013-2892,\n CVE-2013-2893, CVE-2013-2894, CVE-2013-2895, CVE-2013-2896, CVE-2013-2897,\n CVE-2013-2898, CVE-2013-2899: Multiple issues in the Human Interface\n Device (HID) subsystem in the Linux kernel allowed physically proximate\n attackers to cause a denial of service\n or system crash via (heap-based out-of-bounds write) via a crafted device.\n (Not seperately listed.)\n\n Other bugfixes:\n - xfs: mark all internal workqueues as freezable (bnc#899785).\n\n - target/rd: Refactor rd_build_device_space + rd_release_device_space\n (bnc#882639)\n\n - Enable CONFIG_ATH9K_HTC for armv7hl/omap2plus config (bnc#890624)\n\n - swiotlb: don't assume PA 0 is invalid (bnc#865882).\n\n - drm/i915: Apply alignment restrictions on scanout surfaces for VT-d\n (bnc#818561).\n\n - tg3: Change nvram command timeout value to 50ms (bnc#768714).\n - tg3: Override clock, link aware and link idle mode during NVRAM dump\n (bnc#768714).\n - tg3: Set the MAC clock to the fastest speed during boot code load\n (bnc#768714).\n\n", "published": "2014-12-19T19:04:46", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00019.html", "cvelist": ["CVE-2014-5077", "CVE-2013-2894", "CVE-2014-3182", "CVE-2013-2896", "CVE-2013-2898", "CVE-2014-3186", "CVE-2014-9090", "CVE-2014-7841", "CVE-2013-2891", "CVE-2013-2892", "CVE-2014-4508", "CVE-2014-4943", "CVE-2014-9322", "CVE-2014-3181", "CVE-2014-8709", "CVE-2014-4171", "CVE-2014-5472", "CVE-2014-3185", "CVE-2013-2897", "CVE-2013-2890", "CVE-2014-8884", "CVE-2013-2899", "CVE-2014-4608", "CVE-2013-7263", "CVE-2014-6410", "CVE-2014-5471", "CVE-2014-8133", "CVE-2013-2895", "CVE-2014-7826", "CVE-2013-2888", "CVE-2013-2889", "CVE-2013-2893", "CVE-2014-3184"], "lastseen": "2016-09-04T11:41:56"}, {"id": "SUSE-SU-2015:0481-1", "type": "suse", "title": "Security update for Linux kernel (important)", "description": "The SUSE Linux Enterprise 11 Service Pack 2 LTSS kernel has been updated\n to fix security issues on kernels on the x86_64 architecture.\n\n The following security bugs have been fixed:\n\n * CVE-2012-4398: The __request_module function in kernel/kmod.c in the\n Linux kernel before 3.4 did not set a certain killable attribute,\n which allowed local users to cause a denial of service (memory\n consumption) via a crafted application (bnc#779488).\n * CVE-2013-2893: The Human Interface Device (HID) subsystem in the\n Linux kernel through 3.11, when CONFIG_LOGITECH_FF,\n CONFIG_LOGIG940_FF, or CONFIG_LOGIWHEELS_FF is enabled, allowed\n physically proximate attackers to cause a denial of service\n (heap-based out-of-bounds write) via a crafted device, related to\n (1) drivers/hid/hid-lgff.c, (2) drivers/hid/hid-lg3ff.c, and (3)\n drivers/hid/hid-lg4ff.c (bnc#835839).\n * CVE-2013-2897: Multiple array index errors in\n drivers/hid/hid-multitouch.c in the Human Interface Device (HID)\n subsystem in the Linux kernel through 3.11, when\n CONFIG_HID_MULTITOUCH is enabled, allowed physically proximate\n attackers to cause a denial of service (heap memory corruption, or\n NULL pointer dereference and OOPS) via a crafted device (bnc#835839).\n * CVE-2013-2899: drivers/hid/hid-picolcd_core.c in the Human Interface\n Device (HID) subsystem in the Linux kernel through 3.11, when\n CONFIG_HID_PICOLCD is enabled, allowed physically proximate\n attackers to cause a denial of service (NULL pointer dereference and\n OOPS) via a crafted device (bnc#835839).\n * CVE-2013-2929: The Linux kernel before 3.12.2 did not properly use\n the get_dumpable function, which allowed local users to bypass\n intended ptrace restrictions or obtain sensitive information from\n IA64 scratch registers via a crafted application, related to\n kernel/ptrace.c and arch/ia64/include/asm/processor.h (bnc#847652).\n * CVE-2013-7263: The Linux kernel before 3.12.4 updates certain length\n values before ensuring that associated data structures have been\n initialized, which allowed local users to obtain sensitive\n information from kernel stack memory via a (1) recvfrom, (2)\n recvmmsg, or (3) recvmsg system call, related to net/ipv4/ping.c,\n net/ipv4/raw.c, net/ipv4/udp.c, net/ipv6/raw.c, and net/ipv6/udp.c\n (bnc#857643).\n * CVE-2014-0131: Use-after-free vulnerability in the skb_segment\n function in net/core/skbuff.c in the Linux kernel through 3.13.6\n allowed attackers to obtain sensitive information from kernel memory\n by leveraging the absence of a certain orphaning operation\n (bnc#867723).\n * CVE-2014-0181: The Netlink implementation in the Linux kernel\n through 3.14.1 did not provide a mechanism for authorizing socket\n operations based on the opener of a socket, which allowed local\n users to bypass intended access restrictions and modify network\n configurations by using a Netlink socket for the (1) stdout or (2)\n stderr of a setuid program (bnc#875051).\n * CVE-2014-2309: The ip6_route_add function in net/ipv6/route.c in the\n Linux kernel through 3.13.6 did not properly count the addition of\n routes, which allowed remote attackers to cause a denial of service\n (memory consumption) via a flood of ICMPv6 Router Advertisement\n packets (bnc#867531).\n * CVE-2014-3181: Multiple stack-based buffer overflows in the\n magicmouse_raw_event function in drivers/hid/hid-magicmouse.c in the\n Magic Mouse HID driver in the Linux kernel through 3.16.3 allowed\n physically proximate attackers to cause a denial of service (system\n crash) or possibly execute arbitrary code via a crafted device that\n provides a large amount of (1) EHCI or (2) XHCI data associated with\n an event (bnc#896382).\n * CVE-2014-3184: The report_fixup functions in the HID subsystem in\n the Linux kernel before 3.16.2 might have allowed physically\n proximate attackers to cause a denial of service (out-of-bounds\n write) via a crafted device that provides a small report descriptor,\n related to (1) drivers/hid/hid-cherry.c, (2) drivers/hid/hid-kye.c,\n (3) drivers/hid/hid-lg.c, (4) drivers/hid/hid-monterey.c, (5)\n drivers/hid/hid-petalynx.c, and (6) drivers/hid/hid-sunplus.c\n (bnc#896390).\n * CVE-2014-3185: Multiple buffer overflows in the\n command_port_read_callback function in\n drivers/usb/serial/whiteheat.c in the Whiteheat USB Serial Driver in\n the Linux kernel before 3.16.2 allowed physically proximate\n attackers to execute arbitrary code or cause a denial of service\n (memory corruption and system crash) via a crafted device that\n provides a large amount of (1) EHCI or (2) XHCI data associated with\n a bulk response (bnc#896391).\n * CVE-2014-3186: Buffer overflow in the picolcd_raw_event function in\n devices/hid/hid-picolcd_core.c in the PicoLCD HID device driver in\n the Linux kernel through 3.16.3, as used in Android on Nexus 7\n devices, allowed physically proximate attackers to cause a denial of\n service (system crash) or possibly execute arbitrary code via a\n crafted device that sends a large report (bnc#896392).\n * CVE-2014-3601: The kvm_iommu_map_pages function in virt/kvm/iommu.c\n in the Linux kernel through 3.16.1 miscalculates the number of pages\n during the handling of a mapping failure, which allowed guest OS\n users to (1) cause a denial of service (host OS memory corruption)\n or possibly have unspecified other impact by triggering a large gfn\n value or (2) cause a denial of service (host OS memory consumption)\n by triggering a small gfn value that leads to permanently pinned\n pages (bnc#892782).\n * CVE-2014-3610: The WRMSR processing functionality in the KVM\n subsystem in the Linux kernel through 3.17.2 did not properly handle\n the writing of a non-canonical address to a model-specific register,\n which allowed guest OS users to cause a denial of service (host OS\n crash) by leveraging guest OS privileges, related to the\n wrmsr_interception function in arch/x86/kvm/svm.c and the\n handle_wrmsr function in arch/x86/kvm/vmx.c (bnc#899192).\n * CVE-2014-3646: arch/x86/kvm/vmx.c in the KVM subsystem in the Linux\n kernel through 3.17.2 did not have an exit handler for the INVVPID\n instruction, which allowed guest OS users to cause a denial of\n service (guest OS crash) via a crafted application (bnc#899192).\n * CVE-2014-3647: arch/x86/kvm/emulate.c in the KVM subsystem in the\n Linux kernel through 3.17.2 did not properly perform RIP changes,\n which allowed guest OS users to cause a denial of service (guest OS\n crash) via a crafted application (bnc#899192).\n * CVE-2014-3673: The SCTP implementation in the Linux kernel through\n 3.17.2 allowed remote attackers to cause a denial of service (system\n crash) via a malformed ASCONF chunk, related to\n net/sctp/sm_make_chunk.c and net/sctp/sm_statefuns.c (bnc#902346).\n * CVE-2014-3687: The sctp_assoc_lookup_asconf_ack function in\n net/sctp/associola.c in the SCTP implementation in the Linux kernel\n through 3.17.2 allowed remote attackers to cause a denial of service\n (panic) via duplicate ASCONF chunks that trigger an incorrect uncork\n within the side-effect interpreter (bnc#902349).\n * CVE-2014-3688: The SCTP implementation in the Linux kernel before\n 3.17.4 allowed remote attackers to cause a denial of service (memory\n consumption) by triggering a large number of chunks in an\n associations output queue, as demonstrated by ASCONF probes, related\n to net/sctp/inqueue.c and net/sctp/sm_statefuns.c (bnc#902351).\n * CVE-2014-3690: arch/x86/kvm/vmx.c in the KVM subsystem in the Linux\n kernel before 3.17.2 on Intel processors did not ensure that the\n value in the CR4 control register remains the same after a VM entry,\n which allowed host OS users to kill arbitrary processes or cause a\n denial of service (system disruption) by leveraging /dev/kvm access,\n as demonstrated by PR_SET_TSC prctl calls within a modified copy of\n QEMU (bnc#902232).\n * CVE-2014-4608: Multiple integer overflows in the\n lzo1x_decompress_safe function in lib/lzo/lzo1x_decompress_safe.c in\n the LZO decompressor in the Linux kernel before 3.15.2 allowed\n context-dependent attackers to cause a denial of service (memory\n corruption) via a crafted Literal Run (bnc#883948).\n * CVE-2014-4943: The PPPoL2TP feature in net/l2tp/l2tp_ppp.c in the\n Linux kernel through 3.15.6 allowed local users to gain privileges\n by leveraging data-structure differences between an l2tp socket and\n an inet socket (bnc#887082).\n * CVE-2014-5471: Stack consumption vulnerability in the\n parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the\n Linux kernel through 3.16.1 allowed local users to cause a denial of\n service (uncontrolled recursion, and system crash or reboot) via a\n crafted iso9660 image with a CL entry referring to a directory entry\n that has a CL entry (bnc#892490).\n * CVE-2014-5472: The parse_rock_ridge_inode_internal function in\n fs/isofs/rock.c in the Linux kernel through 3.16.1 allowed local\n users to cause a denial of service (unkillable mount process) via a\n crafted iso9660 image with a self-referential CL entry (bnc#892490).\n * CVE-2014-7826: kernel/trace/trace_syscalls.c in the Linux kernel\n through 3.17.2 did not properly handle private syscall numbers\n during use of the ftrace subsystem, which allowed local users to\n gain privileges or cause a denial of service (invalid pointer\n dereference) via a crafted application (bnc#904013).\n * CVE-2014-7841: The sctp_process_param function in\n net/sctp/sm_make_chunk.c in the SCTP implementation in the Linux\n kernel before 3.17.4, when ASCONF is used, allowed remote attackers\n to cause a denial of service (NULL pointer dereference and system\n crash) via a malformed INIT chunk (bnc#905100).\n * CVE-2014-7842: Race condition in arch/x86/kvm/x86.c in the Linux\n kernel before 3.17.4 allowed guest OS users to cause a denial of\n service (guest OS crash) via a crafted application that performs an\n MMIO transaction or a PIO transaction to trigger a guest userspace\n emulation error report, a similar issue to CVE-2010-5313\n (bnc#905312).\n * CVE-2014-8134: The paravirt_ops_setup function in\n arch/x86/kernel/kvm.c in the Linux kernel through 3.18 uses an\n improper paravirt_enabled setting for KVM guest kernels, which made\n it easier for guest OS users to bypass the ASLR protection mechanism\n via a crafted application that reads a 16-bit value (bnc#909078).\n * CVE-2014-8369: The kvm_iommu_map_pages function in virt/kvm/iommu.c\n in the Linux kernel through 3.17.2 miscalculates the number of pages\n during the handling of a mapping failure, which allowed guest OS\n users to cause a denial of service (host OS page unpinning) or\n possibly have unspecified other impact by leveraging guest OS\n privileges. NOTE: this vulnerability exists because of an incorrect\n fix for CVE-2014-3601 (bnc#902675).\n * CVE-2014-8559: The d_walk function in fs/dcache.c in the Linux\n kernel through 3.17.2 did not properly maintain the semantics of\n rename_lock, which allowed local users to cause a denial of service\n (deadlock and system hang) via a crafted application (bnc#903640).\n * CVE-2014-8709: The ieee80211_fragment function in net/mac80211/tx.c\n in the Linux kernel before 3.13.5 did not properly maintain a\n certain tail pointer, which allowed remote attackers to obtain\n sensitive cleartext information by reading packets (bnc#904700).\n * CVE-2014-9584: The parse_rock_ridge_inode_internal function in\n fs/isofs/rock.c in the Linux kernel before 3.18.2 did not validate a\n length value in the Extensions Reference (ER) System Use Field,\n which allowed local users to obtain sensitive information from\n kernel memory via a crafted iso9660 image (bnc#912654).\n * CVE-2014-9585: The vdso_addr function in arch/x86/vdso/vma.c in the\n Linux kernel through 3.18.2 did not properly choose memory locations\n for the vDSO area, which made it easier for local users to bypass\n the ASLR protection mechanism by guessing a location at the end of a\n PMD (bnc#912705).\n\n The following non-security bugs have been fixed:\n\n * Fix HDIO_DRIVE_* ioctl() Linux 3.9 regression (bnc#833588,\n bnc#905799).\n * HID: add usage_index in struct hid_usage (bnc#835839).\n * Revert PM / reboot: call syscore_shutdown() after\n disable_nonboot_cpus() Reduce time to shutdown large machines\n (bnc#865442 bnc#907396).\n * Revert kernel/sys.c: call disable_nonboot_cpus() in kernel_restart()\n Reduce time to shutdown large machines (bnc#865442 bnc#907396).\n * dm-mpath: fix panic on deleting sg device (bnc#870161).\n * futex: Unlock hb->lock in futex_wait_requeue_pi() error path (fix\n bnc#880892).\n * handle more than just WS2008 in heartbeat negotiation (bnc#901885).\n * memcg: do not expose uninitialized mem_cgroup_per_node to world\n (bnc#883096).\n * mm: fix BUG in __split_huge_page_pmd (bnc#906586).\n * pagecachelimit: reduce lru_lock congestion for heavy parallel\n reclaim fix (bnc#895680, bnc#907189).\n * s390/3215: fix hanging console issue (bnc#898693, bnc#897995,\n LTC#115466).\n * s390/cio: improve cio_commit_config (bnc#864049, bnc#898693,\n LTC#104168).\n * scsi_dh_alua: disable ALUA handling for non-disk devices\n (bnc#876633).\n * target/rd: Refactor rd_build_device_space + rd_release_device_space.\n * timekeeping: Avoid possible deadlock from clock_was_set_delayed\n (bnc#771619, bnc#915335).\n * xfs: recheck buffer pinned status after push trylock failure\n (bnc#907338).\n * xfs: remove log force from xfs_buf_trylock() (bnc#907338).\n\n Security Issues:\n\n * CVE-2012-4398\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4398\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4398</a>>\n * CVE-2013-2893\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2893\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2893</a>>\n * CVE-2013-2897\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2897\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2897</a>>\n * CVE-2013-2899\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2899\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2899</a>>\n * CVE-2013-2929\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2929\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2929</a>>\n * CVE-2013-7263\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7263\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7263</a>>\n * CVE-2014-0131\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0131\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0131</a>>\n * CVE-2014-0181\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0181\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0181</a>>\n * CVE-2014-2309\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2309\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2309</a>>\n * CVE-2014-3181\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3181\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3181</a>>\n * CVE-2014-3184\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3184\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3184</a>>\n * CVE-2014-3185\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3185\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3185</a>>\n * CVE-2014-3186\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3186\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3186</a>>\n * CVE-2014-3601\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3601\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3601</a>>\n * CVE-2014-3610\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3610\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3610</a>>\n * CVE-2014-3646\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3646\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3646</a>>\n * CVE-2014-3647\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3647\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3647</a>>\n * CVE-2014-3673\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3673\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3673</a>>\n * CVE-2014-3687\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3687\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3687</a>>\n * CVE-2014-3688\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3688\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3688</a>>\n * CVE-2014-3690\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3690\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3690</a>>\n * CVE-2014-4608\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4608\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4608</a>>\n * CVE-2014-4943\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4943\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4943</a>>\n * CVE-2014-5471\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5471\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5471</a>>\n * CVE-2014-5472\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5472\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5472</a>>\n * CVE-2014-7826\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7826\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7826</a>>\n * CVE-2014-7841\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7841\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7841</a>>\n * CVE-2014-7842\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7842\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7842</a>>\n * CVE-2014-8134\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8134\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8134</a>>\n * CVE-2014-8369\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8369\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8369</a>>\n * CVE-2014-8559\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8559\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8559</a>>\n * CVE-2014-8709\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8709\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8709</a>>\n * CVE-2014-9584\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9584\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9584</a>>\n * CVE-2014-9585\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9585\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9585</a>>\n", "published": "2015-03-11T20:05:42", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html", "cvelist": ["CVE-2014-3646", "CVE-2014-8369", "CVE-2014-0131", "CVE-2010-5313", "CVE-2014-8134", "CVE-2014-3186", "CVE-2014-3673", "CVE-2014-3688", "CVE-2013-2929", "CVE-2014-7841", "CVE-2014-3647", "CVE-2014-3610", "CVE-2014-4943", "CVE-2014-3181", "CVE-2014-8709", "CVE-2014-5472", "CVE-2014-3185", "CVE-2013-2897", "CVE-2014-8559", "CVE-2014-3601", "CVE-2014-2309", "CVE-2013-2899", "CVE-2014-4608", "CVE-2014-9584", "CVE-2013-7263", "CVE-2014-0181", "CVE-2014-3690", "CVE-2012-4398", "CVE-2014-5471", "CVE-2014-7842", "CVE-2014-7826", "CVE-2014-9585", "CVE-2013-2893", "CVE-2014-3184", "CVE-2014-3687"], "lastseen": "2016-09-04T11:50:51"}, {"id": "OPENSUSE-SU-2015:0566-1", "type": "suse", "title": "kernel update for Evergreen 11.4, includes leap second deadlock fix (important)", "description": "kernel update for Evergreen 11.4, includes leap second deadlock fix and\n fixes for other security and stability issues\n\n", "published": "2015-03-21T15:04:43", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html", "cvelist": ["CVE-2014-3646", "CVE-2014-8369", "CVE-2014-0131", "CVE-2014-8134", "CVE-2014-3186", "CVE-2014-3673", "CVE-2014-9090", "CVE-2014-3688", "CVE-2013-2929", "CVE-2014-7841", "CVE-2014-4508", "CVE-2014-3647", "CVE-2014-3610", "CVE-2014-4943", "CVE-2014-9322", "CVE-2014-3181", "CVE-2014-8709", "CVE-2014-5472", "CVE-2014-3185", "CVE-2013-2897", "CVE-2014-8559", "CVE-2014-3601", "CVE-2014-2309", "CVE-2013-2899", "CVE-2014-4608", "CVE-2014-9584", "CVE-2013-7263", "CVE-2014-0181", "CVE-2014-3690", "CVE-2012-4398", "CVE-2014-5471", "CVE-2014-8133", "CVE-2014-7842", "CVE-2014-7826", "CVE-2014-9585", "CVE-2013-2893", "CVE-2014-3184", "CVE-2014-3687"], "lastseen": "2016-09-04T11:56:36"}, {"id": "SUSE-SU-2014:0536-1", "type": "suse", "title": "Security update for Linux kernel (important)", "description": "The SUSE Linux Enterprise Server 10 Service Pack 4 LTSS\n kernel has been updated to fix various security issues and\n several bugs.\n\n The following security issues have been addressed:\n\n *\n\n CVE-2011-2492: The bluetooth subsystem in the Linux\n kernel before 3.0-rc4 does not properly initialize certain\n data structures, which allows local users to obtain\n potentially sensitive information from kernel memory via a\n crafted getsockopt system call, related to (1) the\n l2cap_sock_getsockopt_old function in\n net/bluetooth/l2cap_sock.c and (2) the\n rfcomm_sock_getsockopt_old function in\n net/bluetooth/rfcomm/sock.c. (bnc#702014)\n\n *\n\n CVE-2011-2494: kernel/taskstats.c in the Linux kernel\n before 3.1 allows local users to obtain sensitive I/O\n statistics by sending taskstats commands to a netlink\n socket, as demonstrated by discovering the length of\n another user's password. (bnc#703156)\n\n *\n\n CVE-2012-6537: net/xfrm/xfrm_user.c in the Linux\n kernel before 3.6 does not initialize certain structures,\n which allows local users to obtain sensitive information\n from kernel memory by leveraging the CAP_NET_ADMIN\n capability. (bnc#809889)\n\n *\n\n CVE-2012-6539: The dev_ifconf function in\n net/socket.c in the Linux kernel before 3.6 does not\n initialize a certain structure, which allows local users to\n obtain sensitive information from kernel stack memory via a\n crafted application. (bnc#809891)\n\n *\n\n CVE-2012-6540: The do_ip_vs_get_ctl function in\n net/netfilter/ipvs/ip_vs_ctl.c in the Linux kernel before\n 3.6 does not initialize a certain structure for\n IP_VS_SO_GET_TIMEOUT commands, which allows local users to\n obtain sensitive information from kernel stack memory via a\n crafted application. (bnc#809892)\n\n *\n\n CVE-2012-6541: The ccid3_hc_tx_getsockopt function in\n net/dccp/ccids/ccid3.c in the Linux kernel before 3.6 does\n not initialize a certain structure, which allows local\n users to obtain sensitive information from kernel stack\n memory via a crafted application. (bnc#809893)\n\n *\n\n CVE-2012-6542: The llc_ui_getname function in\n net/llc/af_llc.c in the Linux kernel before 3.6 has an\n incorrect return value in certain circumstances, which\n allows local users to obtain sensitive information from\n kernel stack memory via a crafted application that\n leverages an uninitialized pointer argument. (bnc#809894)\n\n *\n\n CVE-2012-6544: The Bluetooth protocol stack in the\n Linux kernel before 3.6 does not properly initialize\n certain structures, which allows local users to obtain\n sensitive information from kernel stack memory via a\n crafted application that targets the (1) L2CAP or (2) HCI\n implementation. (bnc#809898)\n\n *\n\n CVE-2012-6545: The Bluetooth RFCOMM implementation in\n the Linux kernel before 3.6 does not properly initialize\n certain structures, which allows local users to obtain\n sensitive information from kernel memory via a crafted\n application. (bnc#809899)\n\n *\n\n CVE-2012-6546: The ATM implementation in the Linux\n kernel before 3.6 does not initialize certain structures,\n which allows local users to obtain sensitive information\n from kernel stack memory via a crafted application.\n (bnc#809900)\n\n *\n\n CVE-2012-6547: The __tun_chr_ioctl function in\n drivers/net/tun.c in the Linux kernel before 3.6 does not\n initialize a certain structure, which allows local users to\n obtain sensitive information from kernel stack memory via a\n crafted application. (bnc#809901)\n\n *\n\n CVE-2012-6549: The isofs_export_encode_fh function in\n fs/isofs/export.c in the Linux kernel before 3.6 does not\n initialize a certain structure member, which allows local\n users to obtain sensitive information from kernel heap\n memory via a crafted application. (bnc#809903)\n\n *\n\n CVE-2013-0343: The ipv6_create_tempaddr function in\n net/ipv6/addrconf.c in the Linux kernel through 3.8 does\n not properly handle problems with the generation of IPv6\n temporary addresses, which allows remote attackers to cause\n a denial of service (excessive retries and\n address-generation outage), and consequently obtain\n sensitive information, via ICMPv6 Router Advertisement (RA)\n messages. (bnc#805226)\n\n *\n\n CVE-2013-0914: The flush_signal_handlers function in\n kernel/signal.c in the Linux kernel before 3.8.4 preserves\n the value of the sa_restorer field across an exec\n operation, which makes it easier for local users to bypass\n the ASLR protection mechanism via a crafted application\n containing a sigaction system call. (bnc#808827)\n\n *\n\n CVE-2013-1827: net/dccp/ccid.h in the Linux kernel\n before 3.5.4 allows local users to gain privileges or cause\n a denial of service (NULL pointer dereference and system\n crash) by leveraging the CAP_NET_ADMIN capability for a\n certain (1) sender or (2) receiver getsockopt call.\n (bnc#811354)\n\n *\n\n CVE-2013-2141: The do_tkill function in\n kernel/signal.c in the Linux kernel before 3.8.9 does not\n initialize a certain data structure, which allows local\n users to obtain sensitive information from kernel memory\n via a crafted application that makes a (1) tkill or (2)\n tgkill system call. (bnc#823267)\n\n *\n\n CVE-2013-2164: The mmc_ioctl_cdrom_read_data function\n in drivers/cdrom/cdrom.c in the Linux kernel through 3.10\n allows local users to obtain sensitive information from\n kernel memory via a read operation on a malfunctioning\n CD-ROM drive. (bnc#824295)\n\n *\n\n CVE-2013-2206: The sctp_sf_do_5_2_4_dupcook function\n in net/sctp/sm_statefuns.c in the SCTP implementation in\n the Linux kernel before 3.8.5 does not properly handle\n associations during the processing of a duplicate COOKIE\n ECHO chunk, which allows remote attackers to cause a denial\n of service (NULL pointer dereference and system crash) or\n possibly have unspecified other impact via crafted SCTP\n traffic. (bnc#826102)\n\n *\n\n CVE-2013-2232: The ip6_sk_dst_check function in\n net/ipv6/ip6_output.c in the Linux kernel before 3.10\n allows local users to cause a denial of service (system\n crash) by using an AF_INET6 socket for a connection to an\n IPv4 interface. (bnc#827750)\n\n *\n\n CVE-2013-2234: The (1) key_notify_sa_flush and (2)\n key_notify_policy_flush functions in net/key/af_key.c in\n the Linux kernel before 3.10 do not initialize certain\n structure members, which allows local users to obtain\n sensitive information from kernel heap memory by reading a\n broadcast message from the notify interface of an IPSec\n key_socket. (bnc#827749)\n\n *\n\n CVE-2013-2237: The key_notify_policy_flush function\n in net/key/af_key.c in the Linux kernel before 3.9 does not\n initialize a certain structure member, which allows local\n users to obtain sensitive information from kernel heap\n memory by reading a broadcast message from the\n notify_policy interface of an IPSec key_socket. (bnc#828119)\n\n *\n\n CVE-2013-2888: Multiple array index errors in\n drivers/hid/hid-core.c in the Human Interface Device (HID)\n subsystem in the Linux kernel through 3.11 allow physically\n proximate attackers to execute arbitrary code or cause a\n denial of service (heap memory corruption) via a crafted\n device that provides an invalid Report ID. (bnc#835839)\n\n *\n\n CVE-2013-2893: The Human Interface Device (HID)\n subsystem in the Linux kernel through 3.11, when\n CONFIG_LOGITECH_FF, CONFIG_LOGIG940_FF, or\n CONFIG_LOGIWHEELS_FF is enabled, allows physically\n proximate attackers to cause a denial of service\n (heap-based out-of-bounds write) via a crafted device,\n related to (1) drivers/hid/hid-lgff.c, (2)\n drivers/hid/hid-lg3ff.c, and (3) drivers/hid/hid-lg4ff.c.\n (bnc#835839)\n\n *\n\n CVE-2013-2897: Multiple array index errors in\n drivers/hid/hid-multitouch.c in the Human Interface Device\n (HID) subsystem in the Linux kernel through 3.11, when\n CONFIG_HID_MULTITOUCH is enabled, allow physically\n proximate attackers to cause a denial of service (heap\n memory corruption, or NULL pointer dereference and OOPS)\n via a crafted device. (bnc#835839)\n\n *\n\n CVE-2013-3222: The vcc_recvmsg function in\n net/atm/common.c in the Linux kernel before 3.9-rc7 does\n not initialize a certain length variable, which allows\n local users to obtain sensitive information from kernel\n stack memory via a crafted recvmsg or recvfrom system call.\n (bnc#816668)\n\n *\n\n CVE-2013-3223: The ax25_recvmsg function in\n net/ax25/af_ax25.c in the Linux kernel before 3.9-rc7 does\n not initialize a certain data structure, which allows local\n users to obtain sensitive information from kernel stack\n memory via a crafted recvmsg or recvfrom system call.\n (bnc#816668)\n\n *\n\n CVE-2013-3224: The bt_sock_recvmsg function in\n net/bluetooth/af_bluetooth.c in the Linux kernel before\n 3.9-rc7 does not properly initialize a certain length\n variable, which allows local users to obtain sensitive\n information from kernel stack memory via a crafted recvmsg\n or recvfrom system call. (bnc#816668)\n\n *\n\n CVE-2013-3228: The irda_recvmsg_dgram function in\n net/irda/af_irda.c in the Linux kernel before 3.9-rc7 does\n not initialize a certain length variable, which allows\n local users to obtain sensitive information from kernel\n stack memory via a crafted recvmsg or recvfrom system call.\n (bnc#816668)\n\n *\n\n CVE-2013-3229: The iucv_sock_recvmsg function in\n net/iucv/af_iucv.c in the Linux kernel before 3.9-rc7 does\n not initialize a certain length variable, which allows\n local users to obtain sensitive information from kernel\n stack memory via a crafted recvmsg or recvfrom system call.\n (bnc#816668)\n\n *\n\n CVE-2013-3231: The llc_ui_recvmsg function in\n net/llc/af_llc.c in the Linux kernel before 3.9-rc7 does\n not initialize a certain length variable, which allows\n local users to obtain sensitive information from kernel\n stack memory via a crafted recvmsg or recvfrom system call.\n (bnc#816668)\n\n *\n\n CVE-2013-3232: The nr_recvmsg function in\n net/netrom/af_netrom.c in the Linux kernel before 3.9-rc7\n does not initialize a certain data structure, which allows\n local users to obtain sensitive information from kernel\n stack memory via a crafted recvmsg or recvfrom system call.\n (bnc#816668)\n\n *\n\n CVE-2013-3234: The rose_recvmsg function in\n net/rose/af_rose.c in the Linux kernel before 3.9-rc7 does\n not initialize a certain data structure, which allows local\n users to obtain sensitive information from kernel stack\n memory via a crafted recvmsg or recvfrom system call.\n (bnc#816668)\n\n *\n\n CVE-2013-3235: net/tipc/socket.c in the Linux kernel\n before 3.9-rc7 does not initialize a certain data structure\n and a certain length variable, which allows local users to\n obtain sensitive information from kernel stack memory via a\n crafted recvmsg or recvfrom system call. (bnc#816668)\n\n *\n\n CVE-2013-4162: The udp_v6_push_pending_frames\n function in net/ipv6/udp.c in the IPv6 implementation in\n the Linux kernel through 3.10.3 makes an incorrect function\n call for pending data, which allows local users to cause a\n denial of service (BUG and system crash) via a crafted\n application that uses the UDP_CORK option in a setsockopt\n system call. (bnc#831058)\n\n *\n\n CVE-2013-4387: net/ipv6/ip6_output.c in the Linux\n kernel through 3.11.4 does not properly determine the need\n for UDP Fragmentation Offload (UFO) processing of small\n packets after the UFO queueing of a large packet, which\n allows remote attackers to cause a denial of service\n (memory corruption and system crash) or possibly have\n unspecified other impact via network traffic that triggers\n a large response packet. (bnc#843430)\n\n *\n\n CVE-2013-4470: The Linux kernel before 3.12, when UDP\n Fragmentation Offload (UFO) is enabled, does not properly\n initialize certain data structures, which allows local\n users to cause a denial of service (memory corruption and\n system crash) or possibly gain privileges via a crafted\n application that uses the UDP_CORK option in a setsockopt\n system call and sends both short and long packets, related\n to the ip_ufo_append_data function in net/ipv4/ip_output.c\n and the ip6_ufo_append_data function in\n net/ipv6/ip6_output.c. (bnc#847672)\n\n *\n\n CVE-2013-4483: The ipc_rcu_putref function in\n ipc/util.c in the Linux kernel before 3.10 does not\n properly manage a reference count, which allows local users\n to cause a denial of service (memory consumption or system\n crash) via a crafted application. (bnc#848321)\n\n *\n\n CVE-2013-4588: Multiple stack-based buffer overflows\n in net/netfilter/ipvs/ip_vs_ctl.c in the Linux kernel\n before 2.6.33, when CONFIG_IP_VS is used, allow local users\n to gain privileges by leveraging the CAP_NET_ADMIN\n capability for (1) a getsockopt system call, related to the\n do_ip_vs_get_ctl function, or (2) a setsockopt system call,\n related to the do_ip_vs_set_ctl function. (bnc#851095)\n\n *\n\n CVE-2013-6383: The aac_compat_ioctl function in\n drivers/scsi/aacraid/linit.c in the Linux kernel before\n 3.11.8 does not require the CAP_SYS_RAWIO capability, which\n allows local users to bypass intended access restrictions\n via a crafted ioctl call. (bnc#852558)\n\n *\n\n CVE-2014-1444: The fst_get_iface function in\n drivers/net/wan/farsync.c in the Linux kernel before 3.11.7\n does not properly initialize a certain data structure,\n which allows local users to obtain sensitive information\n from kernel memory by leveraging the CAP_NET_ADMIN\n capability for an SIOCWANDEV ioctl call. (bnc#858869)\n\n *\n\n CVE-2014-1445: The wanxl_ioctl function in\n drivers/net/wan/wanxl.c in the Linux kernel before 3.11.7\n does not properly initialize a certain data structure,\n which allows local users to obtain sensitive information\n from kernel memory via an ioctl call. (bnc#858870)\n\n *\n\n CVE-2014-1446: The yam_ioctl function in\n drivers/net/hamradio/yam.c in the Linux kernel before\n 3.12.8 does not initialize a certain structure member,\n which allows local users to obtain sensitive information\n from kernel memory by leveraging the CAP_NET_ADMIN\n capability for an SIOCYAMGCFG ioctl call. (bnc#858872)\n\n Also the following non-security bugs have been fixed:\n\n * kernel: Remove newline from execve audit log\n (bnc#827855).\n * kernel: sclp console hangs (bnc#830344, LTC#95711).\n * kernel: fix flush_tlb_kernel_range (bnc#825052,\n LTC#94745).\n *\n\n kernel: lost IPIs on CPU hotplug (bnc#825052,\n LTC#94784).\n\n *\n\n sctp: deal with multiple COOKIE_ECHO chunks\n (bnc#826102).\n\n * net: Uninline kfree_skb and allow NULL argument\n (bnc#853501).\n * netback: don't disconnect frontend when seeing\n oversize packet.\n *\n\n netfront: reduce gso_max_size to account for max TCP\n header.\n\n *\n\n fs/dcache: Avoid race in d_splice_alias and vfs_rmdir\n (bnc#845028).\n\n * fs/proc: proc_task_lookup() fix memory pinning\n (bnc#827362 bnc#849765).\n * blkdev_max_block: make private to fs/buffer.c\n (bnc#820338).\n * vfs: avoid "attempt to access beyond end of device"\n warnings (bnc#820338).\n * vfs: fix O_DIRECT read past end of block device\n (bnc#820338).\n * cifs: don't use CIFSGetSrvInodeNumber in\n is_path_accessible (bnc#832603).\n * xfs: Fix kABI breakage caused by AIL list\n transformation (bnc#806219).\n * xfs: Replace custom AIL linked-list code with struct\n list_head (bnc#806219).\n * reiserfs: fix problems with chowning setuid file w/\n xattrs (bnc#790920).\n * reiserfs: fix spurious multiple-fill in\n reiserfs_readdir_dentry (bnc#822722).\n *\n\n jbd: Fix forever sleeping process in\n do_get_write_access() (bnc#827983).\n\n *\n\n HID: check for NULL field when setting values\n (bnc#835839).\n\n * HID: provide a helper for validating hid reports\n (bnc#835839).\n * bcm43xx: netlink deadlock fix (bnc#850241).\n * bnx2: Close device if tx_timeout reset fails\n (bnc#857597).\n * xfrm: invalidate dst on policy insertion/deletion\n (bnc#842239).\n * xfrm: prevent ipcomp scratch buffer race condition\n (bnc#842239).\n * lpfc: Update to 8.2.0.106 (bnc#798050).\n * Make lpfc task management timeout configurable\n (bnc#798050).\n * dpt_i2o: Remove DPTI_STATE_IOCTL (bnc#798050).\n * dpt_i2o: return SCSI_MLQUEUE_HOST_BUSY when in reset\n (bnc#798050).\n * advansys: Remove 'last_reset' references (bnc#798050).\n * tmscsim: Move 'last_reset' into host structure\n (bnc#798050).\n *\n\n dc395: Move 'last_reset' into internal host structure\n (bnc#798050).\n\n *\n\n scsi: remove check for 'resetting' (bnc#798050).\n\n * scsi: Allow error handling timeout to be specified\n (bnc#798050).\n * scsi: Eliminate error handler overload of the SCSI\n serial number (bnc#798050).\n * scsi: Reduce sequential pointer derefs in\n scsi_error.c and reduce size as well (bnc#798050).\n * scsi: Reduce error recovery time by reducing use of\n TURs (bnc#798050).\n * scsi: fix eh wakeup (scsi_schedule_eh vs\n scsi_restart_operations)\n * scsi: cleanup setting task state in\n scsi_error_handler() (bnc#798050).\n * scsi: Add 'eh_deadline' to limit SCSI EH runtime\n (bnc#798050).\n * scsi: Fixup compilation warning (bnc#798050).\n * scsi: fc class: fix scanning when devs are offline\n (bnc#798050).\n * scsi: Warn on invalid command completion (bnc#798050).\n * scsi: Retry failfast commands after EH (bnc#798050).\n * scsi: kABI fixes (bnc#798050).\n", "published": "2014-04-16T20:04:36", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00013.html", "cvelist": ["CVE-2013-3228", "CVE-2013-2234", "CVE-2012-6546", "CVE-2012-6541", "CVE-2012-6537", "CVE-2013-2141", "CVE-2013-3232", "CVE-2013-2206", "CVE-2013-6383", "CVE-2013-1827", "CVE-2013-3231", "CVE-2013-3229", "CVE-2011-2492", "CVE-2013-3224", "CVE-2012-6545", "CVE-2013-4162", "CVE-2012-6542", "CVE-2013-3234", "CVE-2014-1446", "CVE-2013-2897", "CVE-2012-6539", "CVE-2012-6540", "CVE-2012-6547", "CVE-2013-2232", "CVE-2011-2494", "CVE-2012-6544", "CVE-2013-3222", "CVE-2013-4387", "CVE-2013-4483", "CVE-2014-1444", "CVE-2012-6549", "CVE-2013-0914", "CVE-2013-0343", "CVE-2013-2237", "CVE-2014-1445", "CVE-2013-4470", "CVE-2013-3235", "CVE-2013-2888", "CVE-2013-4588", "CVE-2013-3223", "CVE-2013-2164", "CVE-2013-2893"], "lastseen": "2016-09-04T11:31:29"}, {"id": "SUSE-SU-2015:0652-1", "type": "suse", "title": "Security update for Linux kernel (important)", "description": "The SUSE Linux Enterprise 11 Service Pack 1 LTSS kernel was updated to fix\n security issues on kernels on the x86_64 architecture.\n\n The following security bugs have been fixed:\n\n * CVE-2013-4299: Interpretation conflict in\n drivers/md/dm-snap-persistent.c in the Linux kernel through 3.11.6\n allowed remote authenticated users to obtain sensitive information\n or modify data via a crafted mapping to a snapshot block device\n (bnc#846404).\n * CVE-2014-8160: SCTP firewalling failed until the SCTP module was\n loaded (bnc#913059).\n * CVE-2014-9584: The parse_rock_ridge_inode_internal function in\n fs/isofs/rock.c in the Linux kernel before 3.18.2 did not validate a\n length value in the Extensions Reference (ER) System Use Field,\n which allowed local users to obtain sensitive information from\n kernel memory via a crafted iso9660 image (bnc#912654).\n * CVE-2014-9585: The vdso_addr function in arch/x86/vdso/vma.c in the\n Linux kernel through 3.18.2 did not properly choose memory locations\n for the vDSO area, which made it easier for local users to bypass\n the ASLR protection mechanism by guessing a location at the end of a\n PMD (bnc#912705).\n * CVE-2014-9420: The rock_continue function in fs/isofs/rock.c in the\n Linux kernel through 3.18.1 did not restrict the number of Rock\n Ridge continuation entries, which allowed local users to cause a\n denial of service (infinite loop, and system crash or hang) via a\n crafted iso9660 image (bnc#911325).\n * CVE-2014-0181: The Netlink implementation in the Linux kernel\n through 3.14.1 did not provide a mechanism for authorizing socket\n operations based on the opener of a socket, which allowed local\n users to bypass intended access restrictions and modify network\n configurations by using a Netlink socket for the (1) stdout or (2)\n stderr of a setuid program (bnc#875051).\n * CVE-2010-5313: Race condition in arch/x86/kvm/x86.c in the Linux\n kernel before 2.6.38 allowed L2 guest OS users to cause a denial of\n service (L1 guest OS crash) via a crafted instruction that triggers\n an L2 emulation failure report, a similar issue to CVE-2014-7842\n (bnc#907822).\n * CVE-2014-7842: Race condition in arch/x86/kvm/x86.c in the Linux\n kernel before 3.17.4 allowed guest OS users to cause a denial of\n service (guest OS crash) via a crafted application that performs an\n MMIO transaction or a PIO transaction to trigger a guest userspace\n emulation error report, a similar issue to CVE-2010-5313\n (bnc#905312).\n * CVE-2014-3688: The SCTP implementation in the Linux kernel before\n 3.17.4 allowed remote attackers to cause a denial of service (memory\n consumption) by triggering a large number of chunks in an\n associations output queue, as demonstrated by ASCONF probes, related\n to net/sctp/inqueue.c and net/sctp/sm_statefuns.c (bnc#902351).\n * CVE-2014-3687: The sctp_assoc_lookup_asconf_ack function in\n net/sctp/associola.c in the SCTP implementation in the Linux kernel\n through 3.17.2 allowed remote attackers to cause a denial of service\n (panic) via duplicate ASCONF chunks that trigger an incorrect uncork\n within the side-effect interpreter (bnc#902349).\n * CVE-2014-3673: The SCTP implementation in the Linux kernel through\n 3.17.2 allowed remote attackers to cause a denial of service (system\n crash) via a malformed ASCONF chunk, related to\n net/sctp/sm_make_chunk.c and net/sctp/sm_statefuns.c (bnc#902346).\n * CVE-2014-7841: The sctp_process_param function in\n net/sctp/sm_make_chunk.c in the SCTP implementation in the Linux\n kernel before 3.17.4, when ASCONF is used, allowed remote attackers\n to cause a denial of service (NULL pointer dereference and system\n crash) via a malformed INIT chunk (bnc#905100).\n * CVE-2014-8709: The ieee80211_fragment function in net/mac80211/tx.c\n in the Linux kernel before 3.13.5 did not properly maintain a\n certain tail pointer, which allowed remote attackers to obtain\n sensitive cleartext information by reading packets (bnc#904700).\n * CVE-2013-7263: The Linux kernel before 3.12.4 updated certain length\n values before ensuring that associated data structures have been\n initialized, which allowed local users to obtain sensitive\n information from kernel stack memory via a (1) recvfrom, (2)\n recvmmsg, or (3) recvmsg system call, related to net/ipv4/ping.c,\n net/ipv4/raw.c, net/ipv4/udp.c, net/ipv6/raw.c, and net/ipv6/udp.c\n (bnc#857643).\n * CVE-2012-6657: The sock_setsockopt function in net/core/sock.c in\n the Linux kernel before 3.5.7 did not ensure that a keepalive action\n is associated with a stream socket, which allowed local users to\n cause a denial of service (system crash) by leveraging the ability\n to create a raw socket (bnc#896779).\n * CVE-2014-3185: Multiple buffer overflows in the\n command_port_read_callback function in\n drivers/usb/serial/whiteheat.c in the Whiteheat USB Serial Driver in\n the Linux kernel before 3.16.2 allowed physically proximate\n attackers to execute arbitrary code or cause a denial of service\n (memory corruption and system crash) via a crafted device that\n provides a large amount of (1) EHCI or (2) XHCI data associated with\n a bulk response (bnc#896391).\n * CVE-2014-3184: The report_fixup functions in the HID subsystem in\n the Linux kernel before 3.16.2 might allow physically proximate\n attackers to cause a denial of service (out-of-bounds write) via a\n crafted device that provides a small report descriptor, related to\n (1) drivers/hid/hid-cherry.c, (2) drivers/hid/hid-kye.c, (3)\n drivers/hid/hid-lg.c, (4) drivers/hid/hid-monterey.c, (5)\n drivers/hid/hid-petalynx.c, and (6) drivers/hid/hid-sunplus.c\n (bnc#896390).\n\n The following non-security bugs have been fixed:\n\n * KVM: SVM: Make Use of the generic guest-mode functions (bnc#907822).\n * KVM: inject #UD if instruction emulation fails and exit to userspace\n (bnc#907822).\n * block: Fix bogus partition statistics reports (bnc#885077\n bnc#891211).\n * block: skip request queue cleanup if no elevator is assigned\n (bnc#899338).\n * isofs: Fix unchecked printing of ER records.\n * Re-enable nested-spinlocks-backport patch for xen (bnc#908870).\n * time, ntp: Do not update time_state in middle of leap second\n (bnc#912916).\n * timekeeping: Avoid possible deadlock from clock_was_set_delayed\n (bnc#771619, bnc#915335).\n * udf: Check component length before reading it.\n * udf: Check path length when reading symlink.\n * udf: Verify i_size when loading inode.\n * udf: Verify symlink size before loading it.\n * vt: prevent race between modifying and reading unicode map\n (bnc#915826).\n * writeback: Do not sync data dirtied after sync start (bnc#833820).\n * xfs: Avoid blocking on inode flush in background inode reclaim\n (bnc#892235).\n\n Security Issues:\n\n * CVE-2010-5313\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5313\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5313</a>>\n * CVE-2012-6657\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6657\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6657</a>>\n * CVE-2013-4299\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4299\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4299</a>>\n * CVE-2013-7263\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7263\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7263</a>>\n * CVE-2014-0181\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0181\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0181</a>>\n * CVE-2014-3184\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3184\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3184</a>>\n * CVE-2014-3185\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3185\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3185</a>>\n * CVE-2014-3673\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3673\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3673</a>>\n * CVE-2014-3687\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3687\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3687</a>>\n * CVE-2014-3688\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3688\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3688</a>>\n * CVE-2014-7841\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7841\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7841</a>>\n * CVE-2014-7842\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7842\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7842</a>>\n * CVE-2014-8160\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8160\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8160</a>>\n * CVE-2014-8709\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8709\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8709</a>>\n * CVE-2014-9420\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9420\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9420</a>>\n * CVE-2014-9584\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9584\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9584</a>>\n * CVE-2014-9585\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9585\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9585</a>>\n", "published": "2015-04-02T02:06:32", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.html", "cvelist": ["CVE-2010-5313", "CVE-2014-9420", "CVE-2014-3673", "CVE-2014-3688", "CVE-2014-8160", "CVE-2014-7841", "CVE-2014-8709", "CVE-2014-3185", "CVE-2014-9584", "CVE-2013-7263", "CVE-2014-0181", "CVE-2012-6657", "CVE-2014-7842", "CVE-2014-9585", "CVE-2013-4299", "CVE-2014-3184", "CVE-2014-3687"], "lastseen": "2016-09-04T11:57:20"}], "amazon": [{"id": "ALAS-2013-233", "type": "amazon", "title": "Medium: kernel", "description": "**Issue Overview:**\n\nThe do_tkill function in kernel/signal.c in the Linux kernel before 3.8.9 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory via a crafted application that makes a (1) tkill or (2) tgkill system call.\n\nThe udp_v6_push_pending_frames function in net/ipv6/udp.c in the IPv6 implementation in the Linux kernel through 3.10.3 makes an incorrect function call for pending data, which allows local users to cause a denial of service (BUG and system crash) via a crafted application that uses the UDP_CORK option in a setsockopt system call. \n\nnet/ipv6/ip6_output.c in the Linux kernel through 3.11.4 does not properly determine the need for UDP Fragmentation Offload (UFO) processing of small packets after the UFO queueing of a large packet, which allows remote attackers to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact via network traffic that triggers a large response packet. \n\nThe __request_module function in kernel/kmod.c in the Linux kernel before 3.4 does not set a certain killable attribute, which allows local users to cause a denial of service (memory consumption) via a crafted application. \n\nInterpretation conflict in drivers/md/dm-snap-persistent.c in the Linux kernel through 3.11.6 allows remote authenticated users to obtain sensitive information or modify data via a crafted mapping to a snapshot block device. \n\n \n**Affected Packages:** \n\n\nkernel\n\n \n**Issue Correction:** \nRun _yum update kernel_ to update your system. You will need to reboot your system in order for the new kernel to be running. \n\n \n**New Packages:**\n \n \n i686: \n kernel-devel-3.4.66-55.43.amzn1.i686 \n kernel-debuginfo-common-i686-3.4.66-55.43.amzn1.i686 \n kernel-debuginfo-3.4.66-55.43.amzn1.i686 \n kernel-3.4.66-55.43.amzn1.i686 \n kernel-tools-debuginfo-3.4.66-55.43.amzn1.i686 \n kernel-headers-3.4.66-55.43.amzn1.i686 \n kernel-tools-3.4.66-55.43.amzn1.i686 \n \n noarch: \n kernel-doc-3.4.66-55.43.amzn1.noarch \n \n src: \n kernel-3.4.66-55.43.amzn1.src \n \n x86_64: \n kernel-3.4.66-55.43.amzn1.x86_64 \n kernel-debuginfo-common-x86_64-3.4.66-55.43.amzn1.x86_64 \n kernel-tools-3.4.66-55.43.amzn1.x86_64 \n kernel-headers-3.4.66-55.43.amzn1.x86_64 \n kernel-debuginfo-3.4.66-55.43.amzn1.x86_64 \n kernel-tools-debuginfo-3.4.66-55.43.amzn1.x86_64 \n kernel-devel-3.4.66-55.43.amzn1.x86_64 \n \n \n", "published": "2013-10-16T20:53:00", "cvss": {"score": 6.1, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://alas.aws.amazon.com/ALAS-2013-233.html", "cvelist": ["CVE-2013-2141", "CVE-2013-4162", "CVE-2013-4387", "CVE-2012-4398", "CVE-2013-4299"], "lastseen": "2016-09-28T21:03:59"}]}}