linux - security update

Several vulnerabilities have been discovered in the Linux kernel that
may lead to a denial of service or privilege escalation:

• CVE-2014-3534
  Martin Schwidefsky of IBM discovered that the ptrace subsystem does
  not properly sanitize the psw mask value. On s390 systems, an
  unprivileged local user could use this flaw to set address space
  control bits to kernel space combination and thus gain read/write
  access to kernel memory.
• CVE-2014-4667
  Gopal Reddy Kodudula of Nokia Siemens Networks discovered that the
  sctp_association_free function does not properly manage a certain
  backlog value, which allows remote attackers to cause a denial of
  service (socket outage) via a crafted SCTP packet.
• CVE-2014-4943
  Sasha Levin discovered a flaw in the Linux kernel’s point-to-point
  protocol (PPP) when used with the Layer Two Tunneling Protocol
  (L2TP). An unprivileged local user could use this flaw for privilege
  escalation.

For the stable distribution (wheezy), these problems have been fixed in
version 3.2.60-1+deb7u3.

For the unstable distribution (sid), these problems have been fixed in
version 3.14.13-2.

We recommend that you upgrade your linux packages.