linux - security update

Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation or denial of service.

• CVE-2015-3290
  Andy Lutomirski discovered that the Linux kernel does not properly
  handle nested NMIs. A local, unprivileged user could use this flaw
  for privilege escalation.
• CVE-2015-3291
  Andy Lutomirski discovered that under certain conditions a malicious
  userspace program can cause the kernel to skip NMIs leading to a
  denial of service.
• CVE-2015-4167
  Carl Henrik Lunde discovered that the UDF implementation is missing
  a necessary length check. A local user that can mount devices could
  use this flaw to crash the system.
• CVE-2015-5157
  Petr Matousek and Andy Lutomirski discovered that an NMI that
  interrupts userspace and encounters an IRET fault is incorrectly
  handled. A local, unprivileged user could use this flaw for denial
  of service or possibly for privilege escalation.
• CVE-2015-5364
  It was discovered that the Linux kernel does not properly handle
  invalid UDP checksums. A remote attacker could exploit this flaw to
  cause a denial of service using a flood of UDP packets with invalid
  checksums.
• CVE-2015-5366
  It was discovered that the Linux kernel does not properly handle
  invalid UDP checksums. A remote attacker can cause a denial of
  service against applications that use epoll by injecting a single
  packet with an invalid checksum.

For the stable distribution (jessie), these problems have been fixed in
version 3.16.7-ckt11-1+deb8u2.

For the unstable distribution (sid), these problems have been fixed in
version 4.0.8-2 or earlier versions.

We recommend that you upgrade your linux packages.