(RHSA-2015:1977) Moderate: kernel-rt security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

• A flaw was found in the way the Linux kernel’s VFS subsystem handled file
  system locks. A local, unprivileged user could use this flaw to trigger a
  deadlock in the kernel, causing a denial of service on the system.
  (CVE-2014-8559, Moderate)

• A buffer overflow flaw was found in the way the Linux kernel’s virtio-net
  subsystem handled certain fraglists when the GRO (Generic Receive Offload)
  functionality was enabled in a bridged network configuration. An attacker
  on the local network could potentially use this flaw to crash the system,
  or, although unlikely, elevate their privileges on the system.
  (CVE-2015-5156, Moderate)

The CVE-2015-5156 issue was discovered by Jason Wang of Red Hat.

The kernel-rt packages have been upgraded to version 3.10.0-229.20.1, which
provides a number of bug fixes and enhancements over the previous version,
including:

• Unexpected completion is detected on Intel Ethernet x540

• Divide by zero error in intel_pstate_timer_func() [ inline s64
  div_s64_rem() ]

• NFS Recover from stateid-type error on SETATTR

• pNFS RHEL 7.1 Data Server connection remains after umount due to lseg
  refcount leak

• Race during NFS v4.0 recovery and standard IO.

• Fix ip6t_SYNPROXY for namespaces and connection delay

• synproxy window size and sequence number behaviour causes long connection
  delay

• Crash in kmem_cache_alloc() during disk stress testing (using ipr)

• xfs: sync/backport to upstream v4.1

• iscsi_session recovery_tmo revert back to default when a path becomes
  active

• read from MD raid1 can fail if read from resync target fails

• backport scsi-mq

• unable to handle kernel paging request at 0000000000237037 [zswap]

(BZ#1266915)

All kernel-rt users are advised to upgrade to these updated packages, which
correct these issues and add this enhancement. The system must be rebooted
for this update to take effect.