Lucene search

K
suseSuseOPENSUSE-SU-2014:0204-1
HistoryFeb 06, 2014 - 7:04 p.m.

kernel: security and bugfix update (important)

2014-02-0619:04:40
lists.opensuse.org
19

0.03 Low

EPSS

Percentile

89.8%

The Linux kernel was updated to fix various bugs and
security issues:

  • mm/page-writeback.c: do not count anon pages as dirtyable
    memory (reclaim stalls).

  • mm/page-writeback.c: fix dirty_balance_reserve
    subtraction from dirtyable memory (reclaim stalls).

  • compat_sys_recvmmsg X32 fix (bnc#860993 CVE-2014-0038).

  • hwmon: (coretemp) Fix truncated name of alarm attributes

  • net: fib: fib6_add: fix potential NULL pointer
    dereference (bnc#854173 CVE-2013-6431).

  • keys: fix race with concurrent install_user_keyrings()
    (bnc#808358)(CVE-2013-1792).

  • KVM: x86: Convert vapic synchronization to _cached
    functions (CVE-2013-6368) (bnc#853052 CVE-2013-6368).

  • wireless: radiotap: fix parsing buffer overrun
    (bnc#854634 CVE-2013-7027).

  • KVM: x86: fix guest-initiated crash with x2apic
    (CVE-2013-6376) (bnc#853053 CVE-2013-6376).

  • KVM: x86: Fix potential divide by 0 in lapic
    (CVE-2013-6367) (bnc#853051 CVE-2013-6367).

  • KVM: Improve create VCPU parameter (CVE-2013-4587)
    (bnc#853050 CVE-2013-4587).

  • staging: ozwpan: prevent overflow in oz_cdev_write()
    (bnc#849023 CVE-2013-4513).

  • perf/x86: Fix offcore_rsp valid mask for SNB/IVB
    (bnc#825006).

  • perf/x86: Add Intel IvyBridge event scheduling
    constraints (bnc#825006).

  • libertas: potential oops in debugfs (bnc#852559
    CVE-2013-6378).

  • aacraid: prevent invalid pointer dereference (bnc#852373
    CVE-2013-6380).

  • staging: wlags49_h2: buffer overflow setting station name
    (bnc#849029 CVE-2013-4514).

  • net: flow_dissector: fail on evil iph->ihl (bnc#848079
    CVE-2013-4348).

  • Staging: bcm: info leak in ioctl (bnc#849034
    CVE-2013-4515).

  • Refresh
    patches.fixes/net-rework-recvmsg-handler-msg_name-and-msg_na
    melen-logic.patch.

  • ipv6: remove max_addresses check from
    ipv6_create_tempaddr (bnc#805226, CVE-2013-0343).

  • net: rework recvmsg handler msg_name and msg_namelen
    logic (bnc#854722).

  • crypto: ansi_cprng - Fix off by one error in non-block
    size request (bnc#840226).

  • x6: Fix reserve_initrd so that acpi_initrd_override is
    reached (bnc#831836).

  • Refresh other Xen patches.

  • aacraid: missing capable() check in compat ioctl
    (bnc#852558).

patches.fixes/gpio-ich-fix-ichx_gpio_check_available-return.
patch: Update upstream reference

  • perf/ftrace: Fix paranoid level for enabling function
    tracer (bnc#849362).

  • xhci: fix null pointer dereference on
    ring_doorbell_for_active_rings (bnc#848255).

  • xhci: Fix oops happening after address device timeout
    (bnc#848255).

  • xhci: Ensure a command structure points to the correct
    trb on the command ring (bnc#848255).

patches.arch/iommu-vt-d-remove-stack-trace-from-broken-irq-r
emapping-warning.patch: Update upstream reference.

  • Allow NFSv4 username mapping to work properly
    (bnc#838024).

  • Refresh btrfs attribute publishing patchset to match
    openSUSE-13.1 No user-visible changes, but uses
    kobj_sysfs_ops and better kobject lifetime management.

  • Fix a few incorrectly checked [io_]remap_pfn_range()
    calls (bnc#849021, CVE-2013-4511).

  • drm/radeon: don’t set hpd, afmt interrupts when
    interrupts are disabled.

patches.fixes/cifs-fill-TRANS2_QUERY_FILE_INFO-ByteCount-fie
lds.patch: Fix TRANS2_QUERY_FILE_INFO ByteCount fields
(bnc#804950).

  • iommu: Remove stack trace from broken irq remapping
    warning (bnc#844513).

  • Disable patches related to bnc#840656
    patches.suse/btrfs-cleanup-don-t-check-the-same-thing-twice
    patches.suse/btrfs-0220-fix-for-patch-cleanup-don-t-check-th
    e-same-thi.patch

  • btrfs: use feature attribute names to print better error
    messages.

  • btrfs: add ability to change features via sysfs.

  • btrfs: add publishing of unknown features in sysfs.

  • btrfs: publish per-super features to sysfs.

  • btrfs: add per-super attributes to sysfs.

  • btrfs: export supported featured to sysfs.

  • kobject: introduce kobj_completion.

  • btrfs: add ioctls to query/change feature bits online.

  • btrfs: use btrfs_commit_transaction when setting fslabel.

  • x86/iommu/vt-d: Expand interrupt remapping quirk to cover
    x58 chipset (bnc#844513).

  • NFSv4: Fix issues in nfs4_discover_server_trunking
    (bnc#811746).

  • iommu/vt-d: add quirk for broken interrupt remapping on
    55XX chipsets (bnc#844513).

0.03 Low

EPSS

Percentile

89.8%

Related for OPENSUSE-SU-2014:0204-1