Security update for Linux kernel (important)

The SUSE Linux Enterprise 11 SP1 kernel have been updated
to the 2.6.32.59 stable release to fix a lot of bugs and
security issues.

The following security issues have been fixed:

• CVE-2012-2133: A use after free bug in hugetlb
  support could be used by local attackers to crash the
  system.
• CVE-2012-1097: A null pointer dereference bug in the
  regsets proc file could be used by local attackers to
  perhaps crash the system. With mmap_min_addr is set and
  enabled, exploitation is unlikely.
• CVE-2012-0879: A reference counting issue in CLONE_IO
  could be used by local attackers to cause a denial of
  service (out of memory).
• CVE-2012-1090: A file handle leak in CIFS code could
  be used by local attackers to crash the system.
• CVE-2011-1083: Large nested epoll chains could be
  used by local attackers to cause a denial of service
  (excessive CPU consumption).
• CVE-2011-4622: When using KVM, programming a PIT
  timer without a irqchip configuration, can be used to crash
  the kvm guest. This likely can be done only by a privileged
  guest user.
• CVE-2012-0045: A KVM 32bit guest crash in "syscall"
  opcode handling was fixed that could be caused by local
  attackers.
• CVE-2011-4086: Fixed a oops in jbd/jbd2 that could be
  caused by specific filesystem access patterns.

The following non-security issues have been fixed:

X86:

• x86: fix the initialization of physnode_map
  (bnc#748112).
• x86: Allow bootmem reserves at greater than 8G node
  offset within a node (bnc#740895).
• x86, tsc: Fix SMI induced variation in
  quick_pit_calibrate(). (bnc#751322)
• x86, efi: Work around broken firmware. (bnc#714507)

BONDING:

• bonding: update speed/duplex for NETDEV_CHANGE
  (bnc#752634).
• bonding: comparing a u8 with -1 is always false
  (bnc#752634).
• bonding: start slaves with link down for ARP monitor
  (bnc#752634).
• bonding: send gratuitous ARP for all addresses
  (bnc#752491).

XFS:

• xfs: Fix excessive inode syncing when project quota
  is exceeded (bnc#756448).
• xfs: Fix oops on IO error during
  xlog_recover_process_iunlinks() (bnc#716850).

SCSI:

• scsi/ses: Handle non-unique element descriptors
  (bnc#749342, bnc#617344).
• scsi/sd: mark busy sd majors as allocated
  (bug#744658).
• scsi: Check for invalid sdev in
  scsi_prep_state_check() (bnc#734300).

MD/RAID:

• md: fix possible corruption of array metadata on
  shutdown.
• md: ensure changes to write-mostly are reflected in
  metadata (bnc#755178).
• md: do not set md arrays to readonly on shutdown
  (bnc#740180, bnc#713148, bnc#734900).

XEN:

• smpboot: adjust ordering of operations.
• x86-64: provide a memset() that can deal with 4Gb or
  above at a time (bnc#738528).
• blkfront: properly fail packet requests (bnc#745929).
• Update Xen patches to 2.6.32.57.
• xenbus: Reject replies with payload >
  XENSTORE_PAYLOAD_MAX.
• xenbus_dev: add missing error checks to watch
  handling.
• Refresh other Xen patches (bnc#652942, bnc#668194,
  bnc#688079).
• fix Xen-specific kABI issue in Linux 2.6.19.

NFS:

• NFSD: Fill in WCC data for REMOVE, RMDIR, MKNOD, and
  MKDIR (bnc#751880).
• nfs: Include SYNC flag when comparing mount options
  with NOAC flag (bnc#745422).
• NFS returns EIO for EDQUOT and others (bnc#747028).
• lockd: fix arg parsing for grace_period and timeout
  (bnc#733761).
• nfs: allow nfs4leasetime to be set before starting
  servers (bnc#733761).
• nfs: handle d_revalidate of dot correctly
  (bnc#731809).

S/390:

• ctcmpc: use correct idal word list for ctcmpc
  (bnc#750171,LTC#79264).
• qeth: synchronize discipline module loading
  (bnc#747430,LTC#78788).
• qdio: avoid race leading to stall when tolerating CQ
  (bnc#737326,LTC#76599).
• kernel: no storage key operations for invalid page
  table entries (bnc#737326,LTC#77697).

OTHER:

• tlan: add cast needed for proper 64 bit operation
  (bnc#756840).
• dl2k: Tighten ioctl permissions (bnc#758813).
• tg3: Fix RSS ring refill race condition (bnc#757917).
• usbhid: fix error handling of not enough bandwidth
  (bnc#704280).
• pagecache limit: Fix the shmem deadlock (bnc#755537).
• tty_audit: fix tty_audit_add_data live lock on audit
  disabled (bnc#721366).
• ixgbe: driver sets all WOL flags upon initialization
  so that machine is powered on as soon at it is switched off
  (bnc#693639)
• PCI: Set device power state to PCI_D0 for device
  without native PM support (bnc#752972).
• dlm: Do not allocate a fd for peeloff (bnc#729247).
• sctp: Export sctp_do_peeloff (bnc#729247).
• epoll: Do not limit non-nested epoll paths
  (bnc#676204).
• mlx4: Limit MSI-X vector allocation (bnc#624072).
• mlx4: Changing interrupt scheme (bnc#624072).
• mlx4_en: Assigning TX irq per ring (bnc#624072).
• mlx4_en: Restoring RX buffer pointer in case of
  failure (bnc#624072).
• mlx4_en: using new mlx4 interrupt scheme (bnc#624072).
• igb: Fix for Alt MAC Address feature on 82580 and
  later devices (bnc#746980).
• igb: Power down link when interface is down
  (bnc#745699).
• igb: use correct bits to identify if managability is
  enabled (bnc#743209).
• intel_agp: Do not oops with zero stolen memory
  (bnc#738679).
• agp: fix scratch page cleanup (bnc#738679).
• hugetlb: add generic definition of NUMA_NO_NODE
  (bnc#751844).
• sched: Fix proc_sched_set_task() (bnc#717994).
• PM: Print a warning if firmware is requested when
  tasks are frozen (bnc#749886).
• PM / Sleep: Fix freezer failures due to racy
  usermodehelper_is_disabled() (bnc#749886).
• PM / Sleep: Fix read_unlock_usermodehelper() call
  (bnc#749886).
• firmware loader: allow builtin firmware load even if
  usermodehelper is disabled (bnc#749886).
• PM / Hibernate: Enable usermodehelpers in
  software_resume() error path (bnc#744163).
• ipv6: Allow inet6_dump_addr() to handle more than 64
  addresses (bnc#748279).
• ipv6: fix refcnt problem related to POSTDAD state
  (bnc#743619).
• be2net: change to show correct physical link status
  (bnc#727834).
• be2net: changes to properly provide phy details
  (bnc#727834).
• aio: fix race between io_destroy() and io_submit()
  (bnc#747445 bnc#611264).
• intel-iommu: Check for identity mapping candidate
  using system dma mask (bnc#700449).
• intel-iommu: Dont cache iova above 32bit (bnc#700449).
• intel-iommu: Add domain check in
  domain_remove_one_dev_info (bnc#700449).
• intel-iommu: Provide option to enable 64-bit IOMMU
  pass through mode (bnc#700449).
• intel-iommu: Remove Host Bridge devices from identity
  mapping (bnc#700449).
• intel-iommu: Speed up processing of the
  identity_mapping function (bnc#700449).
• intel-iommu: Use coherent DMA mask when requested
  (bnc#700449).
• 1: Fix accounting of softirq time when idle
  (bnc#719793).
• driver-core: fix race between device_register and
  driver_register (bnc#742358).
• dcache:
  patches.fixes/large-hash-dcache_init-fix.patch: Fix oops
  when initializing large hash on > 16TB machine (bnc#742210).
• kdump: Save PG_compound or PG_head value in
  VMCOREINFO (bnc#738503).
• Update config files: disable NET_9P_RDMA (bnc#720374).
• cdc-wdm: fix race leading leading to memory
  corruption (bnc#759544).