Security update for Linux kernel (important)

This Linux kernel update fixes various security issues and
bugs in the SUSE Linux Enterprise 10 SP4 kernel.

The following security issues have been fixed:

CVE-2013-0871: A race condition in ptrace(2) could be
used by local attackers to crash the kernel and/or execute
code in kernel context.

CVE-2013-0160: Avoid side channel information leaks
from the ptys via ptmx, which allowed local attackers to
guess keypresses.

CVE-2012-4530: Avoid leaving bprm->interp on the
stack which might have leaked information from the kernel
to userland attackers.

CVE-2013-0268: The msr_open function in
arch/x86/kernel/msr.c in the Linux kernel allowed local
users to bypass intended capability restrictions by
executing a crafted application as root, as demonstrated by
msr32.c.

CVE-2013-0216: The Xen netback functionality in the
Linux kernel allowed guest OS users to cause a denial of
service (loop) by triggering ring pointer corruption.

CVE-2013-0231: The pciback_enable_msi function in the
PCI backend driver
(drivers/xen/pciback/conf_space_capability_msi.c) in Xen
for the Linux kernel allowed guest OS users with PCI device
access to cause a denial of service via a large number of
kernel log messages. NOTE: some of these details are
obtained from third party information.

Also the following non-security bugs have been fixed:

S/390:

• s390x: tty struct used after free (bnc#809692,
  LTC#90216).
• s390x/kernel: sched_clock() overflow (bnc#799611,
  LTC#87978).
• qeth: set new mac even if old mac is gone
  (bnc#789012,LTC#86643).
• qeth: set new mac even if old mac is gone (2)
  (bnc#792697,LTC#87138).
• qeth: fix deadlock between recovery and bonding
  driver (bnc#785101,LTC#85905).
• dasd: check count address during online setting
  (bnc#781485,LTC#85346).
• hugetlbfs: add missing TLB invalidation
  (bnc#781485,LTC#85463).
• s390/kernel: make user-access pagetable walk code
  huge page aware (bnc#781485,LTC#85455).

XEN:

• xen/netback: fix netbk_count_requests().
• xen: properly bound buffer access when parsing
  cpu/availability.
• xen/scsiback/usbback: move cond_resched() invocations
  to proper place.
• xen/pciback: properly clean up after calling
  pcistub_device_find().
• xen: add further backward-compatibility configure
  options.
• xen/PCI: suppress bogus warning on old hypervisors.
• xenbus: fix overflow check in xenbus_dev_write().
• xen/x86: do not corrupt %eip when returning from a
  signal handler.

Other:

• kernel: Restrict clearing TIF_SIGPENDING (bnc#742111).
• kernel: recalc_sigpending_tsk fixes (bnc#742111).
• xfs: Do not reclaim new inodes in xfs_sync_inodes()
  (bnc#770980).
• jbd: Avoid BUG_ON when checkpoint stalls (bnc#795335).
• reiserfs: Fix int overflow while calculating free
  space (bnc#795075).
• cifs: clarify the meaning of tcpStatus == CifsGood
  (bnc#769093).
• cifs: do not allow cifs_reconnect to exit with NULL
  socket pointer (bnc#769093).
• cifs: switch to seq_files (bnc#776370).
• scsi: fix check of PQ and PDT bits for WLUNs
  (bnc#765687).
• hugetlb: preserve hugetlb pte dirty state
  (bnc#790236).
• poll: enforce RLIMIT_NOFILE in poll() (bnc#787272).
• proc: fix ->open less usage due to ->proc_fops flip
  (bnc#776370).
• rpm/kernel-binary.spec.in: Ignore kabi errors if
  %%ignore_kabi_badness is defined. This is used in the
  Kernel:* projects in the OBS.