kernel update for Evergreen 11.4, includes leap second deadlock fix
kernel update for Evergreen 11.4, includes leap second deadlock fix and fixes for other security and stability issues
- Submitted by Michal Kubeček (mkubecek)
- Reboot is suggested
Fixed bugs
bnc#771619
timers expire too early after leap second insertion
bnc#778463
VUL-1: kernel: request_module() OOM local DoS
bnc#833588
SLES11SP3x86 sporadicaly fails to mount root partition.
bnc#835839
VUL-1: CVE-2013-2889: kernel: multiple issues in HID code
bnc#847652
VUL-1: CVE-2013-2929: kernel: suid_dumpable checking incorrect
bnc#853040
VUL-1: CVE-2013-6405: kernel: net: multiple uninitialised memory leakage
bnc#864049
SLES 11 SP2 - IBM LTC System z maintenance kernel patches (#70)
bnc#865442
Reboot takes forever due to disable_nonboot_cpus()
bnc#867531
VUL-0: CVE-2014-2309: kernel: ipv6: remote denial of service by overflowing router advertisements
bnc#867723
VUL-1: CVE-2014-0131: kernel: net: skbuff: fix information leak via skb_segment with zero copy skbs
bnc#870161
regression: sles11sp3: deleting sg device causes panic in dm_multipath
bnc#875051
VUL-0: CVE-2014-0181: kernel: network reconfiguration due to incorrect netlink checks
bnc#876633
Delay creating /dev/sgX devices during modprobe sg command
bnc#880892
VUL-0: CVE-2014-3153: kernel: Exploitable futex vulnerability
bnc#883096
BUG: unable to handle kernel paging request at mem_cgroup_move_parent+0x45
bnc#883724
VUL-0: CVE-2014-4508: kernel: BUG in syscall auditing
bnc#883948
VUL-0: CVE-2014-4608: kernel: LZO algorithm flaw
bnc#887082
VUL-0: CVE-2014-4943: kernel-source: potential local privilege escalation in ppp over l2tp sockets
bnc#892490
VUL-0: CVE-2014-5471, CVE-2014-5472: kernel: Corrupted iso9660 filesystem can cause kernel stack overflow or hang
bnc#892782
VUL-0: CVE-2014-3601: kernel: kvm: invalid parameter passing in kvm_iommu_map_pages()
bnc#895680
Stack corruptions with pagecache_limit_mb set on 3.0.101-0.35 kernel
bnc#896382
VUL-1: CVE-2014-3181: kernel: HID: Magic Mouse HID device driver overflow
bnc#896390
VUL-1: CVE-2014-3184: kernel: HID: Linux kernel HID report fixup multiple off-by-one issues
bnc#896391
VUL-1: CVE-2014-3185: kernel: HID: Linux Kernel Buffer Overflow in Whiteheat USB Serial Driver
bnc#896392
VUL-1: CVE-2014-3186: kernel: HID: PicoLCD HID device driver pool overflow
bnc#897995
[EXT] kernel: sclp console tty reference counting
bnc#898693
PTF request for bnc#897995 for SLES 11 SP2 LTSS
bnc#899192
VUL-0: kernel: kvm: various issues
bnc#901885
Hyper-V Linux Integration Service: Heartbeat feature not working after upgrading the kernel version from 3.0.93-0.5-default to 3.0.101-0.7.23-default
bnc#902232
VUL-1: CVE-2014-3690: kernel: KVM DoS triggerable by malicious host userspace
bnc#902346
VUL-0: CVE-2014-3673: kernel: sctp: skb_over_panic when receiving malformed ASCONF chunks
bnc#902349
VUL-0: CVE-2014-3687: kernel: net: sctp: fix panic on duplicate ASCONF chunks
bnc#902351
VUL-0: CVE-2014-3688: kernel: net: sctp: remote memory pressure from excessive queueing
bnc#902675
VUL-0: CVE-2014-8369: kernel: kvm: excessive pages un-pinning in kvm_iommu_map error path
bnc#903640
VUL-0: CVE-2014-8559: kernel: fs: deadlock due to incorrect usage of rename_lock
bnc#904013
VUL-0: CVE-2014-7826: kernel: OOB read in ftrace
bnc#904700
VUL-0: CVE-2014-8709: kernel: Leaking plaintext over ieee80211_fragment
bnc#905100
VUL-0: CVE-2014-7841 kernel: net: sctp: NULL pointer dereference in af->from_addr_param on malformed packet
bnc#905312
VUL-0: CVE-2014-7842: kernel: kvm: reporting emulation failures to userspace
bnc#905799
kernel 3.0.101-0.40 regression, ioctl ATA_SMART_ENABLE fails, worked with kernel 3.0.76
bnc#906586
kernel BUG at /usr/src/packages/BUILD/kernel-default-3.0.101/linux-3.0/mm/huge_memory.c:2391
bnc#907189
kernel BUG at /usr/src/packages/BUILD/kernel-default-3.0.101/linux-3.0/fs/nfs/pagelist.c:81!
bnc#907338
Paravirtualized Xen guest frozen - crashdump created, analysis needed
bnc#907396
Sun X6250 blades hanging (rcu_sched_state detected stalls) during shutdown on SP2 kernel
bnc#907818
VUL-0: CVE-2014-9090: kernel: x86_64, traps: Stop using IST for #SS
bnc#909077
VUL-0: CVE-2014-8133: kernel: tls: Validate TLS entries to protect espfix
bnc#909078
VUL-0: CVE-2014-8134: kernel: paravirt_enabled disables espfix32
bnc#910251
VUL-0: CVE-2014-9322 kernel: x86: local privilege escalation due to bad_iret and paranoid entry incompatibility
bnc#912654
VUL-1: CVE-2014-9584: kernel-source: isofs: unchecked printing of ER records
bnc#912705
VUL-0: CVE-2014-9585: kernel-source: ASLR bruteforce possible for vdso library
bnc#915335
L3: L3-Question: Possible deadlock in the leap second fix for bsc#771619