Overview Details Repositories Revisions Requests Users Attributes Meta
kernel: security and bugfix update

The Linux kernel was updated to fix various bugs and security issues:

- mm/page-writeback.c: do not count anon pages as dirtyable memory
(reclaim stalls).
- mm/page-writeback.c: fix dirty_balance_reserve subtraction
from dirtyable memory (reclaim stalls).

- compat_sys_recvmmsg X32 fix (bnc#860993 CVE-2014-0038).

- hwmon: (coretemp) Fix truncated name of alarm attributes

- net: fib: fib6_add: fix potential NULL pointer dereference
(bnc#854173 CVE-2013-6431).

- keys: fix race with concurrent install_user_keyrings()
(bnc#808358)(CVE-2013-1792).

- KVM: x86: Convert vapic synchronization to _cached functions
(CVE-2013-6368) (bnc#853052 CVE-2013-6368).

- wireless: radiotap: fix parsing buffer overrun (bnc#854634
CVE-2013-7027).

- KVM: x86: fix guest-initiated crash with x2apic (CVE-2013-6376)
(bnc#853053 CVE-2013-6376).

- KVM: x86: Fix potential divide by 0 in lapic (CVE-2013-6367)
(bnc#853051 CVE-2013-6367).

- KVM: Improve create VCPU parameter (CVE-2013-4587) (bnc#853050
CVE-2013-4587).

- staging: ozwpan: prevent overflow in oz_cdev_write() (bnc#849023
CVE-2013-4513).

- perf/x86: Fix offcore_rsp valid mask for SNB/IVB (bnc#825006).
- perf/x86: Add Intel IvyBridge event scheduling constraints
(bnc#825006).

- libertas: potential oops in debugfs (bnc#852559 CVE-2013-6378).

- aacraid: prevent invalid pointer dereference (bnc#852373
CVE-2013-6380).

- staging: wlags49_h2: buffer overflow setting station name
(bnc#849029 CVE-2013-4514).

- net: flow_dissector: fail on evil iph->ihl (bnc#848079
CVE-2013-4348).

- Staging: bcm: info leak in ioctl (bnc#849034 CVE-2013-4515).

- Refresh
patches.fixes/net-rework-recvmsg-handler-msg_name-and-msg_namelen-logic.patch.

- ipv6: remove max_addresses check from ipv6_create_tempaddr
(bnc#805226, CVE-2013-0343).

- net: rework recvmsg handler msg_name and msg_namelen logic
(bnc#854722).

- crypto: ansi_cprng - Fix off by one error in non-block size
request (bnc#840226).

- x6: Fix reserve_initrd so that acpi_initrd_override is reached
(bnc#831836).
- Refresh other Xen patches.

- aacraid: missing capable() check in compat ioctl (bnc#852558).

- patches.fixes/gpio-ich-fix-ichx_gpio_check_available-return.patch: Update upstream reference

- perf/ftrace: Fix paranoid level for enabling function tracer
(bnc#849362).

- xhci: fix null pointer dereference on
ring_doorbell_for_active_rings (bnc#848255).
- xhci: Fix oops happening after address device timeout
(bnc#848255).
- xhci: Ensure a command structure points to the correct trb on
the command ring (bnc#848255).

- patches.arch/iommu-vt-d-remove-stack-trace-from-broken-irq-remapping-warning.patch:
Update upstream reference.

- Allow NFSv4 username mapping to work properly (bnc#838024).

- Refresh btrfs attribute publishing patchset to match openSUSE-13.1
No user-visible changes, but uses kobj_sysfs_ops and better kobject
lifetime management.

- Fix a few incorrectly checked [io_]remap_pfn_range() calls
(bnc#849021, CVE-2013-4511).

- drm/radeon: don't set hpd, afmt interrupts when interrupts
are disabled.

- patches.fixes/cifs-fill-TRANS2_QUERY_FILE_INFO-ByteCount-fields.patch:
Fix TRANS2_QUERY_FILE_INFO ByteCount fields (bnc#804950).

- iommu: Remove stack trace from broken irq remapping warning
(bnc#844513).

- Disable patches related to bnc#840656
patches.suse/btrfs-cleanup-don-t-check-the-same-thing-twice
patches.suse/btrfs-0220-fix-for-patch-cleanup-don-t-check-the-same-thi.patch

- btrfs: use feature attribute names to print better error
messages.
- btrfs: add ability to change features via sysfs.
- btrfs: add publishing of unknown features in sysfs.
- btrfs: publish per-super features to sysfs.
- btrfs: add per-super attributes to sysfs.
- btrfs: export supported featured to sysfs.
- kobject: introduce kobj_completion.
- btrfs: add ioctls to query/change feature bits online.
- btrfs: use btrfs_commit_transaction when setting fslabel.

- x86/iommu/vt-d: Expand interrupt remapping quirk to cover x58
chipset (bnc#844513).

- NFSv4: Fix issues in nfs4_discover_server_trunking (bnc#811746).

- iommu/vt-d: add quirk for broken interrupt remapping on 55XX
chipsets (bnc#844513).

Fixed bugs
bnc#804950
cifs share not working correctly after update
bnc#840656
btrfs kernel BUG at fs/btrfs/extent-tree.c:6621!
bnc#805226
VUL-1: CVE-2013-0343: kernel: Linux kernel handling of IPv6 temporary addresses
bnc#840226
VUL-1 CVE-2013-4345: kernel: ansi_cprng.c error in random number generation
bnc#838024
NFS mount show id 4294967294 for some users.
bnc#854722
VUL-0: kernel: net: memory leak in recvmsg handler msg_name & msg_namelen logic
bnc#852559
VUL-1: CVE-2013-6378: kernel: libertas: Marvell 8xxx Libertas WLAN driver support vulnerable to denial of service
bnc#852558
VUL-1: CVE-2013-6383: kernel: Adaptec RAID controller driver could allow bypass operation restrictions
bnc#853051
VUL-1: CVE-2013-6367: kernel: kvm: division by zero in apic_get_tmcct()
bnc#853050
VUL-1: CVE-2013-4587: kernel: kvm: rtc_status.dest_map out-of-bounds access
bnc#853053
VUL-1: CVE-2013-6376: kernel: kvm: BUG_ON() in apic_cluster_id()
bnc#853052
VUL-1: CVE-2013-6368: kernel: kvm: cross page vapic_addr access
bnc#825006
VUL-1: CVE-2013-2146: kernel: perf/x86: offcore_rsp valid mask for SNB/IVB
bnc#808358
VUL-1: kernel: CVE-2013-1792 Linux kernel: KEYS: race with concurrent install_user_keyrings()
bnc#849034
VUL-1: CVE-2013-4515: kernel: staging/bcm: kernel memory disclosure via uninitialized structure members
bnc#854173
VUL-1: CVE-2013-6431: kernel: net: fib: fib6_add: potential NULL pointer dereference
bnc#854634
VUL-1: CVE-2013-7027: kernel: wireless: radiotap: fix parsing buffer overrun
bnc#848079
VUL-1: CVE-2013-4348: kernel: endless loop in skb_flow_dissect
bnc#831836
unable to override DSDT
bnc#849362
VUL-1: CVE-2013-2930: kernel: perf/ftrace local user crash
bnc#811746
nfs-kernel bug on 12.3 on X86_64
bnc#852373
VUL-1: CVE-2013-6380: kernel: aacraid: aacraid: invalid pointer dereference
bnc#844513
Broken MSI and MSI-X interrupt remapping on Intel 55XX chipsets
bnc#849023
VUL-1: CVE-2013-4513: kernel: staging/ozwpan: buffer overflow in write syscall
bnc#860993
VUL-0: EMBARGOED: CVE-2014-0038: kernel: 3.4+: arbitrary write with CONFIG_X86_X32
bnc#849021
VUL-0: CVE-2013-4511: kernel: mapping of physical memory to user space without proper size check
bnc#848255
usb device freezes usb host?!?
bnc#849029
VUL-1: CVE-2013-4514: kernel: staging/wlags49_h2: buffer overflow when setting station name
CVE-CVE-2013-1792
CVE-CVE-2013-4587
CVE-CVE-2013-6367
CVE-CVE-2013-6376
CVE-CVE-2014-0038
CVE-CVE-2013-6368
CVE-CVE-2013-4514
CVE-CVE-2013-6380
CVE-CVE-2013-7027
CVE-CVE-2013-4348
CVE-CVE-2013-4513
CVE-CVE-2013-4511
CVE-CVE-2013-4515
CVE-CVE-2013-6378
CVE-CVE-2013-0343
CVE-CVE-2013-6431
Selected Binaries
openSUSE Build Service is sponsored by
Places