Overview Details Repositories Revisions Requests Users Attributes Meta
kernel: security and bugfix release

The Linux kernel was updated to fix security issues and bugs:

Security issues fixed:
CVE-2014-3153: The futex_requeue function in kernel/futex.c in the Linux
kernel did not ensure that calls have two different futex addresses,
which allowed local users to gain privileges via a crafted FUTEX_REQUEUE
command that facilitates unsafe waiter modification.

CVE-2014-0077: drivers/vhost/net.c in the Linux kernel, when mergeable
buffers are disabled, did not properly validate packet lengths, which
allowed guest OS users to cause a denial of service (memory corruption
and host OS crash) or possibly gain privileges on the host OS via crafted
packets, related to the handle_rx and get_rx_bufs functions.

CVE-2014-0055: The get_rx_bufs function in drivers/vhost/net.c in the
vhost-net subsystem in the Linux kernel package did not properly handle
vhost_get_vq_desc errors, which allowed guest OS users to cause a denial
of service (host OS crash) via unspecified vectors.

CVE-2014-2678: The rds_iw_laddr_check function in net/rds/iw.c in the
Linux kernel allowed local users to cause a denial of service (NULL
pointer dereference and system crash) or possibly have unspecified other
impact via a bind system call for an RDS socket on a system that lacks
RDS transports.

CVE-2013-7339: The rds_ib_laddr_check function in net/rds/ib.c in the
Linux kernel allowed local users to cause a denial of service (NULL
pointer dereference and system crash) or possibly have unspecified other
impact via a bind system call for an RDS socket on a system that lacks
RDS transports.

CVE-2014-2851: Integer overflow in the ping_init_sock function in
net/ipv4/ping.c in the Linux kernel allowed local users to cause a denial
of service (use-after-free and system crash) or possibly gain privileges
via a crafted application that leverages an improperly managed reference
counter.

CVE-2014-3122: The try_to_unmap_cluster function in mm/rmap.c in the Linux
kernel did not properly consider which pages must be locked, which allowed
local users to cause a denial of service (system crash) by triggering
a memory-usage pattern that requires removal of page-table mappings.

Bugs fixed:
- memcg: deprecate memory.force_empty knob (bnc#878274).

Fixed bugs
bnc#873374
VUL-0: CVE-2014-2851: kernel: net: ping: refcount issue in ping_init_sock() function
bnc#880892
VUL-0: CVE-2014-3153: kernel: Exploitable futex vulnerability
bnc#870173
VUL-0: CVE-2014-0055: kernel: vhost-net: insufficient handling of error conditions in get_rx_bufs()
bnc#870576
VUL-1: CVE-2014-0077: kernel: vhost-net: insufficiency in handling of big packets in handle_rx()
bnc#878274
memory cgroup controller: memory.force_empty will get deprecated
bnc#869563
VUL-1: CVE-2013-7339: kernel: rds: NULL ptr dereference issue in rds_ib_laddr_check
bnc#876102
VUL-0: CVE-2014-3122: Kernel: mm: try_to_unmap_cluster() should lock_page() before mlocking
bnc#871561
VUL-0: CVE-2014-2678: kernel: net: rds: dereference of a NULL device in rds_iw_laddr_check()
CVE-CVE-2014-3122
CVE-CVE-2014-2678
CVE-CVE-2014-0077
CVE-CVE-2014-0055
CVE-CVE-2014-3153
CVE-CVE-2014-2851
CVE-CVE-2013-7339
Selected Binaries
openSUSE Build Service is sponsored by
Places