File _patchinfo of Package patchinfo.1786

<patchinfo incident="1786">
  <category>security</category>
<issue tracker="bnc" id="916225"/>
<issue tracker="bnc" id="940342"/>
<issue tracker="bnc" id="951542"/>
<issue tracker="bnc" id="951625"/>
<issue tracker="bnc" id="953052"/>
<issue tracker="bnc" id="954005"/>
<issue tracker="bnc" id="958601"/>
<issue tracker="cve" id="CVE-2015-2925"/>
<issue tracker="cve" id="CVE-2015-6937"/>
<issue tracker="cve" id="CVE-2015-7872"/>
<issue tracker="cve" id="CVE-2015-7990"/>
<issue tracker="cve" id="CVE-2015-8539"/>
  <rating>important</rating>
  <packager>mbenes</packager>
  <summary>Security update for kernel live patch 2</summary>
  <description>
This kernel live patch for Linux Kernel 3.12.36-38.1 fixes security issues and bugs:

Security issues fixed:
- CVE-2015-8539: A negatively instantiated user key could have been used
  by a local user to leverage privileges (bnc#958601).

- CVE-2015-6937: A NULL pointer dereference flaw was found in the Reliable
  Datagram Sockets (RDS) implementation allowing a local user to cause
  system DoS. A verification was missing that the underlying transport
  exists when a connection was created. (bsc#953052)

- CVE-2015-7990: RDS: Verify the underlying transport exists before
  creating a connection, preventing possible DoS (bsc#953052).

- CVE-2015-7872: Possible crash when trying to garbage collect an
  uninstantiated keyring (bsc#951542).

- CVE-2015-2925: The prepend_path function in fs/dcache.c in the Linux
  kernel did not properly handle rename actions inside a bind mount, which
  allowed local users to bypass an intended container protection mechanism
  by renaming a directory, related to a "double-chroot attack (bnc#951625).

Non-security bugfix were also done:
- xfs: Fix lost direct IO write in the last block (bsc#954005).
- simple fix in kallsyms initialization (bsc#940342 bsc#916225)
  </description>
</patchinfo>