File _patchinfo of Package patchinfo.4114

Overview Repositories Revisions Requests Users Attributes Meta

File _patchinfo of Package patchinfo.4114

<patchinfo incident="4114">
  <category>security</category>
  <rating>important</rating>
  <packager>jeff_mahoney</packager>
  <summary>Security update for the Linux Kernel</summary>
  <reboot_needed/>
<issue tracker="bnc" id="951440"/>
<issue tracker="bnc" id="919154"/>
<issue tracker="bnc" id="926238"/>
<issue tracker="bnc" id="937969"/>
<issue tracker="bnc" id="938645"/>
<issue tracker="bnc" id="939834"/>
<issue tracker="bnc" id="940338"/>
<issue tracker="bnc" id="941104"/>
<issue tracker="bnc" id="941305"/>
<issue tracker="bnc" id="941867"/>
<issue tracker="bnc" id="942178"/>
<issue tracker="bnc" id="944296"/>
<issue tracker="bnc" id="947155"/>
<issue tracker="bnc" id="951195"/>
<issue tracker="cve" id="CVE-2015-7872"/>
<issue tracker="cve" id="CVE-2015-0272"/>
<issue tracker="cve" id="CVE-2015-1333"/>
<issue tracker="cve" id="CVE-2015-2925"/>
<issue tracker="cve" id="CVE-2015-3290"/>
<issue tracker="cve" id="CVE-2015-5283"/>
<issue tracker="cve" id="CVE-2015-5707"/>
  <description>
The openSUSE 13.2 kernel was updated to receive various security and bugfixes.

Following security bugs were fixed:
* CVE-2015-3290: arch/x86/entry/entry_64.S in the Linux kernel on
  the x86_64 platform improperly relied on espfix64 during nested NMI
  processing, which allowed local users to gain privileges by triggering
  an NMI within a certain instruction window (bnc#937969)
* CVE-2015-0272: It was reported that it's possible to craft a Router
  Advertisement message which will bring the receiver in a state where new
  IPv6 connections will not be accepted until correct Router Advertisement
  message received. (bsc#944296).
* CVE-2015-5283: The sctp_init function in net/sctp/protocol.c in the
  Linux kernel had an incorrect sequence of protocol-initialization steps,
  which allowed local users to cause a denial of service (panic or memory
  corruption) by creating SCTP sockets before all of the steps have finished
  (bnc#947155).
* CVE-2015-1333: Memory leak in the __key_link_end function in
  security/keys/keyring.c in the Linux kernel allowed local users to cause
  a denial of service (memory consumption) via many add_key system calls
  that refer to existing keys. (bsc#938645)
* CVE-2015-5707: Integer overflow in the sg_start_req function in
  drivers/scsi/sg.c in the Linux kernel allowed local users to cause a
  denial of service or possibly have unspecified other impact via a large
  iov_count value in a write request. (bsc#940338)
* CVE-2015-2925: An attacker could potentially break out of a namespace
  or container, depending on if he had specific rights in these containers.
  (bsc#926238).
* CVE-2015-7872: A vulnerability in keyrings garbage collector allowed
  a local user to trigger an oops was found, caused by using request_key() or
  keyctl request2. (bsc#951440)

The following non-security bugs were fixed:
- input: evdev - do not report errors form flush() (bsc#939834).
- NFSv4: Recovery of recalled read delegations is broken (bsc#942178).
- apparmor: temporary work around for bug while unloading policy (boo#941867).
- config/x86_64/ec2: Align CONFIG_STRICT_DEVMEM CONFIG_STRICT_DEVMEM is
  enabled in every other kernel flavor, so enable it for x86_64/ec2 as well.
- kernel-obs-build: add btrfs to initrd This is needed for kiwi builds.
- mmc: card: Do not access RPMB partitions for normal read/write (bnc#941104).
- netback: coalesce (guest) RX SKBs as needed (bsc#919154).
- rpm/kernel-obs-build.spec.in: Add virtio_rng to the initrd. This allows
  to feed some randomness to the OBS workers.
- xfs: Fix file type directory corruption for btree directories (bsc#941305).
- xfs: ensure buffer types are set correctly (bsc#941305).
- xfs: inode unlink does not set AGI buffer type (bsc#941305).
- xfs: set buf types when converting extent formats (bsc#941305).
- xfs: set superblock buffer type correctly (bsc#941305).
- xhci: Add spurious wakeup quirk for LynxPoint-LP controllers (bnc#951195).
  </description>
</patchinfo>

Places

File _patchinfo of Package patchinfo.4114

Places