From: Alexei Sheplyakov Date: Tue, 21 Oct 2014 08:39:04 +0000 (+0400) Subject: Security update, RHSA-2014:1392-2 X-Git-Url: https://review.fuel-infra.org/gitweb?a=commitdiff_plain;h=b14054745b66fafa48d6b95ae1feb054a838ca68;hp=b14054745b66fafa48d6b95ae1feb054a838ca68;p=packages%2Fcentos6%2Fkernel.git Security update, RHSA-2014:1392-2 Update to 2.6.32-504 (the latest upstream version at the time of writing). Fixes the following issues: * CVE-2014-4699: x86_64: ptrace: sysret to non-canonical address (impact: important, local privilege escalation/DoS) * CVE-2014-0205: futex: refcount issue in case of requeue (impact: important, local privilege escalation) * CVE-2014-3153: futex: pi futexes requeue issue (impact: important, local privilege escalation) * CVE-2014-2851: net: ping: refcount issue in ping_init_sock() function (impact: important, local privilege escalation/DoS) * CVE-2014-4943: net: pppol2tp: level handling in pppol2tp_[s,g]etsockopt() (impact: important) * CVE-2014-3535: net: NULL pointer dereference over VxLAN (impact: important, remote DoS) * CVE-2014-1737: block: floppy: privilege escalation via FDRAWCMD floppy ioctl command (impact: important) * CVE-2014-1738: block: floppy: privilege escalation via FDRAWCMD floppy ioctl command (impact: important) * CVE-2013-2596: integer overflow in fb_mmap (impact: important) * CVE-2014-5077: net: SCTP: fix a NULL pointer dereference during INIT collisions (impact: important) * CVE-2012-6647: futex: forbid uaddr == uaddr2 in futex_wait_requeue_pi() (impact: moderate, local DoS) * CVE-2013-4483: ipc: ipc_rcu_putref refcount races (impact: moderate) * CVE-2013-7339: net: rds: dereference of a NULL device in rds_ib_laddr_check() (impact: moderate) * CVE-2014-0181: net: insufficient permision checks of netlink messages (impact: moderate) * CVE-2014-0203: fs: slab corruption due to the invalid last component type during do_filp_open() (impact: moderate) * CVE-2014-2039: s390: crash due to linkage stack instructions (impact: moderate) * CVE-2014-2672: net: ath9k: tid->sched race in ath_tx_aggr_sleep() (impact: moderate) * CVE-2014-2678: net: rds: dereference of a NULL device in rds_iw_laddr_check() (impact: moderate, local DoS) * CVE-2014-2706: net: mac80211: crash dues to AP powersave TX vs. wakeup race (impact: moderate) * CVE-2014-3122: mm: try_to_unmap_cluster() should lock_page() before mlocking (impact: moderate) * CVE-2014-3144: filter: prevent nla extensions to peek beyond the end of the message (impact: moderate) * CVE-2014-3145: filter: prevent nla extensions to peek beyond the end of the message (impact: moderate) * CVE-2014-3601: kvm: invalid parameter passing in kvm_iommu_map_pages() (impact: moderate) * CVE-2014-3917: DoS with syscall auditing (impact: moderate, local DoS) * CVE-2014-4653: ALSA: control: do not access controls outside of protected regions (impact: moderate) * CVE-2014-4654: ALSA: control: use-after-free in replacing user controls (impact: moderate) * CVE-2014-4655: ALSA: control: use-after-free in replacing user controls (impact: moderate) * CVE-2014-4667: net: sctp: sk_ack_backlog wrap-around problem (impact: moderate) * CVE-2014-5045: vfs: refcount issues during unmount on symlink (impact: moderate) * CVE-2014-1874: SELinux: local denial-of-service (requires CAP_MAC_ADMIN) (impact: low) * CVE-2013-6378: drivers: libertas: potential oops in debugfs (impact: low) * CVE-2014-4608: lzo1x_decompress_safe() integer overflow (impact: low) Related-bug: #1381386 Related-bug: #1334769 Change-Id: Iccc4340230059369b0893ca5443553dff9361d02 ---