fix oops in do_tcp_sendpages
Apply the upstream patch http://git.kernel.org/cgit/linux/kernel/git/stable/\
linux-stable.git/commit/?id=
64022d0b4e93ea432e95db55a72b8a1c5775f3c0 to fix
the oops in `do_tcp_sendpages'.
Change-Id: Id0f6d1ccd9e0abd856da385f2ad461a022431a7e
Closes-Bug: #
1456605
Related-Bug: #
1449977
Security update, RHSA-2014-1843
Update to 2.6.32-504.1.3 (the latest upstream version at the time of writing).
Fixes the following problems:
* CVE-2014-3611: KVM: host kernel DoS due to a race condition in PIT
emulation. A guest user who has access to PIT IO ports could use this
flaw to crash the host. (impact: important, host DoS from a guest)
* CVE-2014-3645, CVE-2014-3646: KVM: guest DoS by an unprivileged user
due to the missing handling of the VM exits for invept and invvpid.
(impact: moderate, guest DoS with certain Intel processors)
* CVE-2014-3185: local DoS/privilege escalation due to a memory corruption
in the USB ConnectTech WhiteHEAT serial driver (impact: moderate).
* BZ#
1148693: virtio-net: kernel was unable to boot with the mgr_rxbuf=off
option specified
* BZ#
1149083: possible kernel panic when using one of the newer IPSec
authentication header (AH) algorithms with Openswan.
* BZ#
1142570: possible DoS due to the race between PCI error recovery
and ifup/ifdown commands in the tg3 driver.
* BZ#
1149578: kernel panic when an IPMI interface was removed using
the hotmod scrpit.
* BZ#
1149580: possible kernel panic when adding an IPMI interface that
was previously removed using the hotmod script.
* BZ#
1145193: GFS2 failed to unmount a sub-mounted GFS2 file system if
its parent was also a GFS2 file system.
Change-Id: Ia6c60a039ed4c9b35b76600a89935a907c1a1b21
Related-bug: #
1395586
Related-bug: #
1395607
Security update, RHSA-2014:1392-2
Update to 2.6.32-504 (the latest upstream version at the time of writing).
Fixes the following issues:
* CVE-2014-4699: x86_64: ptrace: sysret to non-canonical address (impact: important, local privilege escalation/DoS)
* CVE-2014-0205: futex: refcount issue in case of requeue (impact: important, local privilege escalation)
* CVE-2014-3153: futex: pi futexes requeue issue (impact: important, local privilege escalation)
* CVE-2014-2851: net: ping: refcount issue in ping_init_sock() function (impact: important, local privilege escalation/DoS)
* CVE-2014-4943: net: pppol2tp: level handling in pppol2tp_[s,g]etsockopt() (impact: important)
* CVE-2014-3535: net: NULL pointer dereference over VxLAN (impact: important, remote DoS)
* CVE-2014-1737: block: floppy: privilege escalation via FDRAWCMD floppy ioctl command (impact: important)
* CVE-2014-1738: block: floppy: privilege escalation via FDRAWCMD floppy ioctl command (impact: important)
* CVE-2013-2596: integer overflow in fb_mmap (impact: important)
* CVE-2014-5077: net: SCTP: fix a NULL pointer dereference during INIT collisions (impact: important)
* CVE-2012-6647: futex: forbid uaddr == uaddr2 in futex_wait_requeue_pi() (impact: moderate, local DoS)
* CVE-2013-4483: ipc: ipc_rcu_putref refcount races (impact: moderate)
* CVE-2013-7339: net: rds: dereference of a NULL device in rds_ib_laddr_check() (impact: moderate)
* CVE-2014-0181: net: insufficient permision checks of netlink messages (impact: moderate)
* CVE-2014-0203: fs: slab corruption due to the invalid last component type during do_filp_open() (impact: moderate)
* CVE-2014-2039: s390: crash due to linkage stack instructions (impact: moderate)
* CVE-2014-2672: net: ath9k: tid->sched race in ath_tx_aggr_sleep() (impact: moderate)
* CVE-2014-2678: net: rds: dereference of a NULL device in rds_iw_laddr_check() (impact: moderate, local DoS)
* CVE-2014-2706: net: mac80211: crash dues to AP powersave TX vs. wakeup race (impact: moderate)
* CVE-2014-3122: mm: try_to_unmap_cluster() should lock_page() before mlocking (impact: moderate)
* CVE-2014-3144: filter: prevent nla extensions to peek beyond the end of the message (impact: moderate)
* CVE-2014-3145: filter: prevent nla extensions to peek beyond the end of the message (impact: moderate)
* CVE-2014-3601: kvm: invalid parameter passing in kvm_iommu_map_pages() (impact: moderate)
* CVE-2014-3917: DoS with syscall auditing (impact: moderate, local DoS)
* CVE-2014-4653: ALSA: control: do not access controls outside of protected regions (impact: moderate)
* CVE-2014-4654: ALSA: control: use-after-free in replacing user controls (impact: moderate)
* CVE-2014-4655: ALSA: control: use-after-free in replacing user controls (impact: moderate)
* CVE-2014-4667: net: sctp: sk_ack_backlog wrap-around problem (impact: moderate)
* CVE-2014-5045: vfs: refcount issues during unmount on symlink (impact: moderate)
* CVE-2014-1874: SELinux: local denial-of-service (requires CAP_MAC_ADMIN) (impact: low)
* CVE-2013-6378: drivers: libertas: potential oops in debugfs (impact: low)
* CVE-2014-4608: lzo1x_decompress_safe() integer overflow (impact: low)
Related-bug: #
1381386
Related-bug: #
1334769
Change-Id: Iccc4340230059369b0893ca5443553dff9361d02