Alerts This Week
Warning Icon 1 560
Alerts This Week
Warning Icon 1 560

Fedora: 20 Kernel 3.19.3 Moderate DoS Risks and Important Fixes

fedora
Calendar Grey April 7, 2015
Dist Fedora Esm H88
The latest kernel update for CentOS 7 introduces significant improvements, addressing critical vulnerabilities and enhancing overall security against potential exploit threats.
The 3.19.3 rebase contains improved hardware support, a number of new features, and many important fixes across the tree.

Summary

The kernel package contains the Linux kernel (vmlinuz), the core of any

Linux operating system. The kernel handles the basic functions

of the operating system: memory allocation, process allocation, device

input and output, etc.

Update Information:

The 3.19.3 rebase contains improved hardware support, a number of new features, and many important fixes across the tree.

Topics%20covered

Topics Covered

security advisory moderate update Fedora DoS kernel improvements

Change Log

* Fri Mar 27 2015 Justin M. Forbes - 3.19.3-100 - Linux v3.19.3 rebase (rhbz 1205088) * Mon Mar 23 2015 Josh Boyer - CVE-2015-2672 unprivileged DoS du to mis-protected xsave/xstor instructions (rhbz 1204724 1204729) - CVE-2015-2666 execution in the early microcode loader (rhbz 1204724 1204722) * Fri Mar 20 2015 Josh Boyer - Fix brightness on Lenovo Ideapad Z570 (rhbz 1187004) * Fri Mar 13 2015 Josh Boyer - Add patch to support clickpads (rhbz 1201532) * Thu Mar 12 2015 Josh Boyer - CVE-2014-8159 infiniband: uverbs: unprotected physical memory access (rhbz 1181166 1200950) * Wed Mar 11 2015 Josh Boyer - Fix blank screen after resume with various radeon devices (rhbz 1069027) - CVE-2015-2150 xen: NMIs triggerable by guests (rhbz 1196266 1200397) - Patch series to fix Lenovo *40 and Carbon X1 touchpads (rhbz 1200777 1200778) * Tue Mar 10 2015 Josh Boyer - CVE-2015-2042 rds: information handling flaw in sysctl (rhbz 1195355 1199365) * Mon Mar 9 2015 Justin M. Forbes - 3.18.9-100 - Linux v3.18.9 * Mon Mar 2 2015 Josh Boyer - Add patch to fix nfsd soft lockup (rhbz 1185519) - Enable ET131X driver (rhbz 1197842) * Sat Feb 28 2015 Peter Robinson - Fix Panda on ARMv7 crash on boot * Fri Feb 27 2015 Josh Boyer - CVE-2015-1421 sctp: slab corruption from use after free on INIT collisions (rhbz 1196581 1196595) * Wed Feb 25 2015 Josh Boyer - Add support for AR5B195 devices from Alexander Ploumistos (rhbz 1190947) * Tue Feb 24 2015 Josh Boyer - Fix ext4 remount with journal_checksum option (rhbz 1190933) * Mon Feb 23 2015 Josh Boyer - Add patch for HID i2c from Seth Forshee (rhbz 1188439) - CVE-2015-0275 ext4: fallocate zero range page size > block size BUG (rhbz 1193907 1195178) * Mon Feb 16 2015 Josh Boyer - CVE-XXXX-XXXX potential memory corruption in vhost/scsi driver (rhbz 1189864 1192079) - CVE-2015-1593 stack ASLR integer overflow (rhbz 1192519 1192520) * Wed Feb 11 2015 Justin M. Forbes - 3.18.7-100 - Linux v3.18.7 - Add disable_native_backlight quirk for Samsung 510R (rhbz 1186097) * Fri Feb 6 2015 Justin M. Forbes - 3.18.6-100 - Linux v3.18.6 * Mon Feb 2 2015 Justin M. Forbes - 3.18.5-101 - Fixup adjtimex freq validation on 32bit systems (rhbz 1188074) * Mon Feb 2 2015 Josh Boyer - CVE-XXXX-XXX DoS due to routing packets to too many different dsts/too fast (rhbz 1183744 1188347) * Fri Jan 30 2015 Justin M. Forbes - 3.18.5-100 - Linux v3.18.5 * Thu Jan 29 2015 Josh Boyer - Backport patch from Rob Clark to toggle i915 state machine checks - Disable i915 state checks * Wed Jan 28 2015 Justin M. Forbes - 3.18.4-100 - Linux v3.18.4 * Thu Jan 15 2015 Josh Boyer - 3.17.8-201 - CVE-2014-8160 iptables restriction bypass (rhbz 1182059 1182063) * Mon Jan 12 2015 Josh Boyer - CVE-2014-9585 ASLR brute-force possible for vdso (rhbz 1181054 1181056) - Backlight fixes for Samsung and Dell machines (rhbz 1094948 1115713 1163574) - Add various UAS quirks (rhbz 1124119) - Add patch to fix loop in VDSO (rhbz 1178975) * Thu Jan 8 2015 Justin M. Forbes - 3.17.8-200 - Linux v3.17.8 * Wed Jan 7 2015 Josh Boyer - CVE-2014-9529 memory corruption or panic during key gc (rhbz 1179813 1179853) - Enable POWERCAP and INTEL_RAPL * Tue Jan 6 2015 Josh Boyer - CVE-2014-9419 partial ASLR bypass through TLS base addr leak (rhbz 1177260 1177263) - CVE-2014-9428 remote DoS via batman-adv (rhbz 1178826 1178833) - Fix CIFS login issue (rhbz 1163927) * Mon Dec 29 2014 Josh Boyer - Enable F2FS (rhbz 972446) * Thu Dec 18 2014 Josh Boyer - CVE-2014-8989 userns can bypass group restrictions (rhbz 1170684 1170688) - Fix dm-cache crash (rhbz 1168434) - Fix blk-mq crash on CPU hotplug (rhbz 1175261) * Wed Dec 17 2014 Josh Boyer - Enable USBIP in modules-extra from Johnathan Dieter (rhbz 1169478) - CVE-2014-XXXX isofs: infinite loop in CE record entries (rhbz 1175235 1175250) * Tue Dec 16 2014 Justin M. Forbes - 3.17.7-200 - Linux v3.17.7 * Tue Dec 16 2014 Josh Boyer - CVE-2014-8559 deadlock due to incorrect usage of rename_lock (rhbz 1159313 1173814) - Add patch from Josh Stone to restore var-tracking via Kconfig (rhbz 1126580) * Mon Dec 15 2014 Josh Boyer - Fix ppc64 boot with smt-enabled=off (rhbz 1173806) - CVE-2014-8133 x86: espfix(64) bypass via set_thread_area and CLONE_SETTLS (rhbz 1172797 1174374) * Fri Dec 12 2014 Josh Boyer - Remove pointless warning in cfg80211 (rhbz 1172543) * Wed Dec 10 2014 Josh Boyer - Fix MSI issues on another Samsung pci-e SSD (rhbz 1084928) - Fix UAS crashes with Seagate and Fresco Logic drives (rhbz 1164945) - CVE-2014-8134 fix espfix for 32-bit KVM paravirt guests (rhbz 1172765 1172769) * Mon Dec 8 2014 Justin M. Forbes - 3.17.6-200 - Linux v3.17.6 * Thu Dec 4 2014 Josh Boyer - CVE-2014-9090 local DoS via do_double_fault due to improper SS faults (rhbz 1170691) * Mon Dec 1 2014 Josh Boyer - Add patch to quiet i915 driver on long hdps - Add patch to fix oops when using xpad (rhbz 1094048) * Thu Nov 27 2014 Josh Boyer - Add patch to fix radeon HDMI issues (rhbz 1167511) * Mon Nov 24 2014 Josh Boyer - Add quirk for Laser Mouse 6000 (rhbz 1165206) * Fri Nov 21 2014 Justin M. Forbes - 3.17.4-200 - Linux v3.17.4 - disable early microcode load (rhbz 1163520) * Fri Nov 21 2014 Josh Boyer - Move TPM drivers to main kernel package (rhbz 1164937) * Wed Nov 19 2014 Josh Boyer - Disable SERIAL_8250 on s390x (rhbz 1158848) * Fri Nov 14 2014 Justin M. Forbes - 3.17.3-200 - Linux v3.17.3 * Fri Nov 14 2014 Josh Boyer - Quiet WARN in i915 edp VDD handling - Enable I40EVF driver (rhbz 1164029) * Thu Nov 13 2014 Josh Boyer - Add patch for MS Surface Pro 3 Type Cover (rhbz 1135338) - CVE-2014-7843 aarch64: copying from /dev/zero causes local DoS (rhbz 1163744 1163745) - CVE-2014-7842 kvm: reporting emulation failures to userspace (rhbz 1163762 1163767) * Wed Nov 12 2014 Josh Boyer - CVE-2014-7841 sctp: NULL ptr deref on malformed packet (rhbz 1163087 1163095) * Mon Nov 10 2014 Josh Boyer - Fix Samsung pci-e SSD handling on some macbooks (rhbz 1161805) - Add patch to fix crypto allocation issues on PAGE_SIZE > 4k * Fri Nov 7 2014 Josh Boyer - Fix iwlwifi oops (rhbz 1151836) - CVE-2014-7826 CVE-2014-7825 insufficient syscall number validation in perf and ftrace subsystems (rhbz 1161565 1161572) * Tue Nov 4 2014 Justin M. Forbes - 3.17.2-200 - Linux v3.17.2 * Thu Oct 30 2014 Justin M. Forbes - 3.16.7-200 - Linux v3.16.7 * Wed Oct 29 2014 Josh Boyer - Fix DVB-T cxusb firmware loading (rhbz 1154454) * Tue Oct 28 2014 Josh Boyer - Add quirk for rfkill on Yoga 3 machines (rhbz 1157327) * Fri Oct 24 2014 Josh Boyer - 3.16.6-203 - CVE-2014-3610 kvm: noncanonical MSR writes (rhbz 1144883 1156543) - CVE-2014-3611 kvm: PIT timer race condition (rhbz 1144878 1156537) - CVE-2014-3646 kvm: vmx: invvpid vm exit not handled (rhbz 1144825 1156534) - CVE-2014-8369 kvm: excessive pages un-pinning in kvm_iommu_map error path (rhbz 1156518 1156522) - Add touchpad quirk for Fujitsu Lifebook A544/AH544 models (rhbz 1111138) * Wed Oct 22 2014 Josh Boyer - 3.16.6-202 - CVE-2014-3688 sctp: remote memory pressure from excessive queuing (rhbz 1155745 1155751) - CVE-2014-3687 sctp: panic on duplicate ASCONF chunks (rhbz 1155731 1155738) - CVE-2014-3673 sctp: panic with malformed ASCONF chunks (rhbz 1147850 1155727) - CVE-2014-3690 kvm: invalid host cr4 handling (rhbz 1153322 1155372) - Add patch to fix synaptics forcepad issues (rhbz 1153381) - Add patch to fix wifi on X550VB machines (rhbz 1089731) * Fri Oct 17 2014 Josh Boyer - CVE-2014-8086 ext4: race condition (rhbz 1151353 1152608) * Wed Oct 15 2014 Justin M. Forbes - 3.16.6-200 - Linux v3.16.6 * Mon Oct 13 2014 Josh Boyer - CVE-2014-7975 fs: umount DoS (rhbz 1151108 1152025) * Sat Oct 11 2014 Josh Boyer - Add patches to fix elantech touchscreens (rhbz 1149509) * Fri Oct 10 2014 Josh Boyer - Add patch to fix bcache NULL ptr deref (rhbz 1149414) - CVE-2014-7970 VFS: DoS with USER_NS (rhbz 1151095 1151484) - Drop doubly applied ACPI video quirk patches * Thu Oct 9 2014 Justin M. Forbes - 3.16.5-200 - Linux v3.16.5 * Tue Oct 7 2014 Josh Boyer - Add patch to fix GFS2 regression (from Bob Peterson) * Mon Oct 6 2014 Justin M. Forbes - 3.16.4-200 - Linux v3.16.4 * Tue Sep 23 2014 Josh Boyer - Add patch to fix XPS 13 touchpad issue (rhbz 1123584) * Mon Sep 22 2014 Josh Boyer - Add patch to fix i2c-hid touchpad resume (rhbz 1143812) * Wed Sep 17 2014 Justin M. Forbes - 3.16.3-200 - Linux v3.16.3 * Mon Sep 15 2014 Josh Boyer - 3.16.2-201 - CVE-2014-6410 udf: avoid infinite loop on indirect ICBs (rhbz 1141809 1141810) - CVE-2014-3186 HID: memory corruption via OOB write (rhbz 1141407 1141410) * Fri Sep 12 2014 Josh Boyer - CVE-2014-3181 HID: OOB write in magicmouse driver (rhbz 1141173 1141179) * Thu Sep 11 2014 Josh Boyer - Add support for touchpad in Asus X450 and X550 (rhbz 1110011) * Wed Sep 10 2014 Josh Boyer - CVE-2014-3631 Add patch to fix oops on keyring gc (rhbz 1116347) * Mon Sep 8 2014 Justin M. Forbes - 3.16.2-200 - Linux v3.16.2 * Thu Sep 4 2014 Josh Boyer - Add support for Wacom Cintiq Companion from Benjamin Tissoires (rhbz 1134969) * Thu Aug 28 2014 Josh Boyer - Fix NFSv3 ACL regression (rhbz 1132786) - Don't enable CONFIG_DEBUG_WW_MUTEX_SLOWPATH (rhbz 1114160) * Wed Aug 27 2014 Justin M. Forbes - 3.15.10-201 - CVE-2014-{5471,5472} isofs: Fix unbounded recursion when processing relocated directories (rhbz 1134099 1134101) * Wed Aug 27 2014 Josh Boyer - Disable streams on via XHCI (rhbz 1132666) * Fri Aug 22 2014 Josh Boyer - Drop userns revert patch (rhbz 917708) * Tue Aug 19 2014 Josh Boyer - Fix NFSv3 oops (rhbz 1131551) * Thu Aug 14 2014 Josh Boyer - 3.15.10-200 - Linux v3.15.10 * Thu Aug 14 2014 Hans de Goede - UAS: Limit max number of requests over USB-2 to 32 (rhbz#1128472) * Wed Aug 13 2014 Justin M. Forbes 3.15.9-201 - Bump for build * Wed Aug 13 2014 Josh Boyer - CVE-2014-{5206,5207} ro bind mount bypass with namespaces (rhbz 1129662 1129669) * Sat Aug 9 2014 Justin M. Forbes 3.15.9-200 - Linux v3.15.9 * Sat Aug 2 2014 Josh Boyer - Backport two patches to fix T440s dock audio (rhbz 1101386) * Thu Jul 31 2014 Justin M. Forbes 3.15.8-200 - Linux v3.15.8 * Mon Jul 28 2014 Justin M. Forbes 3.15.7-200 - Linux v3.15.7 * Mon Jul 28 2014 Hans de Goede - Add use_native_backlight=1 quirk for HP ProBook 4540s (rhbz#1025690) - Add use_native_backlight=1 quirk for HP EliteBook 2014 series (rhbz#1123565) - Blacklist usb bulk streams on Etron EJ168 xhci controllers (rhbz#1121288) * Mon Jul 28 2014 Josh Boyer - CVE-2014-5077 sctp: fix NULL ptr dereference (rhbz 1122982 1123696) * Fri Jul 25 2014 Josh Boyer - Re-add patch fixing spice resize (rhbz 1060327) * Thu Jul 24 2014 Josh Boyer - CVE-2014-4171 shmem: denial of service (rhbz 1111180 1118247) - CVE-2014-5045 vfs: refcount issues during lazy umount on symlink (rhbz 1122471 1122482) - Fix regression in sched_setparam (rhbz 1117942) - CVE-2014-3534 s390: ptrace: insufficient sanitization with psw mask (rhbz 1114089 1122612) - Fix ath3k bluetooth regression (rhbz 1121785) * Thu Jul 17 2014 Josh Boyer - 3.15.6-200 - Linux v3.15.6 - CVE-2014-4943 pppol2tp level handling (rhbz 1119458 1120542) * Wed Jul 16 2014 Josh Boyer - Enable hermes prism driver (rhbz 1120393) * Mon Jul 14 2014 Josh Boyer - 3.15.5-200 - Linux v3.15.5 - Fix i915 regression with external monitors (rhbz 1117008) * Fri Jul 11 2014 Peter Robinson - Enable ISL12057 RTC for ARM (NetGear ReadyNAS) * Mon Jul 7 2014 Justin M. Forbes 3.15.4-200 - Linux v3.15.4 - Fixes CVE-2014-4715 (rhbz 1115767 1116362) - Fixes CVE-2014-4699 (rhbz 1115927 1116477) * Tue Jul 1 2014 Justin M. Forbes 3.15.3-200 - Linux v3.15.3 - drm/i915: Fix backlight regression caused by misconfigured VBT * Tue Jul 1 2014 Hans de Goede - Add min/max quirk for the ThinkPad Edge E531 touchpad (rhbz#1114768) * Mon Jun 30 2014 Josh Boyer - 3.15.2-200 - Backport netfilter panic fix (rhbz 1015989) * Mon Jun 30 2014 Justin M. Forbes - Linux v3.15.2 * Fri Jun 27 2014 Hans de Goede - Add patch to fix wifi on lenove yoga 2 series (rhbz#1021036) * Thu Jun 26 2014 Justin M. Forbes - 3.14.9-200 - Linux v3.14.9 * Wed Jun 25 2014 Josh Boyer - Revert commit that breaks Wacom Intuos4 from Benjamin Tissoires - CVE-2014-0206 aio: insufficient head sanitization in aio_read_events_ring (rhbz 1094602 1112975) * Mon Jun 23 2014 Josh Boyer - CVE-2014-4508 BUG in x86_32 syscall auditing (rhbz 1111590 1112073) * Fri Jun 20 2014 Josh Boyer - Bring in intel_pstate regression fixes for BayTrail (rhbz 1111920) * Mon Jun 16 2014 Justin M. Forbes - 3.14.8-200 - Linux v3.14.8 * Mon Jun 16 2014 Josh Boyer - CVE-2014-4014 possible priv escalation in userns (rhbz 1107966 1109836) * Wed Jun 11 2014 Josh Boyer - 3.14.7-200 - Fix elantech right click on Dell vostro 5470 (rhbz 1103528) - Fix fstrim on dm-thin volume data (rhbz 1106856) - Fix NFS NULL pointer deref with ipv6 (rhbz 1099761) - Fix promisc mode on certain e1000e cards (rhbz 1064516) - Fix i915 backlight issue on gen4 (rhbz 1094066) - Linux v3.14.7 * Sat Jun 7 2014 Justin M. Forbes - 3.14.6-200 - Linux v3.14.6 * Fri Jun 6 2014 Josh Boyer - CVE-2014-3153 futex: pi futexes requeue issue (rhbz 1103626 1105609) - CVE-2014-3940 missing check during hugepage migration (rhbz 1104097 1105042) * Tue Jun 3 2014 Josh Boyer - Add fix for team MTU settings from Jiri Pirko (rhbz 1099857) - Backport fix for issues with Quagga introduced by CVE fixes (rhbz 1097684) * Mon Jun 2 2014 Justin M. Forbes - 3.14.5-200 - Linux v3.14.5 * Thu May 29 2014 Josh Boyer - CVE-2014-3917 DoS with syscall auditing (rhbz 1102571 1102715) * Fri May 23 2014 Peter Robinson - Re-add rebased Beagle patch set for 3.14 (RHBZ 1094768) - Drop some no longer needed ARM patches * Tue May 20 2014 Josh Boyer - Backport patch to add new elantech touchpad support (rhbz 1051668) * Wed May 14 2014 Hans de Goede - Add synaptics min/max quirk patch for the ThinkPad W540 (rhbz 1096436) * Tue May 13 2014 Justin M. Forbes - 3.14.4-200 - Linux v3.14.4 * Mon May 12 2014 Josh Boyer - CVE-2014-3144/CVE-2014-3145 filter: prevent nla from peeking beyond eom (rhbz 1096775, 1096784) * Fri May 9 2014 Josh Boyer - CVE-2014-1738 CVE-2014-1737 floppy: priv esclation (rhbz 1094299 1096195) * Thu May 8 2014 Neil Horman - Fix dma unmap error in jme driver (rhbz 1082266) * Tue May 6 2014 Josh Boyer 3.14.3-200 - CVE-2014-0181 insufficient netlink permission checks (rhbz 1094270 1094265) * Tue May 6 2014 Justin M. Forbes - Linux v3.14.3 * Tue May 6 2014 Hans de Goede - Add a patch to fix the Synaptics Touch Pad V 103S found on some keyboard docks for win8 tablets - Add a patch to fix the elantech touchpad on Gigabyte U2442 laptops - Add a patch to fix backlight control on the Samsung NC210/NC110 (rhbz#861573) - Add a patch to fix backlight & wifi on the Asus EEE PC 1015PX (rhbz#1067181) * Tue May 6 2014 Josh Boyer - CVE-2014-0196 pty race leading to memory corruption (rhbz 1094232 1094240) - Add patch to fix smdb soft-lockup (rhbz 1082586) * Mon May 5 2014 Hans de Goede - Add use_native_brightness quirk for the ThinkPad T530 (rhbz 1089545) * Sat May 3 2014 Josh Boyer - Fix TUN performance regression (rhbz 1093931) - Add patch to fix HID rmi driver from Benjamin Tissoires (rhbz 1090161) * Thu May 1 2014 Josh Boyer - Add backported drm qxl fix (rhbz 1060327) * Thu May 1 2014 Hans de Goede - Sync min/max quirk patch with upstream to add a quirk for the ThinkPad L540 (rhbz 1088588) * Thu May 1 2014 Hans de Goede - Add use_native_backlight quirk for 4 laptops (rhbz 983342 1093120) * Wed Apr 30 2014 Josh Boyer - CVE-2014-3122: mm: fix locking DoS issue (rhbz 1093084 1093076) * Mon Apr 28 2014 Justin M. Forbes 3.14.2-200 - Linux v3.14.2 (rhbz 1067071 1091722 906568) * Fri Apr 25 2014 Josh Boyer - Add patch from Will Woods to fix fanotify EOVERFLOW issue (rhbz 696821) - Fix ACPI issue preventing boot on AMI firmware (rhbz 1090746) * Fri Apr 25 2014 Hans de Goede - Add synaptics min-max quirk for ThinkPad Edge E431 (rhbz#1089689) * Wed Apr 23 2014 Josh Boyer - Fix SELinux wine issue again (rhbz 1013466) * Tue Apr 22 2014 Josh Boyer - Add patch to fix Synaptics touchscreens and HID rmi driver (rhbz 1089583) * Mon Apr 21 2014 Josh Boyer - 3.14.1-200 - Fix Brainboxes Express Cards (rhbz 1071914) - Fix build issues with CONFIG_DEBUG_VM set (rhbz 1074710) - Fix perf build failures * Mon Apr 21 2014 Justin M. Forbes - Linux v3.14.1 * Thu Apr 17 2014 Hans de Goede - Update min/max quirk patch to add a quirk for the ThinkPad L540 (rhbz1088588) * Mon Apr 14 2014 Justin M. Forbes - 3.13.10-200 - Linux v3.13.10 * Mon Apr 14 2014 Hans de Goede - Add min/max quirks for various new Thinkpad touchpads (rhbz 1085582 1085697) * Mon Apr 14 2014 Josh Boyer - CVE-2014-2851 net ipv4 ping refcount issue in ping_init_sock (rhbz 1086730 1087420) * Thu Apr 10 2014 Josh Boyer - Backported HID RMI driver for Haswell Dell XPS machines from Benjamin Tissoires (rhbz 1048314) * Wed Apr 9 2014 Josh Boyer - CVE-2014-0155 KVM: BUG caused by invalid guest ioapic redirect table (rhbz 1081589 1085016) - Add patch to fix SELinux lables on /proc files (rhbz 1084829) - Add patch to fix S3 in KVM guests (rhbz 1074235) * Thu Apr 3 2014 Justin M. Forbes - 3.13.9-200 - Linux v3.13.9 * Tue Apr 1 2014 Josh Boyer - CVE-2014-2678 net: rds: deref of NULL dev in rds_iw_laddr_check (rhbz 1083274 1083280) * Mon Mar 31 2014 Justin M. Forbes - 3.13.8-200 - Linux v3.13.8 * Mon Mar 31 2014 Hans de Goede - Fix clicks getting lost with cypress_ps2 touchpads with recent xorg-x11-drv-synaptics versions (bfdo#76341) * Fri Mar 28 2014 Josh Boyer - CVE-2014-2580 xen: netback crash trying to disable due to malformed packet (rhbz 1080084 1080086) - CVE-2014-0077 vhost-net: insufficent big packet handling in handle_rx (rhbz 1064440 1081504) - CVE-2014-0055 vhost-net: insufficent error handling in get_rx_bufs (rhbz 1062577 1081503) - CVE-2014-2568 net: potential info leak when ubuf backed skbs are zero copied (rhbz 1079012 1079013) * Mon Mar 24 2014 Justin M. Forbes - 3.13.7-200 - Linux v3.13.7 * Thu Mar 20 2014 Josh Boyer - CVE-2014-0131: skbuff: use-after-free during segmentation with zerocopy (rhbz 1074589 1079006) - Fix readahead semantics on pipes and sockets (rhbz 1078894) * Mon Mar 17 2014 Josh Boyer - CVE-2014-2523 netfilter: nf_conntrack_dccp: incorrect skb_header_pointer API usages (rhbz 1077343 1077350) * Wed Mar 12 2014 Josh Boyer - Fix locking issue in iwldvm (rhbz 1046495) * Tue Mar 11 2014 Josh Boyer - CVE-2014-2309 ipv6: crash due to router advertisment flooding (rhbz 1074471 1075064) * Fri Mar 7 2014 Justin M. Forbes - 3.13.6-200 - Linux v3.13.6 * Fri Mar 7 2014 Josh Boyer - Add patch to fix iwldvm WARN (rhbz 1065663) - Revert two xhci fixes that break USB mass storage (rhbz 1073180) * Thu Mar 6 2014 Josh Boyer - Fix stale EC events on Samsung systems (rhbz 1003602) - Fix depmod error message from hci_vhci module (rhbz 1051748) - Fix bogus WARN in iwlwifi (rhbz 1071998) * Tue Mar 4 2014 Josh Boyer - Fix MAC-before-DAC check for mmap_zero (rhbz 1013466) - Fix hidp crash with apple bluetooth trackpads (rhbz 1027465) * Mon Mar 3 2014 Josh Boyer - 3.13.5-202 - CVE-2014-0100 net: inet frag race condition use-after-free (rhbz 1072026 1070618) - CVE-2014-0101 sctp: null ptr deref when processing auth cookie_echo chunk (rhbz 1070209 1070705) - Fix overly verbose audit logs (rhbz 1066064) * Mon Mar 3 2014 Josh Boyer - 3.13.5-201 - CVE-2014-0049 kvm: mmio_fragments out-of-bounds access (rhbz 1062368 1071837) - Fix atomic sched BUG in tty low_latency (rhbz 1065087) * Fri Feb 28 2014 Josh Boyer - CVE-2014-0102 keyctl_link can be used to cause an oops (rhbz 1071396) * Fri Feb 28 2014 Josh Boyer - Drop alx phy reset patch that is already in 3.13 * Tue Feb 25 2014 Josh Boyer - Fix mounting issues on cifs (rhbz 1068862) * Mon Feb 24 2014 Josh Boyer - 3.13.5-200 - CVE-2014-2039 s390: crash due to linkage stack instructions (rhbz 1067558 1068758) - Fix lockdep issue in EHCI when using threaded IRQs (rhbz 1056170) * Mon Feb 24 2014 Justin M. Forbes - Linux v3.13.5 * Fri Feb 21 2014 Josh Boyer - Fix WARN from e100 from Michele Baldessari (rhbz 994438) * Thu Feb 20 2014 Peter Robinson - 3.13.4-200 - Rebase i.MX6 Utilite to upstream version * Thu Feb 20 2014 Justin M. Forbes - Linux v3.13.4 * Tue Feb 18 2014 Josh Boyer - Fix r8169 ethernet after suspend (rhbz 1054408) - Enable INTEL_MIC drivers (rhbz 1064086) * Fri Feb 14 2014 Josh Boyer - 3.13.3-201 - CVE-2014-0069 cifs: incorrect handling of bogus user pointers (rhbz 1064253 1062584) * Thu Feb 13 2014 Justin M. Forbes - 3.13.3-200 - Linux v3.13.3 * Wed Feb 12 2014 Josh Boyer - Add patch to fix list corruption from pinctrl (rhbz 1051918) - Add IFA_FLAGS for IPv6 temporary addresses back (rhbz 1064430) - Fix cgroup destroy oops (rhbz 1045755) - Fix backtrace in amd_e400_idle (rhbz 1031296) - CVE-2014-1874 SELinux: local denial of service (rhbz 1062356 1062507) * Wed Feb 12 2014 Justin M. Forbes - 3.13.2-200 - Packaging fixes for tmon and trace * Tue Feb 11 2014 Peter Robinson - Update am33xx (BeagleBone) patch for 3.13 - Minor ARM updates * Mon Feb 10 2014 Justin M. Forbes - Linux v3.13.2 - Fixes (rhbz 1062144) * Thu Feb 6 2014 Justin M. Forbes - 3.12.10-300 - Linux v3.12.10 * Wed Feb 5 2014 Justin M. Forbes - fix resume issues on Renesas chips in Samsung laptops (rhbz 950630) * Wed Jan 29 2014 Justin M. Forbes - 3.12.9-301 - ipv6 addrconf: revert /proc/net/if_inet6 ifa_flag format (rhbz 1056711) * Tue Jan 28 2014 Josh Boyer - Add patch from Stanislaw Gruszka to fix ath9k BUG (rhbz 990955) * Mon Jan 27 2014 Justin M. Forbes - 3.12.9-300 - Backport new IPv6 address flag IFA_F_NOPREFIXROUTE and IFA_F_MANAGETEMPADDR (rhbz 1056711) - Linux v3.12.9 - i915: remove pm_qos request on error (rhbz 1057533) * Sun Jan 26 2014 Peter Robinson - Minor ARM config updates - Disable highbank cpuidle driver - Update CPU thermal scaling options for ARM * Wed Jan 15 2014 Justin M. Forbes - CVE-2014-1446 hamradio/yam: information leak in ioctl (rhbz 1053620 1053647) - CVE-2014-1438 x86: exceptions are not cleared in AMD FXSAVE workaround (rhbz 1053599 1052914) * Tue Jan 14 2014 Josh Boyer - Fix k-m-e Provides to be explicit to only the package flavor (rhbz 1046246) * Tue Jan 14 2014 Neil Horman - Backport ipv6 route cache expiration fix (rhbz 1040128) * Sun Jan 12 2014 Peter Robinson - Enable generic cpufreq-cpu0 driver on ARM - Enable thermal userspace support for ARM * Fri Jan 10 2014 Justin M. Forbes - Backport support for ALPS Dolphin devices (rhbz 953211) - Enable BCMA_DRIVER_GPIO by turning on GPIOLIB everywhere (rhbz 1021098) * Mon Jan 6 2014 Josh Boyer - Add support for BCM57786 devices to tg3 (rhbz 1044471) - Fix use after free crash in KVM (rhbz 1047892) - Fix oops in KVM with invalid root_hpa (rhbz 924916) - CVE-2013-4579: ath9k_htc improper MAC update (rhbz 1032753 1033072) * Sat Dec 28 2013 Peter Robinson - Update am33xx (BeagleBone) cpsw patch to upstream version * Mon Dec 23 2013 Justin M. Forbes - Add patches to fix dummy gssd entry (rhbz 1037793) * Wed Dec 18 2013 Josh Boyer - Fix nowatchdog-on-virt.patch to actually work in KVM guests * Tue Dec 17 2013 Josh Boyer - 3.12.5-302 - Add patch to avoid using queued trim on M500 SSD (rhbz 1024002) * Mon Dec 16 2013 Josh Boyer - Fix host lockup in bridge code when starting from virt guest (rhbz 1025770) * Fri Dec 13 2013 Josh Boyer 3.12.5-301 - More keys fixes from upstream to fix keyctl_get_persisent crash (rhbz 1043033) * Fri Dec 13 2013 Justin M. Forbes - CVE-2013-4587 kvm: out-of-bounds access (rhbz 1030986 1042071) - CVE-2013-6376 kvm: BUG_ON in apic_cluster_id (rhbz 1033106 1042099) - CVE-2013-6368 kvm: cross page vapic_addr access (rhbz 1032210 1042090) - CVE-2013-6367 kvm: division by 0 in apic_get_tmcct (rhbz 1032207 1042081) * Wed Dec 11 2013 Josh Boyer - Add patches to support ETPS/2 Elantech touchpads (rhbz 1030802) * Tue Dec 10 2013 Josh Boyer - CVE-2013-XXXX net: memory leak in recvmsg (rhbz 1039845 1039874) * Fri Dec 6 2013 Peter Robinson - Fix up ARM usb gadget config to make it useful

References


[ 1 ] Bug #1204729 - CVE-2015-2672 kernel: unprivileged denial-of-service due to mis-protected xsave/xrstor instructions https://bugzilla.redhat.com/show_bug.cgi?id=1204729 [ 2 ] Bug #1204722 - CVE-2015-2666 kernel: execution in the early microcode loader https://bugzilla.redhat.com/show_bug.cgi?id=1204722 [ 3 ] Bug #1181166 - CVE-2014-8159 kernel: infiniband: uverbs: unprotected physical memory access https://bugzilla.redhat.com/show_bug.cgi?id=1181166 [ 4 ] Bug #1196266 - CVE-2015-2150 xen: non-maskable interrupts triggerable by guests (xsa120) https://bugzilla.redhat.com/show_bug.cgi?id=1196266 [ 5 ] Bug #1195355 - CVE-2015-2042 kernel: rds: information handling flaw in rds sysctl files. https://bugzilla.redhat.com/show_bug.cgi?id=1195355

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update kernel' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
important
Lowest
Low
Medium
High
Critical

Name: kernel
Product: Fedora 20
Version: 3.19.3
Release: 100.fc20
URL: https://www.kernel.org/
Summary: The Linux kernel

Topics%20covered

Topics Covered

security advisory moderate update Fedora DoS kernel improvements

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here