Fedora 21: 2015-05-10 Moderate: Kernel DoS And Escalation Issues

* Thu May 7 2015 Laura Abbott - 3.19.7-200 - Linux v3.19.7 * Tue May 5 2015 Josh Boyer - Backport patch to blacklist TRIM on all Samsung 8xx series SSDs (rhbz 1218662) - CVE-2015-3636 ping-sockets use-after-free privilege escalation (rhbz 1218074 1218110) * Thu Apr 30 2015 Laura Abbott - 3.19.6-200 - Linux v3.19.6 * Thu Apr 30 2015 Josh Boyer - Fix backlight on various Toshiba machines (rhbz 1206036 1215989) * Tue Apr 28 2015 Laura Abbott - Fix more missing v4l2 caps * Fri Apr 24 2015 Josh Boyer - CVE-2015-3339 race condition between chown and execve (rhbz 1214030) - Fix iscsi with QNAP devices (rhbz 1208999) * Thu Apr 23 2015 Laura Abbott - Fix noisy iwlwifi warning (rhbz 1205083) * Mon Apr 20 2015 Justin M. Forbes - 3.19.5-200 - Linux v3.19.5 * Fri Apr 17 2015 Josh Boyer - Allow disabling raw mode in logitech-hidpp (rhbz 1210801) * Wed Apr 15 2015 Josh Boyer - Add patch to fix tty closure race (rhbz 1208953) * Mon Apr 13 2015 Justin M. Forbes - 3.19.4-200 - Linux v3.19.4 * Thu Apr 2 2015 Josh Boyer - DoS against IPv6 stacks due to improper handling of RA (rhbz 1203712 1208491) * Wed Apr 1 2015 Josh Boyer - Backport patch to fix tg3 deadlock (rhbz 1207789) - Fix gssproxy (rhbz 1203913) - CVE-2015-2150 xen: NMIs triggerable by guests (rhbz 1196266 1200397) * Thu Mar 26 2015 Justin M. Forbes - 3.19.3-200 - Linux v3.19.3 * Thu Mar 26 2015 Peter Robinson - Disable the broken CONFIG_MSM_IOMMU * Tue Mar 24 2015 Josh Boyer - Fix tun bug causing Juniper VPN failure (rhbz 1204512) * Mon Mar 23 2015 Josh Boyer - 3.19.2-201 - Enable CONFIG_SND_BEBOB (rhbz 1204342) - Validate iovec range in sys_sendto/sys_recvfrom - CVE-2015-2666 execution in the early microcode loader (rhbz 1204724 1204722) * Mon Mar 23 2015 Peter Robinson - Refix Panda on ARMv7 crash on boot * Fri Mar 20 2015 Josh Boyer - Fix brightness on Lenovo Ideapad Z570 (rhbz 1187004) * Thu Mar 19 2015 Justin M. Forbes - 3.19.2-200 - Linux v3.19.2 * Wed Mar 18 2015 Peter Robinson - Add upstream aarch64 patch to fix hang due to cache invalidation bug - Fix aarch64 DTBs now they're in vendor sub dirs* Tue Mar 17 2015 Justin M. Forbes - 3.19.1-201 - Re-add patch to quiet i915 state machine * Mon Mar 16 2015 Justin M. Forbes - 3.19.1-200 - Linux v3.19.1 * Fri Mar 13 2015 Kyle McMartin - arm64-revert-tlb-rcu_table_free.patch: revert 5e5f6dc1 which causes lockups on arm64 machines. - Add kernel-4* to .gitignore. - arm64-fix-ooo-descriptor-read.patch: fix an xgene-enet crash. * Fri Mar 13 2015 Josh Boyer - Add patch to support clickpads (rhbz 1201532) * Thu Mar 12 2015 Josh Boyer - CVE-2014-8159 infiniband: uverbs: unprotected physical memory access (rhbz 1181166 1200950) * Wed Mar 11 2015 Josh Boyer - Fix blank screen after resume with various radeon devices (rhbz 1069027) - CVE-2015-2150 xen: NMIs triggerable by guests (rhbz 1196266 1200397) - Patch series to fix Lenovo *40 and Carbon X1 touchpads (rhbz 1200777 1200778) * Tue Mar 10 2015 Josh Boyer - CVE-2015-2042 rds: information handling flaw in sysctl (rhbz 1195355 1199365) * Mon Mar 9 2015 Justin M. Forbes - 3.18.9-200 - Linux v3.18.9 * Mon Mar 2 2015 Josh Boyer - Add patch to fix nfsd soft lockup (rhbz 1185519) - Enable ET131X driver (rhbz 1197842) * Sat Feb 28 2015 Peter Robinson - Fix Panda on ARMv7 crash on boot * Fri Feb 27 2015 Kyle McMartin - 3.18.8-201 - Fix up aarch64 build... mis-merge in kernel-arm64.patch. * Fri Feb 27 2015 Josh Boyer - 3.18.8-200 - Linux v3.18.8 * Thu Feb 26 2015 Josh Boyer - CVE-2015-1421 sctp: slab corruption from use after free on INIT collisions (rhbz 1196581 1196595) * Wed Feb 25 2015 Josh Boyer - Add support for AR5B195 devices from Alexander Ploumistos (rhbz 1190947) * Tue Feb 24 2015 Josh Boyer - Fix ext4 remount with journal_checksum option (rhbz 1190933) * Mon Feb 23 2015 Josh Boyer - Add patch for HID i2c from Seth Forshee (rhbz 1188439) - CVE-2015-0275 ext4: fallocate zero range page size > block size BUG (rhbz 1193907 1195178) * Fri Feb 20 2015 Josh Boyer - Move mtpspi and related mods to kernel-core for VMWare guests (rhbz 1194612) * Mon Feb 16 2015 Josh Boyer - CVE-XXXX-XXXX potential memory corruption in vhost/scsi driver (rhbz 1189864 1192079) - CVE-2015-1593 stack ASLR integer overflow (rhbz 1192519 1192520) * Wed Feb 11 2015 Justin M. Forbes - 3.18.7-200 - Linux v3.18.7 - Add disable_native_backlight quirk for Samsung 510R (rhbz 1186097) * Fri Feb 6 2015 Justin M. Forbes - 3.18.6-200 - Linux v3.18.6 * Mon Feb 2 2015 Justin M. Forbes - 3.18.5-201 - Fixup adjtimex freq validation on 32bit systems (rhbz 1188074) * Mon Feb 2 2015 Josh Boyer - CVE-XXXX-XXX DoS due to routing packets to too many different dsts/too fast (rhbz 1183744 1188347) * Fri Jan 30 2015 Justin M. Forbes - 3.18.5-200 - Linux v3.18.5 * Thu Jan 29 2015 Josh Boyer - Backport patch from Rob Clark to toggle i915 state machine checks - Disable i915 state checks * Tue Jan 27 2015 Justin M. Forbes - 3.18.4-200 - Linux v3.18.4 * Tue Jan 27 2015 Josh Boyer - CVE-2015-0239 kvm: insufficient sysenter emulation from 16-bit (rhbz 1186448 1186453) * Mon Jan 19 2015 Justin M. Forbes - 3.18.3-201 - Add fixes from 3.18.4 queue to fix i915 issues (rhbz 1183232) - xhci: Check if slot is already in default state before moving it there (rhbz 1183289) * Fri Jan 16 2015 Justin M. Forbes - 3.18.3-200 - Linux v3.18.3 * Thu Jan 15 2015 Justin M. Forbes - Build fixes for big-endian arches * Tue Jan 13 2015 Justin M. Forbes - 3.18.2-200 - Linux v3.18.2 * Mon Jan 12 2015 Josh Boyer - CVE-2014-9585 ASLR brute-force possible for vdso (rhbz 1181054 1181056) - Backlight fixes for Samsung and Dell machines (rhbz 1094948 1115713 1163574) - Add various UAS quirks (rhbz 1124119) - Add patch to fix loop in VDSO (rhbz 1178975) * Thu Jan 8 2015 Justin M. Forbes - 3.17.8-300 - Linux v3.17.8 * Wed Jan 7 2015 Josh Boyer - CVE-2014-9529 memory corruption or panic during key gc (rhbz 1179813 1179853) - Enable POWERCAP and INTEL_RAPL * Tue Jan 6 2015 Josh Boyer - CVE-2014-9419 partial ASLR bypass through TLS base addr leak (rhbz 1177260 1177263) - CVE-2014-9428 remote DoS via batman-adv (rhbz 1178826 1178833) - Fix CIFS login issue (rhbz 1163927) * Mon Dec 29 2014 Josh Boyer - Enable F2FS (rhbz 972446) * Thu Dec 18 2014 Josh Boyer - CVE-2014-8989 userns can bypass group restrictions (rhbz 1170684 1170688) - Fix dm-cache crash (rhbz 1168434) - Fix blk-mq crash on CPU hotplug (rhbz 1175261) * Wed Dec 17 2014 Josh Boyer - Enable USBIP in modules-extra from Johnathan Dieter (rhbz 1169478) - CVE-2014-XXXX isofs: infinite loop in CE record entries (rhbz 1175235 1175250) * Tue Dec 16 2014 Josh Boyer - Linux v3.17.7 - CVE-2014-8559 deadlock due to incorrect usage of rename_lock (rhbz 1159313 1173814) - Add patch from Josh Stone to restore var-tracking via Kconfig (rhbz 1126580) * Mon Dec 15 2014 Josh Boyer - Fix ppc64 boot with smt-enabled=off (rhbz 1173806) - CVE-2014-8133 x86: espfix(64) bypass via set_thread_area and CLONE_SETTLS (rhbz 1172797 1174374) * Fri Dec 12 2014 Kyle McMartin - build in ahci_platform on aarch64 temporarily. * Fri Dec 12 2014 Josh Boyer - Remove pointless warning in cfg80211 (rhbz 1172543) * Wed Dec 10 2014 Josh Boyer - Fix MSI issues on another Samsung pci-e SSD (rhbz 1084928) - Fix UAS crashes with Seagate and Fresco Logic drives (rhbz 1164945) - CVE-2014-8134 fix espfix for 32-bit KVM paravirt guests (rhbz 1172765 1172769) * Mon Dec 8 2014 Justin M. Forbes - 3.17.6-300 - Linux v3.17.6 * Fri Dec 5 2014 Kyle McMartin - 3.17.4-303 - arm64-fix-xgene_enet_process_ring.patch: fix a panic under load. * Thu Dec 4 2014 Josh Boyer - 3.17.4-302 - CVE-2014-9090 local DoS via do_double_fault due to improper SS faults (rhbz 1170691) * Thu Dec 4 2014 Kyle McMartin - kernel-arm64.patch: update. - arm64-force-serial-to-be-active-consdev.patch: force serial consoles to be the primary console device instead of defaulting to tty0. No changes to drivers outside of ARM-land. - arm64-vgic-error-to-info.patch: change an error to a warning so that kvm will work. * Mon Dec 1 2014 Josh Boyer - Add patch to quiet i915 driver on long hdps - Add patch to fix oops when using xpad (rhbz 1094048)