[SECURITY] Fedora 22 Update: kernel-4.3.4-200.fc22
updates at fedoraproject.org
updates at fedoraproject.org
Mon Feb 1 06:34:15 UTC 2016
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2016-5d43766e33
2016-02-01 02:27:04.521036
--------------------------------------------------------------------------------
Name : kernel
Product : Fedora 22
Version : 4.3.4
Release : 200.fc22
URL : http://www.kernel.org/
Summary : The Linux kernel
Description :
The kernel meta package
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream stable release, Linux v4.3.4. Elan touchpad fixes.
---- Update to 4.3.y stable series. Fixes across the tree.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1297813 - CVE-2013-4312 kernel: File descriptors passed over unix sockets are not properly accounted
https://bugzilla.redhat.com/show_bug.cgi?id=1297813
[ 2 ] Bug #1296253 - CVE-2016-0723 kernel: Kernel memory disclosure and crash in tty layer
https://bugzilla.redhat.com/show_bug.cgi?id=1296253
[ 3 ] Bug #1300731 - CVE-2015-8787 kernel: Missing NULL pointer check in nf_nat_redirect_ipv4
https://bugzilla.redhat.com/show_bug.cgi?id=1300731
[ 4 ] Bug #1292045 - CVE-2015-8569 kernel: Information leak from getsockname
https://bugzilla.redhat.com/show_bug.cgi?id=1292045
[ 5 ] Bug #1292840 - CVE-2015-8575 kernel: information leak in sco_sock_bind()
https://bugzilla.redhat.com/show_bug.cgi?id=1292840
[ 6 ] Bug #1295287 - CVE-2015-8709 Kernel: ptrace: potential privilege escalation in user namespaces
https://bugzilla.redhat.com/show_bug.cgi?id=1295287
[ 7 ] Bug #1284847 - CVE-2015-7513 Kernel: kvm: divide by zero issue leads to DoS
https://bugzilla.redhat.com/show_bug.cgi?id=1284847
[ 8 ] Bug #1296466 - CVE-2015-7566 kernel: Crash on invalid USB device descriptors in visor driver
https://bugzilla.redhat.com/show_bug.cgi?id=1296466
[ 9 ] Bug #1297389 - CVE-2015-8767 kernel: SCTP denial of service during timeout
https://bugzilla.redhat.com/show_bug.cgi?id=1297389
[ 10 ] Bug #1297475 - CVE-2016-0728 kernel: Possible use-after-free vulnerability in keyring facility
https://bugzilla.redhat.com/show_bug.cgi?id=1297475
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update kernel' at the command line.
For more information, refer to "Managing Software with yum",
available at https://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the package-announce
mailing list