[SECURITY] Fedora 20 Update: kernel-3.14.3-200.fc20

updates at fedoraproject.org updates at fedoraproject.org
Sat May 10 03:21:17 UTC 2014 

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2014-6122
2014-05-08 09:11:18
--------------------------------------------------------------------------------

Name        : kernel
Product     : Fedora 20
Version     : 3.14.3
Release     : 200.fc20
URL         : http://www.kernel.org/
Summary     : The Linux kernel
Description :
The kernel package contains the Linux kernel (vmlinuz), the core of any
Linux operating system.  The kernel handles the basic functions
of the operating system: memory allocation, process allocation, device
input and output, etc.

--------------------------------------------------------------------------------
Update Information:

The 3.14.3 stable update contains a number of important fixes across the tree.
--------------------------------------------------------------------------------
ChangeLog:

* Tue May  6 2014 Josh Boyer <jwboyer at fedoraproject.org> 3.14.3-200
- CVE-2014-0181 insufficient netlink permission checks (rhbz 1094270 1094265)
* Tue May  6 2014 Justin M. Forbes <jforbes at fedoraproject.org> 
- Linux v3.14.3
* Tue May  6 2014 Hans de Goede <hdegoede at redhat.com>
- Add a patch to fix the Synaptics Touch Pad V 103S found on some keyboard
  docks for win8 tablets
- Add a patch to fix the elantech touchpad on Gigabyte U2442 laptops
- Add a patch to fix backlight control on the Samsung NC210/NC110 (rhbz#861573)
- Add a patch to fix backlight & wifi on the Asus EEE PC 1015PX (rhbz#1067181)
* Tue May  6 2014 Josh Boyer <jwboyer at fedoraproject.org>
- CVE-2014-0196 pty race leading to memory corruption (rhbz 1094232 1094240)
- Add patch to fix smdb soft-lockup (rhbz 1082586)
* Mon May  5 2014 Hans de Goede <hdegoede at redhat.com>
- Add use_native_brightness quirk for the ThinkPad T530 (rhbz 1089545)
* Sat May  3 2014 Josh Boyer <jwboyer at fedoraproject.org>
- Fix TUN performance regression (rhbz 1093931)
- Add patch to fix HID rmi driver from Benjamin Tissoires (rhbz 1090161)
* Thu May  1 2014 Josh Boyer <jwboyer at fedoraproject.org>
- Add backported drm qxl fix (rhbz 1060327)
* Thu May  1 2014 Hans de Goede <hdegoede at redhat.com>
- Sync min/max quirk patch with upstream to add a quirk for the ThinkPad L540
  (rhbz 1088588)
* Thu May  1 2014 Hans de Goede <hdegoede at redhat.com>
- Add use_native_backlight quirk for 4 laptops (rhbz 983342 1093120)
* Wed Apr 30 2014 Josh Boyer <jwboyer at fedoraproject.org>
- CVE-2014-3122: mm: fix locking DoS issue (rhbz 1093084 1093076)
* Mon Apr 28 2014 Justin M. Forbes <jforbes at fedoraproject.org> 3.14.2-200
- Linux v3.14.2 (rhbz 1067071 1091722 906568)
* Fri Apr 25 2014 Josh Boyer <jwboyer at fedoraproject.org>
- Add patch from Will Woods to fix fanotify EOVERFLOW issue (rhbz 696821)
- Fix ACPI issue preventing boot on AMI firmware (rhbz 1090746)
* Fri Apr 25 2014 Hans de Goede <hdegoede at redhat.com>
- Add synaptics min-max quirk for ThinkPad Edge E431 (rhbz#1089689)
* Wed Apr 23 2014 Josh Boyer <jwboyer at fedoraproject.org>
- Fix SELinux wine issue again (rhbz 1013466)
* Tue Apr 22 2014 Josh Boyer <jwboyer at fedoraproject.org>
- Add patch to fix Synaptics touchscreens and HID rmi driver (rhbz 1089583)
* Mon Apr 21 2014 Josh Boyer <jwboyer at fedoraproject.org> - 3.14.1-200
- Fix Brainboxes Express Cards (rhbz 1071914)
- Fix build issues with CONFIG_DEBUG_VM set (rhbz 1074710)
- Fix perf build failures
* Mon Apr 21 2014 Justin M. Forbes <jforbes at fedoraproject.org>
- Linux v3.14.1
* Thu Apr 17 2014 Hans de Goede <hdegoede at redhat.com>
- Update min/max quirk patch to add a quirk for the ThinkPad L540 (rhbz1088588)
* Mon Apr 14 2014 Justin M. Forbes <jforbes at fedoraproject.org> - 3.13.10-200
- Linux v3.13.10
* Mon Apr 14 2014 Hans de Goede <hdegoede at redhat.com>
- Add min/max quirks for various new Thinkpad touchpads (rhbz 1085582 1085697)
* Mon Apr 14 2014 Josh Boyer <jwboyer at fedoraproject.org>
- CVE-2014-2851 net ipv4 ping refcount issue in ping_init_sock (rhbz 1086730 1087420)
* Thu Apr 10 2014 Josh Boyer <jwboyer at fedoraproject.org>
- Backported HID RMI driver for Haswell Dell XPS machines from Benjamin Tissoires (rhbz 1048314)
* Wed Apr  9 2014 Josh Boyer <jwboyer at fedoraproject.org>
- CVE-2014-0155 KVM: BUG caused by invalid guest ioapic redirect table (rhbz 1081589 1085016)
- Add patch to fix SELinux lables on /proc files (rhbz 1084829)
- Add patch to fix S3 in KVM guests (rhbz 1074235)
* Thu Apr  3 2014 Justin M. Forbes <jforbes at fedoraproject.org> - 3.13.9-200
- Linux v3.13.9
* Tue Apr  1 2014 Josh Boyer <jwboyer at fedoraproject.org>
- CVE-2014-2678 net: rds: deref of NULL dev in rds_iw_laddr_check (rhbz 1083274 1083280)
* Mon Mar 31 2014 Justin M. Forbes <jforbes at fedoraproject.org> - 3.13.8-200
- Linux v3.13.8
* Mon Mar 31 2014 Hans de Goede <hdegoede at redhat.com>
- Fix clicks getting lost with cypress_ps2 touchpads with recent
  xorg-x11-drv-synaptics versions (bfdo#76341)
* Fri Mar 28 2014 Josh Boyer <jwboyer at fedoraproject.org>
- CVE-2014-2580 xen: netback crash trying to disable due to malformed packet (rhbz 1080084 1080086)
- CVE-2014-0077 vhost-net: insufficent big packet handling in handle_rx (rhbz 1064440 1081504)
- CVE-2014-0055 vhost-net: insufficent error handling in get_rx_bufs (rhbz 1062577 1081503)
- CVE-2014-2568 net: potential info leak when ubuf backed skbs are zero copied (rhbz 1079012 1079013)
* Mon Mar 24 2014 Justin M. Forbes <jforbes at fedoraproject.org> - 3.13.7-200
- Linux v3.13.7
* Thu Mar 20 2014 Josh Boyer <jwboyer at fedoraproject.org>
- CVE-2014-0131: skbuff: use-after-free during segmentation with zerocopy (rhbz 1074589 1079006)
- Fix readahead semantics on pipes and sockets (rhbz 1078894)
* Mon Mar 17 2014 Josh Boyer <jwboyer at fedoraproject.org>
- CVE-2014-2523 netfilter: nf_conntrack_dccp: incorrect skb_header_pointer API usages (rhbz 1077343 1077350)
* Wed Mar 12 2014 Josh Boyer <jwboyer at fedoraproject.org>
- Fix locking issue in iwldvm (rhbz 1046495)
* Tue Mar 11 2014 Josh Boyer <jwboyer at fedoraproject.org>
- CVE-2014-2309 ipv6: crash due to router advertisment flooding (rhbz 1074471 1075064)
* Fri Mar  7 2014 Justin M. Forbes <jforbes at fedoraproject.org> - 3.13.6-200
- Linux v3.13.6
* Fri Mar  7 2014 Josh Boyer <jwboyer at fedoraproject.org>
- Add patch to fix iwldvm WARN (rhbz 1065663)
- Revert two xhci fixes that break USB mass storage (rhbz 1073180)
* Thu Mar  6 2014 Josh Boyer <jwboyer at fedoraproject.org>
- Fix stale EC events on Samsung systems (rhbz 1003602)
- Fix depmod error message from hci_vhci module (rhbz 1051748)
- Fix bogus WARN in iwlwifi (rhbz 1071998)
* Tue Mar  4 2014 Josh Boyer <jwboyer at fedoraproject.org>
- Fix MAC-before-DAC check for mmap_zero (rhbz 1013466)
- Fix hidp crash with apple bluetooth trackpads (rhbz 1027465)
* Mon Mar  3 2014 Josh Boyer <jwboyer at fedoraproject.org> - 3.13.5-202
- CVE-2014-0100 net: inet frag race condition use-after-free (rhbz 1072026 1070618)
- CVE-2014-0101 sctp: null ptr deref when processing auth cookie_echo chunk (rhbz 1070209 1070705)
- Fix overly verbose audit logs (rhbz 1066064)
* Mon Mar  3 2014 Josh Boyer <jwboyer at fedoraproject.org> - 3.13.5-201
- CVE-2014-0049 kvm: mmio_fragments out-of-bounds access (rhbz 1062368 1071837)
- Fix atomic sched BUG in tty low_latency (rhbz 1065087)
* Fri Feb 28 2014 Josh Boyer <jwboyer at fedoraproject.org>
- CVE-2014-0102 keyctl_link can be used to cause an oops (rhbz 1071396)
* Fri Feb 28 2014 Josh Boyer <jwboyer at fedoraproject.org>
- Drop alx phy reset patch that is already in 3.13
* Tue Feb 25 2014 Josh Boyer <jwboyer at fedoraproject.org>
- Fix mounting issues on cifs (rhbz 1068862)
* Mon Feb 24 2014 Josh Boyer <jwboyer at fedoraproject.org> - 3.13.5-200
- CVE-2014-2039 s390: crash due to linkage stack instructions (rhbz 1067558 1068758)
- Fix lockdep issue in EHCI when using threaded IRQs (rhbz 1056170)
* Mon Feb 24 2014 Justin M. Forbes <jforbes at fedoraproject.org>
- Linux v3.13.5
* Fri Feb 21 2014 Josh Boyer <jwboyer at fedoraproject.org>
- Fix WARN from e100 from Michele Baldessari (rhbz 994438)
* Thu Feb 20 2014 Peter Robinson <pbrobinson at fedoraproject.org> - 3.13.4-200
- Rebase i.MX6 Utilite to upstream version
* Thu Feb 20 2014 Justin M. Forbes <jforbes at fedoraproject.org>
- Linux v3.13.4
* Tue Feb 18 2014 Josh Boyer <jwboyer at fedoraproject.org>
- Fix r8169 ethernet after suspend (rhbz 1054408)
- Enable INTEL_MIC drivers (rhbz 1064086)
* Fri Feb 14 2014 Josh Boyer <jwboyer at fedoraproject.org> - 3.13.3-201
- CVE-2014-0069 cifs: incorrect handling of bogus user pointers (rhbz 1064253 1062584)
* Thu Feb 13 2014 Justin M. Forbes <jforbes at fedoraproject.org> - 3.13.3-200
- Linux v3.13.3
* Wed Feb 12 2014 Josh Boyer <jwboyer at fedoraproject.org>
- Add patch to fix list corruption from pinctrl (rhbz 1051918)
- Add IFA_FLAGS for IPv6 temporary addresses back (rhbz 1064430)
- Fix cgroup destroy oops (rhbz 1045755)
- Fix backtrace in amd_e400_idle (rhbz 1031296)
- CVE-2014-1874 SELinux: local denial of service (rhbz 1062356 1062507)
* Wed Feb 12 2014 Justin M. Forbes <jforbes at fedoraproject.org> - 3.13.2-200
- Packaging fixes for tmon and trace
* Tue Feb 11 2014 Peter Robinson <pbrobinson at fedoraproject.org>
- Update am33xx (BeagleBone) patch for 3.13
- Minor ARM updates
* Mon Feb 10 2014 Justin M. Forbes <jforbes at fedoraproject.org>
- Linux v3.13.2
- Fixes (rhbz 1062144)
* Thu Feb  6 2014 Justin M. Forbes <jforbes at fedoraproject.org> - 3.12.10-300
- Linux v3.12.10
* Wed Feb  5 2014 Justin M. Forbes <jforbes at fedoraproject.org>
- fix resume issues on Renesas chips in Samsung laptops (rhbz 950630)
* Wed Jan 29 2014 Justin M. Forbes <jforbes at fedoraproject.org> - 3.12.9-301
- ipv6 addrconf: revert /proc/net/if_inet6 ifa_flag format (rhbz 1056711)
* Tue Jan 28 2014 Josh Boyer <jwboyer at fedoraproject.org>
- Add patch from Stanislaw Gruszka to fix ath9k BUG (rhbz 990955)
* Mon Jan 27 2014 Justin M. Forbes <jforbes at fedoraproject.org> - 3.12.9-300
- Backport new IPv6 address flag IFA_F_NOPREFIXROUTE and IFA_F_MANAGETEMPADDR (rhbz 1056711)
- Linux v3.12.9
- i915: remove pm_qos request on error (rhbz 1057533)
* Sun Jan 26 2014 Peter Robinson <pbrobinson at fedoraproject.org>
- Minor ARM config updates
- Disable highbank cpuidle driver
- Update CPU thermal scaling options for ARM
* Wed Jan 15 2014 Justin M. Forbes <jforbes at fedoraproject.org - 3.12.8-300
- Linux v3.12.8
* Wed Jan 15 2014 Josh Boyer <jwboyer at fedoraproject.org>
- CVE-2014-1446 hamradio/yam: information leak in ioctl (rhbz 1053620 1053647)
- CVE-2014-1438 x86: exceptions are not cleared in AMD FXSAVE workaround (rhbz 1053599 1052914)
* Tue Jan 14 2014 Josh Boyer <jwboyer at fedoraproject.org>
- Fix k-m-e Provides to be explicit to only the package flavor (rhbz 1046246)
* Tue Jan 14 2014 Neil Horman <nhorman at redhat.com>
- Backport ipv6 route cache expiration fix (rhbz 1040128)
* Sun Jan 12 2014 Peter Robinson <pbrobinson at fedoraproject.org>
- Enable generic cpufreq-cpu0 driver on ARM
- Enable thermal userspace support for ARM
* Fri Jan 10 2014 Justin M. Forbes <jforbes at fedoraproject.org - 3.12.7-300
- Linux v3.12.7
* Wed Jan  8 2014 Josh Boyer <jwboyer at fedoraproject.org>
- Backport support for ALPS Dolphin devices (rhbz 953211)
- Enable BCMA_DRIVER_GPIO by turning on GPIOLIB everywhere (rhbz 1021098)
* Mon Jan  6 2014 Josh Boyer <jwboyer at fedoraproject.org>
- Add support for BCM57786 devices to tg3 (rhbz 1044471)
- Fix use after free crash in KVM (rhbz 1047892)
- Fix oops in KVM with invalid root_hpa (rhbz 924916)
- CVE-2013-4579: ath9k_htc improper MAC update (rhbz 1032753 1033072)
* Sat Dec 28 2013 Peter Robinson <pbrobinson at fedoraproject.org>
- Update am33xx (BeagleBone) cpsw patch to upstream version
* Mon Dec 23 2013 Justin M. Forbes <jforbes at fedoraproject.org - 3.12.6-300
- Linux v3.12.6
* Fri Dec 20 2013 Josh Boyer <jwboyer at fedoraproject.org>
- Add patches to fix dummy gssd entry (rhbz 1037793)
* Wed Dec 18 2013 Josh Boyer <jwboyer at fedoraproject.org>
- Fix nowatchdog-on-virt.patch to actually work in KVM guests
* Tue Dec 17 2013 Josh Boyer <jwboyer at fedoraproject.org> - 3.12.5-302
- Add patch to avoid using queued trim on M500 SSD (rhbz 1024002)
* Mon Dec 16 2013 Josh Boyer <jwboyer at fedoraproject.org>
- Fix host lockup in bridge code when starting from virt guest (rhbz 1025770)
* Fri Dec 13 2013 Josh Boyer <jwboyer at fedoraproject.org> 3.12.5-301
- More keys fixes from upstream to fix keyctl_get_persisent crash (rhbz 1043033)
* Fri Dec 13 2013 Justin M. Forbes <jforbes at fedoraproject.org - 3.12.5-300
- Linux v3.12.5 rebase
* Thu Dec 12 2013 Josh Boyer <jwboyer at fedoraproject.org>
- CVE-2013-4587 kvm: out-of-bounds access (rhbz 1030986 1042071)
- CVE-2013-6376 kvm: BUG_ON in apic_cluster_id (rhbz 1033106 1042099)
- CVE-2013-6368 kvm: cross page vapic_addr access (rhbz 1032210 1042090)
- CVE-2013-6367 kvm: division by 0 in apic_get_tmcct (rhbz 1032207 1042081)
* Wed Dec 11 2013 Josh Boyer <jwboyer at fedoraproject.org>
- Add patches to support ETPS/2 Elantech touchpads (rhbz 1030802)
* Tue Dec 10 2013 Josh Boyer <jwboyer at fedoraproject.org>
- CVE-2013-XXXX net: memory leak in recvmsg (rhbz 1039845 1039874)
* Fri Dec  6 2013 Peter Robinson <pbrobinson at fedoraproject.org>
- Fix up ARM usb gadget config to make it useful
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1094265 - CVE-2014-0181 kernel: net: insufficient permision checks of netlink messages
        https://bugzilla.redhat.com/show_bug.cgi?id=1094265
  [ 2 ] Bug #1094232 - CVE-2014-0196 kernel: pty layer race condition leading to memory corruption
        https://bugzilla.redhat.com/show_bug.cgi?id=1094232
  [ 3 ] Bug #1093076 - CVE-2014-3122 Kernel: mm: try_to_unmap_cluster() should lock_page() before mlocking
        https://bugzilla.redhat.com/show_bug.cgi?id=1093076
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use
su -c 'yum update kernel' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

More information about the package-announce mailing list