| Description: | The kernel packages contain the Linux kernel, the core of any Linuxoperating system.It was found that the Linux kernel's implementation of vectored pipe readand write functionality did not take into account the I/O vectors that werealready processed when retrying after a failed atomic access operation,potentially resulting in memory corruption due to an I/O vector arrayoverrun. A local, unprivileged user could use this flaw to crash the systemor, potentially, escalate their privileges on the system. (CVE-2015-1805,Important)The security impact of this issue was discovered by Red Hat.This update also fixes the following bugs:The backlog data could previously not be consumed when theaudit_log_start() function was running even if audit_log_start() called thewait_for_auditd() function to consume it. As only auditd could consume thebacklog data, audit_log_start() terminated unexpectedly. Consequently, thesystem became unresponsive until the backlog timeout was up. With thisupdate, audit_log_start() no longer terminates and the system shuts downand reboots gracefully in a timely manner. (BZ#1140489)Direct I/O writes extending a parallel file could previously race toupdate the size of the file. If the writes executed in the out-of-ordermanner, the file size could move backwards and push a previously completedwrite beyond EOF, causing it to be lost. With this update, file sizeupdates are always executed in appropriate order, thus fixing this bug.(BZ#1218497)All kernel users are advised to upgrade to these updated packages, whichcontain backported patches to correct these issues. The system must berebooted for this update to take effect. |