linux - security update

Several vulnerabilities have been discovered in the Linux kernel that
may lead to a denial of service, information leaks or privilege
escalation.

• CVE-2013-7421 /
  CVE-2014-9644
  It was discovered that the Crypto API allowed unprivileged users
  to load arbitrary kernel modules. A local user can use this flaw
  to exploit vulnerabilities in modules that would not normally be
  loaded.
• CVE-2014-7822
  Akira Fujita found that the splice() system call did not validate
  the given file offset and length. A local unprivileged user can use
  this flaw to cause filesystem corruption on ext4 filesystems, or
  possibly other effects.
• CVE-2014-8160
  Florian Westphal discovered that a netfilter (iptables/ip6tables) rule
  accepting packets to a specific SCTP, DCCP, GRE or UDPlite
  port/endpoint could result in incorrect connection tracking state.
  If only the generic connection tracking module (nf_conntrack) was
  loaded, and not the protocol-specific connection tracking module,
  this would allow access to any port/endpoint of the specified
  protocol.
• CVE-2014-8559
  It was found that kernel functions that iterate over a directory
  tree can dead-lock or live-lock in case some of the directory
  entries were recently deleted or dropped from the cache. A local
  unprivileged user can use this flaw for denial of service.
• CVE-2014-9585
  Andy Lutomirski discovered that address randomisation for the vDSO
  in 64-bit processes is extremely biased. A local unprivileged user
  could potentially use this flaw to bypass the ASLR protection
  mechanism.
• CVE-2014-9683
  Dmitry Chernenkov discovered that eCryptfs writes past the end of
  the allocated buffer during encrypted filename decoding, resulting
  in local denial of service.
• CVE-2015-0239
  It was found that KVM did not correctly emulate the x86 SYSENTER
  instruction. An unprivileged user within a guest system that has
  not enabled SYSENTER, for example because the emulated CPU vendor
  is AMD, could potentially use this flaw to cause a denial of
  service or privilege escalation in that guest.
• CVE-2015-1420
  It was discovered that the open_by_handle_at() system call reads
  the handle size from user memory a second time after validating
  it. A local user with the CAP_DAC_READ_SEARCH capability could use
  this flaw for privilege escalation.
• CVE-2015-1421
  It was found that the SCTP implementation could free an
  authentication state while it was still in use, resulting in heap
  corruption. This could allow remote users to cause a denial of
  service or privilege escalation.
• CVE-2015-1593
  It was found that address randomisation for the initial stack in
  64-bit processes was limited to 20 rather than 22 bits of entropy.
  A local unprivileged user could potentially use this flaw to
  bypass the ASLR protection mechanism.

For the stable distribution (wheezy), these problems have been fixed in
version 3.2.65-1+deb7u2. Additionally this update fixes regressions
introduced in versions 3.2.65-1 and 3.2.65-1+deb7u1.

For the upcoming stable distribution (jessie), these problems will be fixed
soon (a subset is fixed already).

For the unstable distribution (sid), these problems will be fixed soon
(a subset is fixed already).

We recommend that you upgrade your linux packages.