(RHSA-2016:1100) Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

• Two flaws were found in the way the Linux kernel’s networking implementation handled UDP packets with incorrect checksum values. A remote attacker could potentially use these flaws to trigger an infinite loop in the kernel, resulting in a denial of service on the system, or cause a denial of service in applications using the edge triggered epoll functionality. (CVE-2015-5364, CVE-2015-5366, Important)

Bug Fix(es):

• In anon_vma data structure, the degree counts number of child anon_vmas and of VMAs that point to this anon_vma. In the unlink_anon_vma() function, when its list is empty, anon_vma is going to be freed whether the external refcount is zero or not, so the parent’s degree should be decremented. However, failure to decrement the degree triggered a BUG_ON() signal in unlink_anon_vma(). The provided patch fixes this bug, and the degree is now decremented as expected. (BZ#1326027)

Enhancement(s):

• The ixgbe NIC driver has been upgraded to upstream version 4.2.1, which provides a number of bug fixes and enhancements over the previous version. Notably:

NULL pointer crashes related to VLAN support have been fixed

Two more devices from the Intel X550 Ethernet controller family are now supported: IDs 15AC and 15AD

Several PHY-related problems have been addressed: link disruptions and link flapping

Added PHY-related support for Intel X550

System performance has been improved

(BZ#1315702)