This update for the Linux Kernel 3.12.59-60_45 fixes several issues.
The following security bugs were fixed:
- CVE-2016-6480: Race condition in the ioctl_send_fib function in
drivers/scsi/aacraid/commctrl.c in the Linux kernel allowed local users
to cause a denial of service (out-of-bounds access or system crash) by
changing a certain size value, aka a "double fetch" vulnerability
(bsc#991667).
- CVE-2016-5829: Multiple heap-based buffer overflows in the
hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux
kernel allowed local users to cause a denial of service or possibly have
unspecified other impact via a crafted (1) HIDIOCGUSAGES or (2)
HIDIOCSUSAGES ioctl call (bsc#986573).