Bug#637848: Changes from longterm 2.6.32.43

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#637848: Changes from longterm 2.6.32.43
From: Ben Hutchings <ben@decadent.org.uk>
Date: Mon, 15 Aug 2011 04:47:06 +0100
Message-id: <[🔎] 20110815034706.22483.68372.reportbug@deadeye>
Reply-to: Ben Hutchings <ben@decadent.org.uk>, 637848@bugs.debian.org

Package: linux-2.6
Version: 2.6.32-35
Severity: normal

4553fbd ksm: fix NULL pointer dereference in scan_get_next_rmap_item()

Appears to fix a local denial-of-service (oops).

f55a989 migrate: don't account swapcache as shmem

Not sure what the implications are.

86df348 xen: partially revert "xen: set max_pfn_mapped to the last pfn mapped"

Fixes (performance?) regression for Xen on i386 introduced in
2.6.32.36 (Debian: 2.6.32-32).

b63010f clocksource: Make watchdog robust vs. interruption

Fixes case where a good clocksource may wrongly be considered
unreliable and then disabled.  This bug could result in reduced
timing accuracy and/or increased power usage.

9bb7bdf TTY: ldisc, do not close until there are readers

The subject should actually say 'no readers'.  Fixes a use-after-free
bug similar to that reported in
<http://thread.gmane.org/gmane.linux.kernel.input/16189>.
May be an exploitable security flaw.

ddaa6a0 xhci: Reject double add of active endpoints.

Fixes case where UAS (USB-attached SCSI) device can become unusable.

1588e82 PM: Free memory bitmaps if opening /dev/snapshot fails

Fixes crash if snapshot (for software suspend) fails in a certain way
and is then retried.

6d40246 ath5k: fix memory leak when fewer than N_PD_CURVES are in use

Fixes memory leak during reconfiguration, with certain encryption
settings.

ae3862c mm: fix negative commitlimit when gigantic hugepages are allocated

Fixes likely very poor performance if overcommit is disabled and
gigantic hugepages are used.

986e0f6 uvcvideo: Remove buffers from the queues when freeing

Fixes local denial-of-service (oops) in this device driver (used for
many webcams and other USB video devices).

6d86a0e watchdog: mtx1-wdt: request gpio before using it

No effect; code is not built (and is specific to MIPS MTX-1 boards).

336fca9 debugobjects: Fix boot crash when kmemleak and debugobjects enabled

No effect; code is not built.

1ff36a0 cfq-iosched: fix locking around ioc->ioc_data assignment
1e03bb2 cfq-iosched: fix a rcu warning

Fix race conditions in disk I/O queueing.  At least the first
is known to result in crashes for some users.

48984ad i2c-taos-evm: Fix log messages

Fixes crash in one error case (I think) and hidden error messages in
others.

1ca3969 md: avoid endless recovery loop when waiting for fail device to complete.

Fixes handling of a particular RAID member failure case.

d2c7e88 SUNRPC: Ensure the RPC client only quits on fatal signals

Not sure what the implications are.  Probably makes NFS more
reliable.

06ce414 6pack,mkiss: fix lock inconsistency

Fixes potential deadlock in these hamradio drivers.

68e62de taskstats: don't allow duplicate entries in listener mode

Fixes local denial-of-service (CVE-2011-2484).  Already pending on
squeeze-security branch.

ae6fe57 USB: don't let errors prevent system sleep
1e9c04f USB: don't let the hub driver prevent system sleep

Fix some suspend/hibernate failures.

3bbcb3e uml: fix CONFIG_STATIC_LINK=y build failure with newer glibc

Fixes FTBFS for UML with multi-arch glibc and 'recent' binutils.  Not
sure whether this has any effect in squeeze.

2b71587 um: os-linux/mem.c needs sys/stat.h

Fixes FTBFS for UML in some environments (Fedora 13 is mentioned).

d91b197 netlink: Make nlmsg_find_attr take a const nlmsghdr*.

No effect; but is preparation for next fix.

ea57372 inet_diag: fix inet_diag_bc_audit()

Fixes local denial-of-service (CVE-2011-2213).  Already cherry-picked.

7af74e7 PM / Hibernate: Avoid hitting OOM during preallocation of memory

Fixes possible very poor performance of hibernation.

e6c768e PM / Hibernate: Fix free_unnecessary_pages()

Fixes possible crash in hibernation.

46f4079 bug.h: Add WARN_RATELIMIT

No effect; but is preparation for next fix.

5eabe87 net: filter: Use WARN_RATELIMIT

Fixes local denial-of-service (log spam).

cc2c656 af_packet: prevent information leak

Like it says.

4e754b4 net/ipv4: Check for mistakenly passed in non-IPv4 address

Fixes parameter validation.  This has no security implications (AFAIK)
but might break some buggy programs.  We may want to revert this.

ac7573b ipv6/udp: Use the correct variable to determine non-blocking condition

Fixes potential userland hang.  Could be a remote denial-of-service
against servers using UDP/IPv6.

453d61c udp/recvmsg: Clear MSG_TRUNC flag when starting over for a new packet

Fixes spurious error indication to userland.

ffdd12e mm: prevent concurrent unmap_mapping_range() on the same inode

Fixes local denial-of-service (BUG).

-- System Information:
Debian Release: wheezy/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'stable'), (1, 'experimental')
Architecture: i386 (x86_64)

Kernel: Linux 3.0.0-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Reply to:

Follow-Ups:
- Bug#637848: Changes from longterm 2.6.32.43
  - From: Ben Hutchings <ben@decadent.org.uk>

Prev by Date: Updating linux-2.6 for point release 6.0.3
Next by Date: Processed: tagging 637848
Previous by thread: Re: Updating linux-2.6 for point release 6.0.3
Next by thread: Bug#637848: Changes from longterm 2.6.32.43
Index(es):
- Date
- Thread