CVE request: Linux Kernel, two security issues

[Agostino Sarubbo <ago () gentoo org>]

I don't see a cve assigned for the following:

1) https://secunia.com/advisories/57468/ :

A vulnerability has been reported in Linux Kernel, which can be exploited by 
malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to a race condition error in the 
"ath_tx_aggr_sleep()" function (drivers/net/wireless/ath/ath9k/xmit.c), which 
can be exploited to cause a crash.

The vulnerability is reported in versions prior to 3.12.15 and prior to 
3.13.7.


Solution:
Update to version 3.12.15 or 3.13.7.

Provided and/or discovered by:
Max Sydorenko within a bug report.

Original Advisory:
Kernel:
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.15
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.7

Max Sydorenko:
https://bugzilla.kernel.org/show_bug.cgi?id=70551




2) https://secunia.com/advisories/57436/ :

Description

A vulnerability has been reported in Linux Kernel, which can be exploited by 
malicious, local users to cause a DoS (Denial of Service).

The vulnerability is caused due to an error in the "arch_dup_task_struct()" 
function (arch/powerpc/kernel/process.c) and can be exploited to cause a crash 
via a specially crafted instruction sequence.

Note: This only affects systems running on PowerPC.

The vulnerability is reported in versions prior to 3.12.15 and 3.13.7.


Solution:
Update to version 3.12.15 or 3.13.7.

Provided and/or discovered by:
The vendor credits Adhemerval Zanella Neto.

Original Advisory:
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.15
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.7

-- 
Agostino Sarubbo
Gentoo Linux Developer