The SUSE Linux Enterprise 11 SP4 RT kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2017-1000251: The native Bluetooth stack was vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in remote code execution in kernel space (bnc#1057389). - CVE-2017-14340: The XFS_IS_REALTIME_INODE macro in fs/xfs/xfs_linux.h did not verify that a filesystem has a realtime device, which allowed local users to cause a denial of service (NULL pointer dereference and OOPS) via vectors related to setting an RHINHERIT flag on a directory (bnc#1058524). - CVE-2017-14140: The move_pages system call in mm/migrate.c did not check the effective uid of the target process, enabling a local attacker to learn the memory layout of a setuid executable despite ASLR (bnc#1057179). - CVE-2017-14051: An integer overflow in the qla2x00_sysfs_write_optrom_ctl function in drivers/scsi/qla2xxx/qla_attr.c allowed local users to cause a denial of service (memory corruption and system crash) by leveraging root access (bnc#1056588). - CVE-2017-10661: Race condition in fs/timerfd.c allowed local users to gain privileges or cause a denial of service (list corruption or use-after-free) via simultaneous file-descriptor operations that leverage improper might_cancel queueing (bnc#1053152). - CVE-2017-12762: In /drivers/isdn/i4l/isdn_net.c a user-controlled buffer was copied into a local buffer of constant size using strcpy without a length check which can cause a buffer overflow (bnc#1053148). - CVE-2017-8831: The saa7164_bus_get function allowed local users to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact by changing a certain sequence-number value, aka a 'double fetch' vulnerability (bnc#1037994). - CVE-2017-1000112: Prevent race condition in net-packet code that could have been exploited by unprivileged users to gain root access.(bnc#1052311).
The following non-security bugs were fixed:
- ALSA: Fix Lewisburg audio issue - Drop commit 96234ae:kvm_io_bus_unregister_dev() should never fail (bsc#1055680) - Fixup build warnings in drivers/scsi/scsi.c (bsc#1031358) - NFS: Cache aggressively when file is open for writing (bsc#1053933). - NFS: Do drop directory dentry when error clearly requires it (bsc#1051932). - NFS: Do not flush caches for a getattr that races with writeback (bsc#1053933). - NFS: Optimize fallocate by refreshing mapping when needed (bsc#1053933). - NFS: invalidate file size when taking a lock (bsc#1053933). - PCI: fix hotplug related issues (bnc#1054247). - af_key: do not use GFP_KERNEL in atomic contexts (bsc#1054093). - avoid deadlock in xenbus (bnc#1047523). - blacklist 9754d45e9970 tpm: read burstcount from TPM_STS in one 32-bit transaction - blkback/blktap: do not leak stack data via response ring (bsc#1042863 XSA-216). - cx231xx-audio: fix NULL-deref at probe (bsc#1050431). - cx82310_eth: use skb_cow_head() to deal with cloned skbs (bsc#1045154). - fuse: do not use iocb after it may have been freed (bsc#1054706). - fuse: fix fuse_write_end() if zero bytes were copied (bsc#1054706). - fuse: fsync() did not return IO errors (bsc#1054076). - fuse: fuse_flush must check mapping->flags for errors (bsc#1054706). - gspca: konica: add missing endpoint sanity check (bsc#1050431). - kabi/severities: Ignore zpci symbol changes (bsc#1054247) - lib/mpi: mpi_read_raw_data(): fix nbits calculation - media: platform: davinci: return -EINVAL for VPFE_CMD_S_CCDC_RAW_PARAMS ioctl (bsc#1050431). - net: Fix RCU splat in af_key (bsc#1054093). - powerpc/fadump: add reschedule point while releasing memory (bsc#1040609 bsc#1024450). - powerpc/fadump: avoid duplicates in crash memory ranges (bsc#1037669 bsc#1037667). - powerpc/fadump: provide a helpful error message (bsc#1037669 bsc#1037667). - powerpc/prom: Increase minimum RMA size to 512MB (bsc#984530, bsc#1052370). - powerpc/slb: Force a full SLB flush when we insert for a bad EA (bsc#1054070). - reiserfs: fix race in readdir (bsc#1039803). - s390/pci: do not cleanup in arch_setup_msi_irqs (bnc#1054247). - s390/pci: fix handling of PEC 306 (bnc#1054247). - s390/pci: improve error handling during fmb (de)registration (bnc#1054247). - s390/pci: improve error handling during interrupt deregistration (bnc#1054247). - s390/pci: improve pci hotplug (bnc#1054247). - s390/pci: improve unreg_ioat error handling (bnc#1054247). - s390/pci: introduce clp_get_state (bnc#1054247). - s390/pci: provide more debug information (bnc#1054247). - scsi: avoid system stall due to host_busy race (bsc#1031358). - scsi: close race when updating blocked counters (bsc#1031358). - ser_gigaset: return -ENOMEM on error instead of success (bsc#1037441). - supported.conf: clear mistaken external support flag for cifs.ko (bsc#1053802). - tpm: fix a kernel memory leak in tpm-sysfs.c (bsc#1050381). - uwb: fix device quirk on big-endian hosts (bsc#1036629). - xfs: fix inobt inode allocation search optimization (bsc#1013018).
openSUSE Leap 42.3 SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Desktop Applications 15 SUSE Linux Enterprise Module for Legacy Software 12 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Module for Web Scripting 12 SUSE Linux Enterprise Real Time Extension 11 SP4 SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Server 11 SP1-LTSS SUSE Linux Enterprise Server 11 SP1-TERADATA SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP2-LTSS SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP3-LTSS SUSE Linux Enterprise Server 11 SP3-TERADATA SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS SUSE Linux Enterprise Server 11 SP4-LTSS SUSE Linux Enterprise Server 11-SECURITY SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for SAP Applications 11 SUSE Linux Enterprise Server for SAP Applications 11 SP1-LTSS SUSE Linux Enterprise Server for SAP Applications 11 SP1-TERADATA SUSE Linux Enterprise Server for SAP Applications 11 SP2 SUSE Linux Enterprise Server for SAP Applications 11 SP2-LTSS SUSE Linux Enterprise Server for SAP Applications 11 SP3 SUSE Linux Enterprise Server for SAP Applications 11 SP3-LTSS SUSE Linux Enterprise Server for SAP Applications 11 SP3-TERADATA SUSE Linux Enterprise Server for SAP Applications 11 SP4 SUSE Linux Enterprise Server for SAP Applications 11 SP4-CLIENT-TOOLS SUSE Linux Enterprise Server for SAP Applications 11 SP4-LTSS SUSE Linux Enterprise Server for SAP Applications 11-SECURITY SUSE Linux Enterprise Server for SAP Applications 12 SUSE Linux Enterprise Server for SAP Applications 12 SP1 SUSE Linux Enterprise Server for SAP Applications 12 SP1-LTSS SUSE Linux Enterprise Server for SAP Applications 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SP2-LTSS SUSE Linux Enterprise Server for SAP Applications 12-LTSS SUSE Linux Enterprise Server for VMWare 11 SP2 SUSE Linux Enterprise Server for VMWare 11 SP3 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Workstation Extension 12 SP2 SUSE Linux Enterprise Workstation Extension 12 SP3 SUSE Linux Enterprise Workstation Extension 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7