The SUSE Linux Enterprise 11 SP1 kernel has been updated to fix bugs and security issues.
The following security issues have been fixed:
*
CVE-2009-4307: The ext4_fill_flex_info function in fs/ext4/super.c in the Linux kernel allowed user-assisted remote attackers to cause a denial of service (divide-by-zero error and panic) via a malformed ext4 filesystem containing a super block with a large FLEX_BG group size (aka s_log_groups_per_flex value).
*
CVE-2012-2123: The cap_bprm_set_creds function in security/commoncap.c in the Linux kernel did not properly handle the use of file system capabilities (fcaps) for implementing a privileged executable file, which allowed local users to bypass intended personality restrictions via a crafted application.
*
CVE-2012-2133: A use after free bug in hugetlb support could be used by local attackers to crash the system.
*
CVE-2012-2136: Local attackers could trigger an overflow in sock_alloc_send_pksb(), potentially crashing the machine or escalating privileges.
*
CVE-2012-2319: A memory corruption when mounting a hfsplus file system was fixed that could be used by local attackers able to mount file system to crash the system.
*
CVE-2012-2383: An integer overflow in the i915_gem_execbuffer2 function in drivers/gpu/drm/i915/i915_gem.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel on 32-bit platforms allowed local users to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted ioctl call.
*
CVE-2012-2384: An integer overflow in the i915_gem_do_execbuffer function in drivers/gpu/drm/i915/i915_gem.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel on 32-bit platforms allowed local users to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted ioctl call.
*
CVE-2012-2390: A memory leak in transparent hugepages on mmap failure could be used by local attacker to run the machine out of memory (local denial of service).
*
CVE-2012-2663: A denial of service via specially forged TCP packets with SYN+FIN flags set was fixed.
*
CVE-2012-3375: A local denial of service in the last epoll fix was fixed.
The following non-security issues have been fixed:
* hrtimer: Provide clock_was_set_delayed() (bnc#771619). * time: Fix leapsecond triggered hrtimer/futex load spike issue (bnc#771619). * audit: Do not send uninitialized data for AUDIT_TTY_GET (bnc#755513). * tty_audit: Fix tty_audit_add_data live lock on audit disabled (bnc#721366, bnc#755513). * sched: Make sure to not re-read variables after validation (bnc#769685). * ntp: Fix leap second hrtimer deadlock (bnc#768632). * ntp: Avoid printk under xtime_lock (bnc#767684). * Fix boot hang-ups while LD is offline (bnc#698102). * scsi_transport_fc: Fix blocked BSG request when FC object deleted (bnc#761414, bnc#734300). * Revert list_head definition move to types.h.
openSUSE Leap 15.0 openSUSE Leap 42.3 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Containers 12 SUSE Linux Enterprise Module for High Performance Computing 12 SUSE Linux Enterprise Module for Legacy Software 12 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Module for Web Scripting 12 SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Server 11 SP1-LTSS SUSE Linux Enterprise Server 11 SP1-TERADATA SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP2-LTSS SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP3-LTSS SUSE Linux Enterprise Server 11 SP3-TERADATA SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 11 SP4-LTSS SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for SAP Applications 11 SUSE Linux Enterprise Server for SAP Applications 11 SP1-LTSS SUSE Linux Enterprise Server for SAP Applications 11 SP1-TERADATA SUSE Linux Enterprise Server for SAP Applications 11 SP2 SUSE Linux Enterprise Server for SAP Applications 11 SP2-LTSS SUSE Linux Enterprise Server for SAP Applications 11 SP3 SUSE Linux Enterprise Server for SAP Applications 11 SP3-LTSS SUSE Linux Enterprise Server for SAP Applications 11 SP3-TERADATA SUSE Linux Enterprise Server for SAP Applications 11 SP4 SUSE Linux Enterprise Server for SAP Applications 11 SP4-LTSS SUSE Linux Enterprise Server for SAP Applications 12 SUSE Linux Enterprise Server for SAP Applications 12 SP1 SUSE Linux Enterprise Server for SAP Applications 12 SP1-LTSS SUSE Linux Enterprise Server for SAP Applications 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SP2-BCL SUSE Linux Enterprise Server for SAP Applications 12 SP2-ESPOS SUSE Linux Enterprise Server for SAP Applications 12 SP2-LTSS SUSE Linux Enterprise Server for SAP Applications 12 SP3 SUSE Linux Enterprise Server for SAP Applications 12-LTSS SUSE Linux Enterprise Server for VMWare 11 SP2 SUSE Linux Enterprise Server for VMWare 11 SP3 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Workstation Extension 12 SP2 SUSE Linux Enterprise Workstation Extension 12 SP3 SUSE Linux Enterprise Workstation Extension 12 SP4