The SUSE Linux Enterprise 11 SP4 RT kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-10124: The kill_something_info function in kernel/signal.c might
have allowed local users to cause a denial of service via an INT_MIN argument
(bnc#1089752).
- CVE-2018-10087: The kernel_wait4 function in kernel/exit.c might have allowed
local users to cause a denial of service by triggering an attempted use of the
-INT_MIN value (bnc#1089608).
- CVE-2018-7757: Memory leak in the sas_smp_get_phy_events function in
drivers/scsi/libsas/sas_expander.c allowed local users to cause a denial of
service (memory consumption) via many read accesses to files in the
/sys/class/sas_phy directory, as demonstrated by the
/sys/class/sas_phy/phy-1:0:12/invalid_dword_count file (bnc#1084536).
- CVE-2018-7566: Buffer overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl
write operation to /dev/snd/seq by a local user potentially allowing for code
execution (bnc#1083483).
- CVE-2017-0861: Use-after-free vulnerability in the snd_pcm_info function in
the ALSA subsystem allowed attackers to gain privileges via unspecified vectors
(bnc#1088260 1088268).
- CVE-2018-8822: Incorrect buffer length handling in the ncp_read_kernel
function could have beenexploited by malicious NCPFS servers to crash the
kernel or execute code (bnc#1086162).
- CVE-2017-13166: Prevent elevation of privilege vulnerability in the video
driver (bnc#1072865).
- CVE-2017-18203: The dm_get_from_kobject function in drivers/md/dm.c allow
local users to cause a denial of service (BUG) by leveraging a race condition
with __dm_destroy during creation and removal of DM devices (bnc#1083242).
- CVE-2017-16911: The vhci_hcd driver allowed local attackers to disclose
kernel memory addresses. Successful exploitation requires that a USB device is
attached over IP (bnc#1078674).
- CVE-2017-18208: The madvise_willneed function in mm/madvise.c...