The SUSE Linux Enterprise 12 SP3 RT kernel was updated to 4.4.138 to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-12233: A memory corruption bug in JFS could have been triggered by
calling setxattr twice with two different extended attribute names on the same
file. This vulnerability could be triggered by an unprivileged user with the
ability to create files and execute programs (bsc#1097234)
- CVE-2018-3665: Prevent disclosure of FPU registers (including XMM and AVX
registers) between processes. These registers might contain encryption keys
when doing SSE accelerated AES enc/decryption (bsc#1087086)
- CVE-2018-5848: In the function wmi_set_ie(), the length validation code did
not handle unsigned integer overflow properly. As a result, a large value of
the 'ie_len' argument could have caused a buffer overflow (bnc#1097356)
- CVE-2017-18249: The add_free_nid function did not properly track an allocated
nid, which allowed local users to cause a denial of service (race condition) or
possibly have unspecified other impact via concurrent threads (bnc#1087036)
- CVE-2017-18241: Prevent a NULL pointer dereference by using a noflush_merge
option that triggers a NULL value for a flush_cmd_control data structure
(bnc#1086400)
- CVE-2017-17741: The KVM implementation in the Linux kernel allowed attackers
to obtain potentially sensitive information from kernel memory, aka a
write_mmio stack-based out-of-bounds read (bnc#1073311)
- CVE-2018-3639: Systems with microprocessors utilizing speculative execution
and speculative execution of memory reads the addresses of all prior memory
writes are known may have allowed unauthorized disclosure of information to an
attacker with local user access via a side-channel analysis, aka Speculative
Store Bypass (SSB), Variant 4 (bsc#1087082).
- CVE-2018-8781: The udl_fb_mmap function had an integer-overflow vulnerability
allowing local users with access to the...