The SUSE Linux Enterprise 12 SP3 RT kernel was updated to 4.4.147 to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2017-18344: The timer_create syscall implementation in kernel/time/posix-timers.c didn't properly validate the sigevent->sigev_notify field, which leads to out-of-bounds access in the show_timer function (called when /proc/$PID/timers is read). This allowed userspace applications to read arbitrary kernel memory (on a kernel built with CONFIG_POSIX_TIMERS and CONFIG_CHECKPOINT_RESTORE) (bnc#1102851 bsc#1103580).
- CVE-2018-10876: A flaw was found in the ext4 filesystem code. A use-after-free was possible in ext4_ext_remove_space() function when mounting and operating a crafted ext4 image. (bnc#1099811)
- CVE-2018-10877: The ext4 filesystem was vulnerable to an out-of-bound access in the ext4_ext_drop_refs() function when operating on a crafted ext4 filesystem image. (bnc#1099846)
- CVE-2018-10878: A flaw was found in the ext4 filesystem. A local user could cause an out-of-bounds write and a denial of service or unspecified other impact is possible by mounting and operating a crafted ext4 filesystem image. (bnc#1099813)
- CVE-2018-10879: A flaw was found in the ext4 filesystem. A local user could cause a use-after-free in ext4_xattr_set_entry function and a denial of service or unspecified other impact may occur by renaming a file in a crafted ext4 filesystem image. (bnc#1099844)
- CVE-2018-10880: Linux kernel is vulnerable to a stack-out-of-bounds write in the ext4 filesystem code when mounting and writing to a crafted ext4 image in ext4_update_inline_data(). An attacker could use this to cause a system crash and a denial of service. (bnc#1099845)
- CVE-2018-10881: A flaw was found in the ext4 filesystem. A local user can cause an out-of-bound access in ext4_get_group_info function, a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image. (bnc#1099864)
-...