The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.156 to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-16597: Incorrect access checking in overlayfs mounts could have been
used by local attackers to modify or truncate files in the underlying
filesystem (bnc#1106512).
- CVE-2018-14613: Prevent invalid pointer dereference in io_ctl_map_page() when
mounting and operating a crafted btrfs image, caused by a lack of block group
item validation in check_leaf_item (bsc#1102896)
- CVE-2018-14617: Prevent NULL pointer dereference and panic in
hfsplus_lookup() when opening a file (that is purportedly a hard link) in an
hfs+ filesystem that has malformed catalog data, and is mounted read-only
without a metadata directory (bsc#1102870)
- CVE-2018-16276: Incorrect bounds checking in the yurex USB driver in
yurex_read allowed local attackers to use user access read/writes to crash the
kernel or potentially escalate privileges (bsc#1106095)
- CVE-2018-7757: Memory leak in the sas_smp_get_phy_events function in
drivers/scsi/libsas/sas_expander.c allowed local users to cause a denial of
service (memory consumption) via many read accesses to files in the
/sys/class/sas_phy directory, as demonstrated by the
/sys/class/sas_phy/phy-1:0:12/invalid_dword_count file (bnc#1084536)
- CVE-2018-7480: The blkcg_init_queue function allowed local users to cause a
denial of service (double free) or possibly have unspecified other impact by
triggering a creation failure (bsc#1082863).
- CVE-2018-17182: The vmacache_flush_all function in mm/vmacache.c
mishandled sequence number overflows. An attacker can trigger a
use-after-free (and possibly gain privileges) via certain thread creation,
map, unmap, invalidation, and dereference operations (bnc#1108399).
The following non-security bugs were fixed:
- asm/sections: add helpers to check for section data (bsc#1063026).
- ASoC: wm8994: Fix missing break in...