The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various
security and bugfixes.
The following security bugs were fixed:
- CVE-2018-1087: And an unprivileged KVM guest user could use this flaw to
potentially escalate their privileges inside a guest. (bsc#1087088)
- CVE-2018-8897: An unprivileged system user could use incorrect set up
interrupt stacks to crash the Linux kernel resulting in DoS issue.
(bsc#1087088)
- CVE-2018-10124: The kill_something_info function in kernel/signal.c in
the Linux kernel before 4.13, when an unspecified architecture and
compiler is used, might allow local users to cause a denial of service
via an INT_MIN argument (bnc#1089752).
The following non-security bugs were fixed:
- kvm/x86: fix icebp instruction handling (bsc#1087088).
- media: cpia2: Fix a couple off by one bugs (bsc#1050431).
- nfs: add nostatflush mount option (bsc#1065726).
- nfs: allow flush-on-stat to be disabled (bsc#1065726).
- powerpc/fadump: Add a warning when ‘fadump_reserve_mem=’ is used
(bnc#1032084, FATE#323225).
- powerpc/fadump: reuse crashkernel parameter for fadump memory
reservation (bnc#1032084, FATE#323225).
- powerpc/fadump: update documentation about crashkernel parameter reuse
(bnc#1032084, FATE#323225).
- powerpc/fadump: use ‘fadump_reserve_mem=’ when specified (bnc#1032084,
FATE#323225).
- x86/entry/64: Do not use IST entry for #BP stack (bsc#1087088).