Security update for the Linux Kernel (important)

The SUSE Linux Enterprise 11 SP3 LTSS kernel was updated to receive
various security and bugfixes.

The following security bugs were fixed:

• CVE-2017-5715: Systems with microprocessors utilizing speculative
  execution and indirect branch prediction may allow unauthorized
  disclosure of information to an attacker with local user access via a
  side-channel analysis (bnc#1068032).

  The previous fix using CPU Microcode has been complemented by building
  the Linux Kernel with return trampolines aka "retpolines".

• CVE-2018-5332: In the Linux kernel the rds_message_alloc_sgs() function
  did not validate a value that is used during DMA page allocation,
  leading to a heap-based out-of-bounds write (related to the
  rds_rdma_extra_size function in net/rds/rdma.c) (bnc#1075621).

• CVE-2018-5333: In the Linux kernel the rds_cmsg_atomic function in
  net/rds/rdma.c mishandled cases where page pinning fails or an invalid
  address is supplied, leading to an rds_atomic_free_op NULL pointer
  dereference (bnc#1075617).

• CVE-2017-18017: The tcpmss_mangle_packet function in
  net/netfilter/xt_TCPMSS.c in the Linux kernel allowed remote attackers
  to cause a denial of service (use-after-free and memory corruption) or
  possibly have unspecified other impact by leveraging the presence of
  xt_TCPMSS in an iptables action (bnc#1074488).

• CVE-2017-18079: drivers/input/serio/i8042.c in the Linux kernel allowed
  attackers to cause a denial of service (NULL pointer dereference and
  system crash) or possibly have unspecified other impact because the
  port->exists value can change after it is validated (bnc#1077922).

• CVE-2017-17741: The KVM implementation in the Linux kernel allowed
  attackers to obtain potentially sensitive information from kernel
  memory, aka a write_mmio stack-based out-of-bounds read, related to
  arch/x86/kvm/x86.c and include/trace/events/kvm.h (bnc#1073311).

• CVE-2017-13215: A elevation of privilege vulnerability in the Upstream
  kernel skcipher. (bnc#1075908).

• CVE-2018-1000004: In the Linux kernel a race condition vulnerability
  exists in the sound system, this can lead to a deadlock and denial of
  service condition (bnc#1076017).

The following non-security bugs were fixed:

• cdc-acm: apply quirk for card reader (bsc#1060279).
• Enable CPU vulnerabilities reporting via sysfs
• fork: clear thread stack upon allocation (bsc#1077560).
• kaiser: Set _PAGE_NX only if supported (bnc#1012382, bnc#1076278).
• kbuild: modversions for EXPORT_SYMBOL() for asm (bsc#1074621
  bsc#1068032).
• Move kABI fixup for retpolines to proper place.
• powerpc/vdso64: Use double word compare on pointers (bsc#1070781).
• s390: add ppa to the idle loop (bnc#1077406, LTC#163910).
• s390/cpuinfo: show facilities as reported by stfle (bnc#1076849,
  LTC#163741).
• storvsc: do not assume SG list is continuous when doing bounce buffers
  (bsc#1075410).
• sysfs/cpu: Add vulnerability folder (bnc#1012382).
• sysfs/cpu: Fix typos in vulnerability documentation (bnc#1012382).
• sysfs: spectre_v2, handle spec_ctrl (bsc#1075994 bsc#1075091).
• x86/acpi: Handle SCI interrupts above legacy space gracefully
  (bsc#1068984).
• x86/acpi: Reduce code duplication in mp_override_legacy_irq()
  (bsc#1068984).
• x86/boot: Fix early command-line parsing when matching at end
  (bsc#1068032).
• x86/cpu: Factor out application of forced CPU caps (bsc#1075994
  bsc#1075091).
• x86/cpu: Implement CPU vulnerabilites sysfs functions (bnc#1012382).
• x86/CPU: Sync CPU feature flags late (bsc#1075994 bsc#1075091).
• x86/kaiser: Populate shadow PGD with NX bit only if supported by
  platform (bsc#1076154 bsc#1076278).
• x86/kaiser: use trampoline stack for kernel entry.
• x86/microcode/intel: Disable late loading on model 79 (bsc#1054305).
• x86/microcode/intel: Extend BDW late-loading further with LLC size check
  (bsc#1054305).
• x86/microcode/intel: Extend BDW late-loading with a revision check
  (bsc#1054305).
• x86/microcode: Rescan feature flags upon late loading (bsc#1075994
  bsc#1075091).
• x86/retpolines/spec_ctrl: disable IBRS on !SKL if retpolines are active
  (bsc#1068032).
• x86/spec_ctrl: handle late setting of X86_FEATURE_SPEC_CTRL properly
  (bsc#1075994 bsc#1075091).
• x86/spectre_v2: fix ordering in IBRS initialization (bsc#1075994
  bsc#1075091).
• x86/spectre_v2: nospectre_v2 means nospec too (bsc#1075994 bsc#1075091).