The SUSE Linux Enterprise 11 SP3 LTSS kernel was updated to receive
various security and bugfixes.
The following security bugs were fixed:
CVE-2017-5715: Systems with microprocessors utilizing speculative
execution and indirect branch prediction may allow unauthorized
disclosure of information to an attacker with local user access via a
side-channel analysis (bnc#1068032).
The previous fix using CPU Microcode has been complemented by building
the Linux Kernel with return trampolines aka "retpolines".
CVE-2018-5332: In the Linux kernel the rds_message_alloc_sgs() function
did not validate a value that is used during DMA page allocation,
leading to a heap-based out-of-bounds write (related to the
rds_rdma_extra_size function in net/rds/rdma.c) (bnc#1075621).
CVE-2018-5333: In the Linux kernel the rds_cmsg_atomic function in
net/rds/rdma.c mishandled cases where page pinning fails or an invalid
address is supplied, leading to an rds_atomic_free_op NULL pointer
dereference (bnc#1075617).
CVE-2017-18017: The tcpmss_mangle_packet function in
net/netfilter/xt_TCPMSS.c in the Linux kernel allowed remote attackers
to cause a denial of service (use-after-free and memory corruption) or
possibly have unspecified other impact by leveraging the presence of
xt_TCPMSS in an iptables action (bnc#1074488).
CVE-2017-18079: drivers/input/serio/i8042.c in the Linux kernel allowed
attackers to cause a denial of service (NULL pointer dereference and
system crash) or possibly have unspecified other impact because the
port->exists value can change after it is validated (bnc#1077922).
CVE-2017-17741: The KVM implementation in the Linux kernel allowed
attackers to obtain potentially sensitive information from kernel
memory, aka a write_mmio stack-based out-of-bounds read, related to
arch/x86/kvm/x86.c and include/trace/events/kvm.h (bnc#1073311).
CVE-2017-13215: A elevation of privilege vulnerability in the Upstream
kernel skcipher. (bnc#1075908).
CVE-2018-1000004: In the Linux kernel a race condition vulnerability
exists in the sound system, this can lead to a deadlock and denial of
service condition (bnc#1076017).
The following non-security bugs were fixed:
bugzilla.suse.com/1012382
bugzilla.suse.com/1054305
bugzilla.suse.com/1060279
bugzilla.suse.com/1068032
bugzilla.suse.com/1068984
bugzilla.suse.com/1070781
bugzilla.suse.com/1073311
bugzilla.suse.com/1074488
bugzilla.suse.com/1074621
bugzilla.suse.com/1075091
bugzilla.suse.com/1075410
bugzilla.suse.com/1075617
bugzilla.suse.com/1075621
bugzilla.suse.com/1075908
bugzilla.suse.com/1075994
bugzilla.suse.com/1076017
bugzilla.suse.com/1076154
bugzilla.suse.com/1076278
bugzilla.suse.com/1076849
bugzilla.suse.com/1077406
bugzilla.suse.com/1077560
bugzilla.suse.com/1077922