SUSE-SU-2018:1171-1

Description

Security update for the Linux Kernel The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-1087: And an unprivileged KVM guest user could use this flaw to potentially escalate their privileges inside a guest. (bsc#1087088) - CVE-2018-8897: An unprivileged system user could use incorrect set up interrupt stacks to crash the Linux kernel resulting in DoS issue. (bsc#1087088) - CVE-2018-10124: The kill_something_info function in kernel/signal.c in the Linux kernel before 4.13, when an unspecified architecture and compiler is used, might allow local users to cause a denial of service via an INT_MIN argument (bnc#1089752). The following non-security bugs were fixed: - kvm/x86: fix icebp instruction handling (bsc#1087088). - media: cpia2: Fix a couple off by one bugs (bsc#1050431). - nfs: add nostatflush mount option (bsc#1065726). - nfs: allow flush-on-stat to be disabled (bsc#1065726). - powerpc/fadump: Add a warning when 'fadump_reserve_mem=' is used (bnc#1032084, FATE#323225). - powerpc/fadump: reuse crashkernel parameter for fadump memory reservation (bnc#1032084, FATE#323225). - powerpc/fadump: update documentation about crashkernel parameter reuse (bnc#1032084, FATE#323225). - powerpc/fadump: use 'fadump_reserve_mem=' when specified (bnc#1032084, FATE#323225). - x86/entry/64: Do not use IST entry for #BP stack (bsc#1087088).

Affected Systems

• suse•kernel-bigmem&distro=SUSE Linux Enterprise Server 11 SP4

  < 3.0.101-108.41.1

• suse•kernel-bigmem&distro=SUSE Linux Enterprise Server for SAP Applications 11 SP4

  < 3.0.101-108.41.1

• suse•kernel-default&distro=SUSE Linux Enterprise Server 11 SP4

  < 3.0.101-108.41.1

• suse•kernel-default&distro=SUSE Linux Enterprise Server for SAP Applications 11 SP4

  < 3.0.101-108.41.1

• suse•kernel-docs&distro=SUSE Linux Enterprise Software Development Kit 11 SP4

  < 3.0.101-108.41.1

• suse•kernel-ec2&distro=SUSE Linux Enterprise Server 11 SP4

  < 3.0.101-108.41.1

• suse•kernel-ec2&distro=SUSE Linux Enterprise Server for SAP Applications 11 SP4

  < 3.0.101-108.41.1

• suse•kernel-pae&distro=SUSE Linux Enterprise Server 11 SP4

  < 3.0.101-108.41.1

• suse•kernel-pae&distro=SUSE Linux Enterprise Server for SAP Applications 11 SP4

  < 3.0.101-108.41.1

• suse•kernel-ppc64&distro=SUSE Linux Enterprise Server 11 SP4

  < 3.0.101-108.41.1

• suse•kernel-ppc64&distro=SUSE Linux Enterprise Server for SAP Applications 11 SP4

  < 3.0.101-108.41.1

• suse•kernel-source&distro=SUSE Linux Enterprise Server 11 SP4

  < 3.0.101-108.41.1

• suse•kernel-source&distro=SUSE Linux Enterprise Server for SAP Applications 11 SP4

  < 3.0.101-108.41.1

• suse•kernel-syms&distro=SUSE Linux Enterprise Server 11 SP4

  < 3.0.101-108.41.1

• suse•kernel-syms&distro=SUSE Linux Enterprise Server for SAP Applications 11 SP4

  < 3.0.101-108.41.1

• suse•kernel-trace&distro=SUSE Linux Enterprise Server 11 SP4

  < 3.0.101-108.41.1

• suse•kernel-trace&distro=SUSE Linux Enterprise Server for SAP Applications 11 SP4

  < 3.0.101-108.41.1

• suse•kernel-xen&distro=SUSE Linux Enterprise Server 11 SP4

  < 3.0.101-108.41.1

• suse•kernel-xen&distro=SUSE Linux Enterprise Server for SAP Applications 11 SP4

  < 3.0.101-108.41.1

References (11)

• https://www.suse.com/support/update/announcement/2018/suse-su-20181171-1/
• https://bugzilla.suse.com/1032084
• https://bugzilla.suse.com/1050431
• https://bugzilla.suse.com/1065726
• https://bugzilla.suse.com/1087088
• https://bugzilla.suse.com/1089665
• https://bugzilla.suse.com/1089668
• https://bugzilla.suse.com/1089752
• https://www.suse.com/security/cve/CVE-2018-10124
• https://www.suse.com/security/cve/CVE-2018-1087
• https://www.suse.com/security/cve/CVE-2018-8897