[SUSE-SU-2018:2177-1] Security update for the Linux Kernel
Severity
Important
CVEs
1
Security update for the Linux Kernel
The SUSE Linux Enterprise 11 SP4 RT kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2014-3688: The SCTP implementation allowed remote attackers to cause a denial of service (memory consumption) by triggering a large number of chunks in an association's output queue (bsc#902351)
The following non-security bugs were fixed:
- ALSA: hda/ca0132: fix build failure when a local macro is defined (bsc#1045538).
- ALSA: seq: Do not allow resizing pool in use (bsc#1045538).
- Delete patches.fixes/0001-ipc-shm-Fix-shmat-mmap-nil-page-protection.patch (bsc# 1090078)
- IB/mlx4: fix sprintf format warning (bnc#786036).
- RDMA/mlx4: Discard unknown SQP work requests (bnc#786036).
- USB: uss720: fix NULL-deref at probe (bnc#1047487).
- bna: integer overflow bug in debugfs (bnc#780242).
- e1000e: Ignore TSYNCRXCTL when getting I219 clock attributes (bug#923242).
- e1000e: Undo e1000e_pm_freeze if __e1000_shutdown fails (bug#909495).
- fix a leak in /proc/schedstats (bsc#1094876).
- ixgbe: Initialize 64-bit stats seqcounts (bnc#795301).
- mm: fix the NULL mapping case in __isolate_lru_page() (git-fixes).
- module/retpoline: Warn about missing retpoline in module (bnc#1099177).
- net/mlx4_core: Fix error handling in mlx4_init_port_info (bnc#786036).
- net/mlx4_en: Change default QoS settings (bnc#786036).
- net/mlx4_en: Use __force to fix a sparse warning in TX datapath (bug#925105).
- netxen: fix incorrect loop counter decrement (bnc#784815).
- powerpc: Machine check interrupt is a non-maskable interrupt (bsc#1094244).
- s390/qdio: do not merge ERROR output buffers (bnc#1099709).
- s390/qeth: do not dump control cmd twice (bnc#1099709).
- s390/qeth: fix SETIP command handling (bnc#1099709).
- s390/qeth: free netdevice when removing a card (bnc#1099709).
- s390/qeth: lock read device while queueing next buffer (bnc#1099709).
- s390/qeth: when thread completes, wake up all waiters (bnc#1099709).
- sched/sysctl: Check user input value of sysctl_sched_time_avg (bsc#1100089).
- scsi: sg: mitigate read/write abuse (bsc#1101296).
- tg3: do not clear stats while tg3_close (bnc#790588).
- video/stifb: Return -ENOMEM after a failed kzalloc() in stifb_init_fb() (bnc#1099966).
- vmxnet3: use correct flag to indicate LRO feature (bsc#936423).
- x86-32/kaiser: Add CPL check for CR3 switch before iret (bsc#1098408).
- x86-non-upstream-eager-fpu 32bit fix (bnc#1087086 bnc#1100091 bnc#1099598).
- x86/cpu/bugs: Make retpoline module warning conditional (bnc#1099177).
- xen/x86/spectre_v1: Disable compiler optimizations over array_index_mask_nospec() (bsc#1068032).
- ID
- SUSE-SU-2018:2177-1
- Severity
- important
- URL
- https://www.suse.com/support/update/announcement/2018/suse-su-20182177-1/
- Published
-
2018-08-02T14:40:22
(6 years ago) - Modified
-
2018-08-02T14:40:22
(6 years ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
- DSA-3060-1
- ELSA-2014-1971
- ELSA-2014-1997
- ELSA-2014-3103
- ELSA-2014-3104
- ELSA-2014-3105
- FEDORA-2014-13558
- FEDORA-2014-13773
- FEDORA-2014-14068
- FEDORA-2014-14126
- FEDORA-2014-15200
- FEDORA-2014-16632
- FEDORA-2014-17244
- FEDORA-2014-17283
- FEDORA-2015-0515
- FEDORA-2015-1672
- FEDORA-2015-3594
- FEDORA-2015-5024
- FEDORA-2015-6294
- FEDORA-2015-8518
- RHSA-2014:1971
- RHSA-2014:1997
- SUSE-SU-2015:0481-1
- SUSE-SU-2015:0581-1
- SUSE-SU-2015:0652-1
- SUSE-SU-2015:0736-1
- SUSE-SU-2015:1174-1
- SUSE-SU-2015:1376-1
- SUSE-SU-2018:2062-1
- USN-2417-1
- USN-2418-1
- USN-2441-1
- USN-2442-1
- USN-2445-1
- USN-2446-1
- USN-2447-1
- USN-2448-1
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |