SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID:    SUSE-SU-2018:3004-1
Rating:             important
References:         #1012382 #1044189 #1063026 #1066223 #1082863 
                    #1082979 #1084427 #1084536 #1087209 #1088087 
                    #1090535 #1091815 #1094244 #1094555 #1094562 
                    #1095344 #1095753 #1096547 #1099810 #1102495 
                    #1102715 #1102870 #1102875 #1102877 #1102879 
                    #1102882 #1102896 #1103156 #1103269 #1106095 
                    #1106434 #1106512 #1106594 #1106934 #1107924 
                    #1108096 #1108170 #1108240 #1108399 #1108803 
                    #1108823 #1109333 #1109336 #1109337 #1109441 
                    #1110297 #1110337 
Cross-References:   CVE-2018-14613 CVE-2018-14617 CVE-2018-16276
                    CVE-2018-16597 CVE-2018-17182 CVE-2018-7480
                    CVE-2018-7757
Affected Products:
                    SUSE Linux Enterprise Live Patching 12-SP3
______________________________________________________________________________

   An update that solves 7 vulnerabilities and has 40 fixes is
   now available.

Description:


   The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.156 to receive
   various security and bugfixes.

   The following security bugs were fixed:

   - CVE-2018-16597: Incorrect access checking in overlayfs mounts could have
     been used by local attackers to modify or truncate files in the
     underlying filesystem (bnc#1106512).
   - CVE-2018-14613: Prevent invalid pointer dereference in io_ctl_map_page()
     when mounting and operating a crafted btrfs image, caused by a lack of
     block group item validation in check_leaf_item (bsc#1102896)
   - CVE-2018-14617: Prevent NULL pointer dereference and panic in
     hfsplus_lookup() when opening a file (that is purportedly a hard link)
     in an hfs+ filesystem that has malformed catalog data, and is mounted
     read-only without a metadata directory (bsc#1102870)
   - CVE-2018-16276: Incorrect bounds checking in the yurex USB driver in
     yurex_read allowed local attackers to use user access read/writes to
     crash the kernel or potentially escalate privileges (bsc#1106095)
   - CVE-2018-7757: Memory leak in the sas_smp_get_phy_events function in
     drivers/scsi/libsas/sas_expander.c allowed local users to cause a denial
     of service (memory consumption) via many read accesses to files in the
     /sys/class/sas_phy directory, as demonstrated by the
     /sys/class/sas_phy/phy-1:0:12/invalid_dword_count file (bnc#1084536)
   - CVE-2018-7480: The blkcg_init_queue function allowed local users to
     cause a denial of service (double free) or possibly have unspecified
     other impact by triggering a creation failure (bsc#1082863).
   - CVE-2018-17182: The vmacache_flush_all function in mm/vmacache.c
     mishandled sequence number overflows. An attacker can trigger a
     use-after-free (and possibly gain privileges) via certain thread
     creation, map, unmap, invalidation, and dereference operations
     (bnc#1108399).

   The following non-security bugs were fixed:

   - asm/sections: add helpers to check for section data (bsc#1063026).
   - ASoC: wm8994: Fix missing break in switch (bnc#1012382).
   - block: bvec_nr_vecs() returns value for wrong slab (bsc#1082979).
   - bpf: fix overflow in prog accounting (bsc#1012382).
   - btrfs: Add checker for EXTENT_CSUM (bsc#1102882, bsc#1102896,
     bsc#1102879, bsc#1102877, bsc#1102875,).
   - btrfs: Add sanity check for EXTENT_DATA when reading out leaf
     (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
   - btrfs: Check if item pointer overlaps with the item itself (bsc#1102882,
     bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
   - btrfs: Check that each block group has corresponding chunk at mount time
     (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
   - btrfs: Introduce mount time chunk <-> dev extent mapping check
     (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
   - btrfs: Move leaf and node validation checker to tree-checker.c
     (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
   - btrfs: relocation: Only remove reloc rb_trees if reloc control has been
     initialized (bnc#1012382).
   - btrfs: replace: Reset on-disk dev stats value after replace
     (bnc#1012382).
   - btrfs: scrub: Do not use inode page cache in
     scrub_handle_errored_block() (bsc#1108096).
   - btrfs: tree-checker: Add checker for dir item (bsc#1102882, bsc#1102896,
     bsc#1102879, bsc#1102877, bsc#1102875,).
   - btrfs: tree-checker: Detect invalid and empty essential trees
     (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
   - btrfs: tree-checker: Enhance btrfs_check_node output (bsc#1102882,
     bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
   - btrfs: tree-checker: Enhance output for btrfs_check_leaf (bsc#1102882,
     bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
   - btrfs: tree-checker: Enhance output for check_csum_item (bsc#1102882,
     bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
   - btrfs: tree-checker: Enhance output for check_extent_data_item
     (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
   - btrfs: tree-checker: Fix false panic for sanity test (bsc#1102882,
     bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
   - btrfs: tree-checker: Replace root parameter with fs_info (bsc#1102882,
     bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
   - btrfs: tree-checker: use %zu format string for size_t (bsc#1102882,
     bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
   - btrfs: tree-checker: use %zu format string for size_t (bsc#1102882,
     bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
   - btrfs: tree-checker: Verify block_group_item (bsc#1102882, bsc#1102896,
     bsc#1102879, bsc#1102877, bsc#1102875,).
   - btrfs: use correct compare function of dirty_metadata_bytes
     (bnc#1012382).
   - btrfs: Verify that every chunk has corresponding block group at mount
     time (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
   - cifs: check if SMB2 PDU size has been padded and suppress the warning
     (bnc#1012382).
   - crypto: clarify licensing of OpenSSL asm code ().
   - crypto: vmx - Remove overly verbose printk from AES XTS init (git-fixes).
   - debugobjects: Make stack check warning more informative (bnc#1012382).
   - dm kcopyd: avoid softlockup in run_complete_job (bnc#1012382).
   - dm-mpath: do not try to access NULL rq (bsc#1110337).
   - EDAC: Fix memleak in module init error path (bsc#1109441).
   - EDAC, i7core: Fix memleaks and use-after-free on probe and remove
     (1109441).
   - fat: validate ->i_start before using (bnc#1012382).
   - Fixes: Commit cdbf92675fad ("mm: numa: avoid waiting on freed migrated
     pages") (bnc#1012382).
   - Follow-up fix for
   patches.arch/01-jump_label-reduce-the-size-of-struct-static_key-kabi.patch
     (bsc#1108803).
   - fork: do not copy inconsistent signal handler state to child
     (bnc#1012382).
   - fs/dcache.c: fix kmemcheck splat at take_dentry_name_snapshot()
     (bnc#1012382).
   - genirq: Delay incrementing interrupt count if it's disabled/pending
     (bnc#1012382).
   - grow_cache: we still have a code which uses both __GFP_ZERO and
     constructors. The code seems to be correct and the warning does more
     harm than good so revert for the the meantime until we catch offenders.
     (bnc#1110297)
   - hfsplus: do not return 0 when fill_super() failed (bnc#1012382).
   - hfs: prevent crash on exit from failed search (bnc#1012382).
   - ib_srp: Remove WARN_ON in srp_terminate_io() (bsc#1094562).
   - ipvs: fix race between ip_vs_conn_new() and ip_vs_del_dest()
     (bnc#1012382).
   - irqchip/bcm7038-l1: Hide cpu offline callback when building for !SMP
     (bnc#1012382).
   - irqchip/gic-v3: Add missing barrier to 32bit version of gic_read_iar()
     (bnc#1012382).
   - kabi protect hnae_ae_ops (bsc#1107924).
   - kbuild: make missing $DEPMOD a Warning instead of an Error (bnc#1012382).
   - l2tp: cast l2tp traffic counter to unsigned (bsc#1099810).
   - mei: me: allow runtime pm for platform with D0i3 (bnc#1012382).
   - mfd: sm501: Set coherent_dma_mask when creating subdevices (bnc#1012382).
   - mm/fadvise.c: fix signed overflow UBSAN complaint (bnc#1012382).
   - net/9p: fix error path of p9_virtio_probe (bnc#1012382).
   - net: bcmgenet: use MAC link status for fixed phy (bnc#1012382).
   - net: ena: Eliminate duplicate barriers on weakly-ordered archs
     (bsc#1108240).
   - net: ena: fix device destruction to gracefully free resources
     (bsc#1108240).
   - net: ena: fix driver when PAGE_SIZE == 64kB (bsc#1108240).
   - net: ena: fix incorrect usage of memory barriers (bsc#1108240).
   - net: ena: fix missing calls to READ_ONCE (bsc#1108240).
   - net: ena: fix missing lock during device destruction (bsc#1108240).
   - net: ena: fix potential double ena_destroy_device() (bsc#1108240).
   - net: ena: fix surprise unplug NULL dereference kernel crash
     (bsc#1108240).
   - net: hns: add netif_carrier_off before change speed and duplex
     (bsc#1107924).
   - net: hns: add the code for cleaning pkt in chip (bsc#1107924).
   - nvme_fc: add 'nvme_discovery' sysfs attribute to fc transport device
     (bsc#1044189).
   - nvmet: fixup crash on NULL device path (bsc#1082979).
   - ovl: modify ovl_permission() to do checks on two inodes (bsc#1106512)
   - ovl: proper cleanup of workdir (bnc#1012382).
   - ovl: rename is_merge to is_lowest (bnc#1012382).
   - PCI: mvebu: Fix I/O space end address calculation (bnc#1012382).
   - platform/x86: asus-nb-wmi: Add keymap entry for lid flip action on UX360
     (bnc#1012382).
   - powerpc/64: Do load of PACAKBASE in LOAD_HANDLER (bsc#1094244).
   - powerpc/book3s: Fix MCE console messages for unrecoverable MCE
     (bsc#1094244).
   - powerpc/fadump: cleanup crash memory ranges support (bsc#1103269).
   - powerpc/fadump: re-register firmware-assisted dump if already registered
     (bsc#1108170, bsc#1108823).
   - powerpc: Fix size calculation using resource_size() (bnc#1012382).
   - powerpc/mce: Move 64-bit machine check code into mce.c (bsc#1094244).
   - powerpc/perf/hv-24x7: Fix off-by-one error in request_buffer check
     (git-fixes).
   - powerpc/powernv/ioda2: Reduce upper limit for DMA window size
     (bsc#1066223).
   - powerpc/powernv: Rename machine_check_pSeries_early() to powernv
     (bsc#1094244).
   - powerpc/pseries: Avoid using the size greater than RTAS_ERROR_LOG_MAX
     (bnc#1012382).
   - powerpc/pseries: Disable CPU hotplug across migrations (bsc#1066223).
   - powerpc/pseries: Remove prrn_work workqueue (bsc#1102495, bsc#1109337).
   - powerpc/pseries: Remove unneeded uses of dlpar work queue (bsc#1102495,
     bsc#1109337).
   - powerpc/tm: Fix userspace r13 corruption (bsc#1109333).
   - RDMA/rw: Fix rdma_rw_ctx_signature_init() kernel-doc header
     (bsc#1082979).
   - reiserfs: change j_timestamp type to time64_t (bnc#1012382).
   - Revert "ARM: imx_v6_v7_defconfig: Select ULPI support" (bnc#1012382).
   - s390/dasd: fix hanging offline processing due to canceled worker
     (bnc#1012382).
   - s390/lib: use expoline for all bcr instructions (LTC#171029 bnc#1012382
     bnc#1106934).
   - sch_hhf: fix null pointer dereference on init failure (bnc#1012382).
   - sch_htb: fix crash on init failure (bnc#1012382).
   - sch_multiq: fix double free on init failure (bnc#1012382).
   - sch_netem: avoid null pointer deref on init failure (bnc#1012382).
   - sch_tbf: fix two null pointer dereferences on init failure (bnc#1012382).
   - scripts: modpost: check memory allocation results (bnc#1012382).
   - scsi: aic94xx: fix an error code in aic94xx_init() (bnc#1012382).
   - scsi: ipr: System hung while dlpar adding primary ipr adapter back
     (bsc#1109336).
   - scsi: qla2xxx: Add changes for devloss timeout in driver (bsc#1084427).
   - scsi: qla2xxx: Add FC-NVMe abort processing (bsc#1084427).
   - scsi: qla2xxx: Add longer window for chip reset (bsc#1094555).
   - scsi: qla2xxx: Avoid double completion of abort command (bsc#1094555).
   - scsi: qla2xxx: Cleanup code to improve FC-NVMe error handling
     (bsc#1084427).
   - scsi: qla2xxx: Cleanup for N2N code (bsc#1094555).
   - scsi: qla2xxx: correctly shift host byte (bsc#1094555).
   - scsi: qla2xxx: Correct setting of SAM_STAT_CHECK_CONDITION (bsc#1094555).
   - scsi: qla2xxx: Delete session for nport id change (bsc#1094555).
   - scsi: qla2xxx: Fix Async GPN_FT for FCP and FC-NVMe scan (bsc#1084427).
   - scsi: qla2xxx: Fix crash on qla2x00_mailbox_command (bsc#1094555).
   - scsi: qla2xxx: Fix double free bug after firmware timeout (bsc#1094555).
   - scsi: qla2xxx: Fix driver unload by shutting down chip (bsc#1094555).
   - scsi: qla2xxx: fix error message on ignore_df check from vti6_xmit() (bnc#1012382).
   - watchdog: w83627hf_wdt: Add quirk for Inves system (bsc#1106434).
   - x86/entry/64: Remove %ebx handling from error_entry/exit (bnc#1102715).
   - x86/pae: use 64 bit atomic xchg function in native_ptep_get_and_clear
     (bnc#1012382).
   - x86/speculation/l1tf: Fix up pte->pfn conversion for PAE (bnc#1012382).
   - xen: avoid crash in disable_hotplug_cpu (bsc#1106594).
   - xfs: add a new xfs_iext_lookup_extent_before helper (bsc#1095344).
   - xfs: add asserts for the mmap lock in xfs_{insert,collapse}_file_space
     (bsc#1095344).
   - xfs: add a xfs_bmap_fork_to_state helper (bsc#1095344).
   - xfs: add a xfs_iext_update_extent helper (bsc#1095344).
   - xfs: add comments documenting the rebalance algorithm (bsc#1095344).
   - xfs: add some comments to xfs_iext_insert/xfs_iext_insert_node
     (bsc#1095344).
   - xfs: add xfs_trim_extent (bsc#1095344).
   - xfs: allow unaligned extent records in xfs_bmbt_disk_set_all
     (bsc#1095344).
   - xfs: borrow indirect blocks from freed extent when available
     (bsc#1095344).
   - xfs: cleanup xfs_bmap_last_before (bsc#1095344).
   - xfs: do not create overlapping extents in xfs_bmap_add_extent_delay_real
     (bsc#1095344).
   - xfs: do not rely on extent indices in xfs_bmap_collapse_extents
     (bsc#1095344).
   - xfs: do not rely on extent indices in xfs_bmap_insert_extents
     (bsc#1095344).
   - xfs: do not set XFS_BTCUR_BPRV_WASDEL in xfs_bunmapi (bsc#1095344).
   - xfs: during btree split, save new block key and ptr for future insertion
     (bsc#1095344).
   - xfs: factor out a helper to initialize a local format inode fork
     (bsc#1095344).
   - xfs: fix memory leak in xfs_iext_free_last_leaf (bsc#1095344).
   - xfs: fix number of records handling in xfs_iext_split_leaf (bsc#1095344).
   - xfs: fix transaction allocation deadlock in IO path (bsc#1090535).
   - xfs: handle indlen shortage on delalloc extent merge (bsc#1095344).
   - xfs: handle zero entries case in xfs_iext_rebalance_leaf (bsc#1095344).
   - xfs: improve kmem_realloc (bsc#1095344).
   - xfs: inline xfs_shift_file_space into callers (bsc#1095344).
   - xfs: introduce the xfs_iext_cursor abstraction (bsc#1095344).
   - xfs: iterate over extents in xfs_bmap_extents_to_btree (bsc#1095344).
   - xfs: iterate over extents in xfs_iextents_copy (bsc#1095344).
   - xfs: make better use of the 'state' variable in xfs_bmap_del_extent_real
     (bsc#1095344).
   - xfs: merge xfs_bmap_read_extents into xfs_iread_extents (bsc#1095344).
   - xfs: move pre/post-bmap tracing into xfs_iext_update_extent
     (bsc#1095344).
   - xfs: move some code around inside xfs_bmap_shift_extents (bsc#1095344).
   - xfs: move some more code into xfs_bmap_del_extent_real (bsc#1095344).
   - xfs: move xfs_bmbt_irec and xfs_exntst_t to xfs_types.h (bsc#1095344).
   - xfs: move xfs_iext_insert tracepoint to report useful information
     (bsc#1095344).
   - xfs: new inode extent list lookup helpers (bsc#1095344).
   - xfs: only run torn log write detection on dirty logs (bsc#1095753).
   - xfs: pass an on-disk extent to xfs_bmbt_validate_extent (bsc#1095344).
   - xfs: pass a struct xfs_bmbt_irec to xfs_bmbt_lookup_eq (bsc#1095344).
   - xfs: pass a struct xfs_bmbt_irec to xfs_bmbt_update (bsc#1095344).
   - xfs: pass struct xfs_bmbt_irec to xfs_bmbt_validate_extent (bsc#1095344).
   - xfs: provide helper for counting extents from if_bytes (bsc#1095344).
   - xfs: refactor delalloc accounting in xfs_bmap_add_extent_delay_real
     (bsc#1095344).
   - xfs: refactor delalloc indlen reservation split into helper
     (bsc#1095344).
   - xfs: refactor dir2 leaf readahead shadow buffer cleverness (bsc#1095344).
   - xfs: refactor in-core log state update to helper (bsc#1095753).
   - xfs: refactor unmount record detection into helper (bsc#1095753).
   - xfs: refactor xfs_bmap_add_extent_delay_real (bsc#1095344).
   - xfs: refactor xfs_bmap_add_extent_hole_delay (bsc#1095344).
   - xfs: refactor xfs_bmap_add_extent_hole_real (bsc#1095344).
   - xfs: refactor xfs_bmap_add_extent_unwritten_real (bsc#1095344).
   - xfs: refactor xfs_bunmapi_cow (bsc#1095344).
   - xfs: refactor xfs_del_extent_real (bsc#1095344).
   - xfs: remove a duplicate assignment in xfs_bmap_add_extent_delay_real
     (bsc#1095344).
   - xfs: remove all xfs_bmbt_set_* helpers except for xfs_bmbt_set_all
     (bsc#1095344).
   - xfs: remove a superflous assignment in xfs_iext_remove_node
     (bsc#1095344).
   - xfs: remove if_rdev (bsc#1095344).
   - xfs: remove prev argument to xfs_bmapi_reserve_delalloc (bsc#1095344).
   - xfs: remove support for inlining data/extents into the inode fork
     (bsc#1095344).
   - xfs: remove the never fully implemented UUID fork format (bsc#1095344).
   - xfs: remove the nr_extents argument to xfs_iext_insert (bsc#1095344).
   - xfs: remove the nr_extents argument to xfs_iext_remove (bsc#1095344).
   - xfs: remove XFS_BMAP_MAX_SHIFT_EXTENTS (bsc#1095344).
   - xfs: remove XFS_BMAP_TRACE_EXLIST (bsc#1095344).
   - xfs: remove xfs_bmbt_get_state (bsc#1095344).
   - xfs: remove xfs_bmse_shift_one (bsc#1095344).
   - xfs: rename bno to end in __xfs_bunmapi (bsc#1095344).
   - xfs: replace xfs_bmbt_lookup_ge with xfs_bmbt_lookup_first (bsc#1095344).
   - xfs: replace xfs_qm_get_rtblks with a direct call to
     xfs_bmap_count_leaves (bsc#1095344).
   - xfs: rewrite getbmap using the xfs_iext_* helpers (bsc#1095344).
   - xfs: rewrite xfs_bmap_count_leaves using xfs_iext_get_extent
     (bsc#1095344).
   - xfs: rewrite xfs_bmap_first_unused to make better use of
     xfs_iext_get_extent (bsc#1095344).
   - xfs: separate log head record discovery from verification (bsc#1095753).
   - xfs: simplify the xfs_getbmap interface (bsc#1095344).
   - xfs: simplify validation of the unwritten extent bit (bsc#1095344).
   - xfs: split indlen reservations fairly when under reserved (bsc#1095344).
   - xfs: split xfs_bmap_shift_extents (bsc#1095344).
   - xfs: switch xfs_bmap_local_to_extents to use xfs_iext_insert
     (bsc#1095344).
   - xfs: treat idx as a cursor in xfs_bmap_add_extent_delay_real
     (bsc#1095344).
   - xfs: treat idx as a cursor in xfs_bmap_add_extent_hole_delay
     (bsc#1095344).
   - xfs: treat idx as a cursor in xfs_bmap_add_extent_hole_real
     (bsc#1095344).
   - xfs: treat idx as a cursor in xfs_bmap_add_extent_unwritten_real
     (bsc#1095344).
   - xfs: treat idx as a cursor in xfs_bmap_collapse_extents (bsc#1095344).
   - xfs: treat idx as a cursor in xfs_bmap_del_extent_* (bsc#1095344).
   - xfs: update freeblocks counter after extent deletion (bsc#1095344).
   - xfs: update got in xfs_bmap_shift_update_extent (bsc#1095344).
   - xfs: use a b+tree for the in-core extent list (bsc#1095344).
   - xfs: use correct state defines in xfs_bmap_del_extent_{cow,delay}
     (bsc#1095344).
   - xfs: use new extent lookup helpers in xfs_bmapi_read (bsc#1095344).
   - xfs: use new extent lookup helpers in xfs_bmapi_write (bsc#1095344).
   - xfs: use new extent lookup helpers in __xfs_bunmapi (bsc#1095344).
   - xfs: use the state defines in xfs_bmap_del_extent_real (bsc#1095344).
   - xfs: use xfs_bmap_del_extent_delay for the data fork as well
     (bsc#1095344).
   - xfs: use xfs_iext_*_extent helpers in xfs_bmap_shift_extents
     (bsc#1095344).
   - xfs: use xfs_iext_*_extent helpers in xfs_bmap_split_extent_at
     (bsc#1095344).
   - xfs: use xfs_iext_get_extent instead of open coding it (bsc#1095344).
   - xfs: use xfs_iext_get_extent in xfs_bmap_first_unused (bsc#1095344).


Special Instructions and Notes:

   Please reboot the system after installing this update.

Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Live Patching 12-SP3:

      zypper in -t patch SUSE-SLE-Live-Patching-12-SP3-2018-2135=1



Package List:

   - SUSE Linux Enterprise Live Patching 12-SP3 (ppc64le x86_64):

      kgraft-patch-4_4_156-94_57-default-1-4.3.5
      kgraft-patch-4_4_156-94_57-default-debuginfo-1-4.3.5


References:

   https://www.suse.com/security/cve/CVE-2018-14613.html
   https://www.suse.com/security/cve/CVE-2018-14617.html
   https://www.suse.com/security/cve/CVE-2018-16276.html
   https://www.suse.com/security/cve/CVE-2018-16597.html
   https://www.suse.com/security/cve/CVE-2018-17182.html
   https://www.suse.com/security/cve/CVE-2018-7480.html
   https://www.suse.com/security/cve/CVE-2018-7757.html
   https://bugzilla.suse.com/1012382
   https://bugzilla.suse.com/1044189
   https://bugzilla.suse.com/1063026
   https://bugzilla.suse.com/1066223
   https://bugzilla.suse.com/1082863
   https://bugzilla.suse.com/1082979
   https://bugzilla.suse.com/1084427
   https://bugzilla.suse.com/1084536
   https://bugzilla.suse.com/1087209
   https://bugzilla.suse.com/1088087
   https://bugzilla.suse.com/1090535
   https://bugzilla.suse.com/1091815
   https://bugzilla.suse.com/1094244
   https://bugzilla.suse.com/1094555
   https://bugzilla.suse.com/1094562
   https://bugzilla.suse.com/1095344
   https://bugzilla.suse.com/1095753
   https://bugzilla.suse.com/1096547
   https://bugzilla.suse.com/1099810
   https://bugzilla.suse.com/1102495
   https://bugzilla.suse.com/1102715
   https://bugzilla.suse.com/1102870
   https://bugzilla.suse.com/1102875
   https://bugzilla.suse.com/1102877
   https://bugzilla.suse.com/1102879
   https://bugzilla.suse.com/1102882
   https://bugzilla.suse.com/1102896
   https://bugzilla.suse.com/1103156
   https://bugzilla.suse.com/1103269
   https://bugzilla.suse.com/1106095
   https://bugzilla.suse.com/1106434
   https://bugzilla.suse.com/1106512
   https://bugzilla.suse.com/1106594
   https://bugzilla.suse.com/1106934
   https://bugzilla.suse.com/1107924
   https://bugzilla.suse.com/1108096
   https://bugzilla.suse.com/1108170
   https://bugzilla.suse.com/1108240
   https://bugzilla.suse.com/1108399
   https://bugzilla.suse.com/1108803
   https://bugzilla.suse.com/1108823
   https://bugzilla.suse.com/1109333
   https://bugzilla.suse.com/1109336
   https://bugzilla.suse.com/1109337
   https://bugzilla.suse.com/1109441
   https://bugzilla.suse.com/1110297
   https://bugzilla.suse.com/1110337

_______________________________________________
sle-security-updates mailing list
sle-security-updates@lists.suse.com
http://lists.suse.com/mailman/listinfo/sle-security-updates

SUSE: 2018:3004-1 important: the Linux Kernel

October 4, 2018
An update that solves 7 vulnerabilities and has 40 fixes is now available

Summary

The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.156 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-16597: Incorrect access checking in overlayfs mounts could have been used by local attackers to modify or truncate files in the underlying filesystem (bnc#1106512). - CVE-2018-14613: Prevent invalid pointer dereference in io_ctl_map_page() when mounting and operating a crafted btrfs image, caused by a lack of block group item validation in check_leaf_item (bsc#1102896) - CVE-2018-14617: Prevent NULL pointer dereference and panic in hfsplus_lookup() when opening a file (that is purportedly a hard link) in an hfs+ filesystem that has malformed catalog data, and is mounted read-only without a metadata directory (bsc#1102870) - CVE-2018-16276: Incorrect bounds checking in the yurex USB driver in yurex_read allowed local attackers to use user access read/writes to crash the kernel or potentially escalate privileges (bsc#1106095) - CVE-2018-7757: Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c allowed local users to cause a denial of service (memory consumption) via many read accesses to files in the /sys/class/sas_phy directory, as demonstrated by the /sys/class/sas_phy/phy-1:0:12/invalid_dword_count file (bnc#1084536) - CVE-2018-7480: The blkcg_init_queue function allowed local users to cause a denial of service (double free) or possibly have unspecified other impact by triggering a creation failure (bsc#1082863). - CVE-2018-17182: The vmacache_flush_all function in mm/vmacache.c mishandled sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations (bnc#1108399). The following non-security bugs were fixed: - asm/sections: add helpers to check for section data (bsc#1063026). - ASoC: wm8994: Fix missing break in switch (bnc#1012382). - block: bvec_nr_vecs() returns value for wrong slab (bsc#1082979). - bpf: fix overflow in prog accounting (bsc#1012382). - btrfs: Add checker for EXTENT_CSUM (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,). - btrfs: Add sanity check for EXTENT_DATA when reading out leaf (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,). - btrfs: Check if item pointer overlaps with the item itself (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,). - btrfs: Check that each block group has corresponding chunk at mount time (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,). - btrfs: Introduce mount time chunk <-> dev extent mapping check (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,). - btrfs: Move leaf and node validation checker to tree-checker.c (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,). - btrfs: relocation: Only remove reloc rb_trees if reloc control has been initialized (bnc#1012382). - btrfs: replace: Reset on-disk dev stats value after replace (bnc#1012382). - btrfs: scrub: Do not use inode page cache in scrub_handle_errored_block() (bsc#1108096). - btrfs: tree-checker: Add checker for dir item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,). - btrfs: tree-checker: Detect invalid and empty essential trees (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,). - btrfs: tree-checker: Enhance btrfs_check_node output (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,). - btrfs: tree-checker: Enhance output for btrfs_check_leaf (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,). - btrfs: tree-checker: Enhance output for check_csum_item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,). - btrfs: tree-checker: Enhance output for check_extent_data_item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,). - btrfs: tree-checker: Fix false panic for sanity test (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,). - btrfs: tree-checker: Replace root parameter with fs_info (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,). - btrfs: tree-checker: use %zu format string for size_t (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,). - btrfs: tree-checker: use %zu format string for size_t (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,). - btrfs: tree-checker: Verify block_group_item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,). - btrfs: use correct compare function of dirty_metadata_bytes (bnc#1012382). - btrfs: Verify that every chunk has corresponding block group at mount time (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,). - cifs: check if SMB2 PDU size has been padded and suppress the warning (bnc#1012382). - crypto: clarify licensing of OpenSSL asm code (). - crypto: vmx - Remove overly verbose printk from AES XTS init (git-fixes). - debugobjects: Make stack check warning more informative (bnc#1012382). - dm kcopyd: avoid softlockup in run_complete_job (bnc#1012382). - dm-mpath: do not try to access NULL rq (bsc#1110337). - EDAC: Fix memleak in module init error path (bsc#1109441). - EDAC, i7core: Fix memleaks and use-after-free on probe and remove (1109441). - fat: validate ->i_start before using (bnc#1012382). - Fixes: Commit cdbf92675fad ("mm: numa: avoid waiting on freed migrated pages") (bnc#1012382). - Follow-up fix for patches.arch/01-jump_label-reduce-the-size-of-struct-static_key-kabi.patch (bsc#1108803). - fork: do not copy inconsistent signal handler state to child (bnc#1012382). - fs/dcache.c: fix kmemcheck splat at take_dentry_name_snapshot() (bnc#1012382). - genirq: Delay incrementing interrupt count if it's disabled/pending (bnc#1012382). - grow_cache: we still have a code which uses both __GFP_ZERO and constructors. The code seems to be correct and the warning does more harm than good so revert for the the meantime until we catch offenders. (bnc#1110297) - hfsplus: do not return 0 when fill_super() failed (bnc#1012382). - hfs: prevent crash on exit from failed search (bnc#1012382). - ib_srp: Remove WARN_ON in srp_terminate_io() (bsc#1094562). - ipvs: fix race between ip_vs_conn_new() and ip_vs_del_dest() (bnc#1012382). - irqchip/bcm7038-l1: Hide cpu offline callback when building for !SMP (bnc#1012382). - irqchip/gic-v3: Add missing barrier to 32bit version of gic_read_iar() (bnc#1012382). - kabi protect hnae_ae_ops (bsc#1107924). - kbuild: make missing $DEPMOD a Warning instead of an Error (bnc#1012382). - l2tp: cast l2tp traffic counter to unsigned (bsc#1099810). - mei: me: allow runtime pm for platform with D0i3 (bnc#1012382). - mfd: sm501: Set coherent_dma_mask when creating subdevices (bnc#1012382). - mm/fadvise.c: fix signed overflow UBSAN complaint (bnc#1012382). - net/9p: fix error path of p9_virtio_probe (bnc#1012382). - net: bcmgenet: use MAC link status for fixed phy (bnc#1012382). - net: ena: Eliminate duplicate barriers on weakly-ordered archs (bsc#1108240). - net: ena: fix device destruction to gracefully free resources (bsc#1108240). - net: ena: fix driver when PAGE_SIZE == 64kB (bsc#1108240). - net: ena: fix incorrect usage of memory barriers (bsc#1108240). - net: ena: fix missing calls to READ_ONCE (bsc#1108240). - net: ena: fix missing lock during device destruction (bsc#1108240). - net: ena: fix potential double ena_destroy_device() (bsc#1108240). - net: ena: fix surprise unplug NULL dereference kernel crash (bsc#1108240). - net: hns: add netif_carrier_off before change speed and duplex (bsc#1107924). - net: hns: add the code for cleaning pkt in chip (bsc#1107924). - nvme_fc: add 'nvme_discovery' sysfs attribute to fc transport device (bsc#1044189). - nvmet: fixup crash on NULL device path (bsc#1082979). - ovl: modify ovl_permission() to do checks on two inodes (bsc#1106512) - ovl: proper cleanup of workdir (bnc#1012382). - ovl: rename is_merge to is_lowest (bnc#1012382). - PCI: mvebu: Fix I/O space end address calculation (bnc#1012382). - platform/x86: asus-nb-wmi: Add keymap entry for lid flip action on UX360 (bnc#1012382). - powerpc/64: Do load of PACAKBASE in LOAD_HANDLER (bsc#1094244). - powerpc/book3s: Fix MCE console messages for unrecoverable MCE (bsc#1094244). - powerpc/fadump: cleanup crash memory ranges support (bsc#1103269). - powerpc/fadump: re-register firmware-assisted dump if already registered (bsc#1108170, bsc#1108823). - powerpc: Fix size calculation using resource_size() (bnc#1012382). - powerpc/mce: Move 64-bit machine check code into mce.c (bsc#1094244). - powerpc/perf/hv-24x7: Fix off-by-one error in request_buffer check (git-fixes). - powerpc/powernv/ioda2: Reduce upper limit for DMA window size (bsc#1066223). - powerpc/powernv: Rename machine_check_pSeries_early() to powernv (bsc#1094244). - powerpc/pseries: Avoid using the size greater than RTAS_ERROR_LOG_MAX (bnc#1012382). - powerpc/pseries: Disable CPU hotplug across migrations (bsc#1066223). - powerpc/pseries: Remove prrn_work workqueue (bsc#1102495, bsc#1109337). - powerpc/pseries: Remove unneeded uses of dlpar work queue (bsc#1102495, bsc#1109337). - powerpc/tm: Fix userspace r13 corruption (bsc#1109333). - RDMA/rw: Fix rdma_rw_ctx_signature_init() kernel-doc header (bsc#1082979). - reiserfs: change j_timestamp type to time64_t (bnc#1012382). - Revert "ARM: imx_v6_v7_defconfig: Select ULPI support" (bnc#1012382). - s390/dasd: fix hanging offline processing due to canceled worker (bnc#1012382). - s390/lib: use expoline for all bcr instructions (LTC#171029 bnc#1012382 bnc#1106934). - sch_hhf: fix null pointer dereference on init failure (bnc#1012382). - sch_htb: fix crash on init failure (bnc#1012382). - sch_multiq: fix double free on init failure (bnc#1012382). - sch_netem: avoid null pointer deref on init failure (bnc#1012382). - sch_tbf: fix two null pointer dereferences on init failure (bnc#1012382). - scripts: modpost: check memory allocation results (bnc#1012382). - scsi: aic94xx: fix an error code in aic94xx_init() (bnc#1012382). - scsi: ipr: System hung while dlpar adding primary ipr adapter back (bsc#1109336). - scsi: qla2xxx: Add changes for devloss timeout in driver (bsc#1084427). - scsi: qla2xxx: Add FC-NVMe abort processing (bsc#1084427). - scsi: qla2xxx: Add longer window for chip reset (bsc#1094555). - scsi: qla2xxx: Avoid double completion of abort command (bsc#1094555). - scsi: qla2xxx: Cleanup code to improve FC-NVMe error handling (bsc#1084427). - scsi: qla2xxx: Cleanup for N2N code (bsc#1094555). - scsi: qla2xxx: correctly shift host byte (bsc#1094555). - scsi: qla2xxx: Correct setting of SAM_STAT_CHECK_CONDITION (bsc#1094555). - scsi: qla2xxx: Delete session for nport id change (bsc#1094555). - scsi: qla2xxx: Fix Async GPN_FT for FCP and FC-NVMe scan (bsc#1084427). - scsi: qla2xxx: Fix crash on qla2x00_mailbox_command (bsc#1094555). - scsi: qla2xxx: Fix double free bug after firmware timeout (bsc#1094555). - scsi: qla2xxx: Fix driver unload by shutting down chip (bsc#1094555). - scsi: qla2xxx: fix error message on ignore_df check from vti6_xmit() (bnc#1012382). - watchdog: w83627hf_wdt: Add quirk for Inves system (bsc#1106434). - x86/entry/64: Remove %ebx handling from error_entry/exit (bnc#1102715). - x86/pae: use 64 bit atomic xchg function in native_ptep_get_and_clear (bnc#1012382). - x86/speculation/l1tf: Fix up pte->pfn conversion for PAE (bnc#1012382). - xen: avoid crash in disable_hotplug_cpu (bsc#1106594). - xfs: add a new xfs_iext_lookup_extent_before helper (bsc#1095344). - xfs: add asserts for the mmap lock in xfs_{insert,collapse}_file_space (bsc#1095344). - xfs: add a xfs_bmap_fork_to_state helper (bsc#1095344). - xfs: add a xfs_iext_update_extent helper (bsc#1095344). - xfs: add comments documenting the rebalance algorithm (bsc#1095344). - xfs: add some comments to xfs_iext_insert/xfs_iext_insert_node (bsc#1095344). - xfs: add xfs_trim_extent (bsc#1095344). - xfs: allow unaligned extent records in xfs_bmbt_disk_set_all (bsc#1095344). - xfs: borrow indirect blocks from freed extent when available (bsc#1095344). - xfs: cleanup xfs_bmap_last_before (bsc#1095344). - xfs: do not create overlapping extents in xfs_bmap_add_extent_delay_real (bsc#1095344). - xfs: do not rely on extent indices in xfs_bmap_collapse_extents (bsc#1095344). - xfs: do not rely on extent indices in xfs_bmap_insert_extents (bsc#1095344). - xfs: do not set XFS_BTCUR_BPRV_WASDEL in xfs_bunmapi (bsc#1095344). - xfs: during btree split, save new block key and ptr for future insertion (bsc#1095344). - xfs: factor out a helper to initialize a local format inode fork (bsc#1095344). - xfs: fix memory leak in xfs_iext_free_last_leaf (bsc#1095344). - xfs: fix number of records handling in xfs_iext_split_leaf (bsc#1095344). - xfs: fix transaction allocation deadlock in IO path (bsc#1090535). - xfs: handle indlen shortage on delalloc extent merge (bsc#1095344). - xfs: handle zero entries case in xfs_iext_rebalance_leaf (bsc#1095344). - xfs: improve kmem_realloc (bsc#1095344). - xfs: inline xfs_shift_file_space into callers (bsc#1095344). - xfs: introduce the xfs_iext_cursor abstraction (bsc#1095344). - xfs: iterate over extents in xfs_bmap_extents_to_btree (bsc#1095344). - xfs: iterate over extents in xfs_iextents_copy (bsc#1095344). - xfs: make better use of the 'state' variable in xfs_bmap_del_extent_real (bsc#1095344). - xfs: merge xfs_bmap_read_extents into xfs_iread_extents (bsc#1095344). - xfs: move pre/post-bmap tracing into xfs_iext_update_extent (bsc#1095344). - xfs: move some code around inside xfs_bmap_shift_extents (bsc#1095344). - xfs: move some more code into xfs_bmap_del_extent_real (bsc#1095344). - xfs: move xfs_bmbt_irec and xfs_exntst_t to xfs_types.h (bsc#1095344). - xfs: move xfs_iext_insert tracepoint to report useful information (bsc#1095344). - xfs: new inode extent list lookup helpers (bsc#1095344). - xfs: only run torn log write detection on dirty logs (bsc#1095753). - xfs: pass an on-disk extent to xfs_bmbt_validate_extent (bsc#1095344). - xfs: pass a struct xfs_bmbt_irec to xfs_bmbt_lookup_eq (bsc#1095344). - xfs: pass a struct xfs_bmbt_irec to xfs_bmbt_update (bsc#1095344). - xfs: pass struct xfs_bmbt_irec to xfs_bmbt_validate_extent (bsc#1095344). - xfs: provide helper for counting extents from if_bytes (bsc#1095344). - xfs: refactor delalloc accounting in xfs_bmap_add_extent_delay_real (bsc#1095344). - xfs: refactor delalloc indlen reservation split into helper (bsc#1095344). - xfs: refactor dir2 leaf readahead shadow buffer cleverness (bsc#1095344). - xfs: refactor in-core log state update to helper (bsc#1095753). - xfs: refactor unmount record detection into helper (bsc#1095753). - xfs: refactor xfs_bmap_add_extent_delay_real (bsc#1095344). - xfs: refactor xfs_bmap_add_extent_hole_delay (bsc#1095344). - xfs: refactor xfs_bmap_add_extent_hole_real (bsc#1095344). - xfs: refactor xfs_bmap_add_extent_unwritten_real (bsc#1095344). - xfs: refactor xfs_bunmapi_cow (bsc#1095344). - xfs: refactor xfs_del_extent_real (bsc#1095344). - xfs: remove a duplicate assignment in xfs_bmap_add_extent_delay_real (bsc#1095344). - xfs: remove all xfs_bmbt_set_* helpers except for xfs_bmbt_set_all (bsc#1095344). - xfs: remove a superflous assignment in xfs_iext_remove_node (bsc#1095344). - xfs: remove if_rdev (bsc#1095344). - xfs: remove prev argument to xfs_bmapi_reserve_delalloc (bsc#1095344). - xfs: remove support for inlining data/extents into the inode fork (bsc#1095344). - xfs: remove the never fully implemented UUID fork format (bsc#1095344). - xfs: remove the nr_extents argument to xfs_iext_insert (bsc#1095344). - xfs: remove the nr_extents argument to xfs_iext_remove (bsc#1095344). - xfs: remove XFS_BMAP_MAX_SHIFT_EXTENTS (bsc#1095344). - xfs: remove XFS_BMAP_TRACE_EXLIST (bsc#1095344). - xfs: remove xfs_bmbt_get_state (bsc#1095344). - xfs: remove xfs_bmse_shift_one (bsc#1095344). - xfs: rename bno to end in __xfs_bunmapi (bsc#1095344). - xfs: replace xfs_bmbt_lookup_ge with xfs_bmbt_lookup_first (bsc#1095344). - xfs: replace xfs_qm_get_rtblks with a direct call to xfs_bmap_count_leaves (bsc#1095344). - xfs: rewrite getbmap using the xfs_iext_* helpers (bsc#1095344). - xfs: rewrite xfs_bmap_count_leaves using xfs_iext_get_extent (bsc#1095344). - xfs: rewrite xfs_bmap_first_unused to make better use of xfs_iext_get_extent (bsc#1095344). - xfs: separate log head record discovery from verification (bsc#1095753). - xfs: simplify the xfs_getbmap interface (bsc#1095344). - xfs: simplify validation of the unwritten extent bit (bsc#1095344). - xfs: split indlen reservations fairly when under reserved (bsc#1095344). - xfs: split xfs_bmap_shift_extents (bsc#1095344). - xfs: switch xfs_bmap_local_to_extents to use xfs_iext_insert (bsc#1095344). - xfs: treat idx as a cursor in xfs_bmap_add_extent_delay_real (bsc#1095344). - xfs: treat idx as a cursor in xfs_bmap_add_extent_hole_delay (bsc#1095344). - xfs: treat idx as a cursor in xfs_bmap_add_extent_hole_real (bsc#1095344). - xfs: treat idx as a cursor in xfs_bmap_add_extent_unwritten_real (bsc#1095344). - xfs: treat idx as a cursor in xfs_bmap_collapse_extents (bsc#1095344). - xfs: treat idx as a cursor in xfs_bmap_del_extent_* (bsc#1095344). - xfs: update freeblocks counter after extent deletion (bsc#1095344). - xfs: update got in xfs_bmap_shift_update_extent (bsc#1095344). - xfs: use a b+tree for the in-core extent list (bsc#1095344). - xfs: use correct state defines in xfs_bmap_del_extent_{cow,delay} (bsc#1095344). - xfs: use new extent lookup helpers in xfs_bmapi_read (bsc#1095344). - xfs: use new extent lookup helpers in xfs_bmapi_write (bsc#1095344). - xfs: use new extent lookup helpers in __xfs_bunmapi (bsc#1095344). - xfs: use the state defines in xfs_bmap_del_extent_real (bsc#1095344). - xfs: use xfs_bmap_del_extent_delay for the data fork as well (bsc#1095344). - xfs: use xfs_iext_*_extent helpers in xfs_bmap_shift_extents (bsc#1095344). - xfs: use xfs_iext_*_extent helpers in xfs_bmap_split_extent_at (bsc#1095344). - xfs: use xfs_iext_get_extent instead of open coding it (bsc#1095344). - xfs: use xfs_iext_get_extent in xfs_bmap_first_unused (bsc#1095344).

References

#1012382 #1044189 #1063026 #1066223 #1082863

#1082979 #1084427 #1084536 #1087209 #1088087

#1090535 #1091815 #1094244 #1094555 #1094562

#1095344 #1095753 #1096547 #1099810 #1102495

#1102715 #1102870 #1102875 #1102877 #1102879

#1102882 #1102896 #1103156 #1103269 #1106095

#1106434 #1106512 #1106594 #1106934 #1107924

#1108096 #1108170 #1108240 #1108399 #1108803

#1108823 #1109333 #1109336 #1109337 #1109441

#1110297 #1110337

Cross- CVE-2018-14613 CVE-2018-14617 CVE-2018-16276

CVE-2018-16597 CVE-2018-17182 CVE-2018-7480

CVE-2018-7757

Affected Products:

SUSE Linux Enterprise Live Patching 12-SP3

https://www.suse.com/security/cve/CVE-2018-14613.html

https://www.suse.com/security/cve/CVE-2018-14617.html

https://www.suse.com/security/cve/CVE-2018-16276.html

https://www.suse.com/security/cve/CVE-2018-16597.html

https://www.suse.com/security/cve/CVE-2018-17182.html

https://www.suse.com/security/cve/CVE-2018-7480.html

https://www.suse.com/security/cve/CVE-2018-7757.html

https://bugzilla.suse.com/1012382

https://bugzilla.suse.com/1044189

https://bugzilla.suse.com/1063026

https://bugzilla.suse.com/1066223

https://bugzilla.suse.com/1082863

https://bugzilla.suse.com/1082979

https://bugzilla.suse.com/1084427

https://bugzilla.suse.com/1084536

https://bugzilla.suse.com/1087209

https://bugzilla.suse.com/1088087

https://bugzilla.suse.com/1090535

https://bugzilla.suse.com/1091815

https://bugzilla.suse.com/1094244

https://bugzilla.suse.com/1094555

https://bugzilla.suse.com/1094562

https://bugzilla.suse.com/1095344

https://bugzilla.suse.com/1095753

https://bugzilla.suse.com/1096547

https://bugzilla.suse.com/1099810

https://bugzilla.suse.com/1102495

https://bugzilla.suse.com/1102715

https://bugzilla.suse.com/1102870

https://bugzilla.suse.com/1102875

https://bugzilla.suse.com/1102877

https://bugzilla.suse.com/1102879

https://bugzilla.suse.com/1102882

https://bugzilla.suse.com/1102896

https://bugzilla.suse.com/1103156

https://bugzilla.suse.com/1103269

https://bugzilla.suse.com/1106095

https://bugzilla.suse.com/1106434

https://bugzilla.suse.com/1106512

https://bugzilla.suse.com/1106594

https://bugzilla.suse.com/1106934

https://bugzilla.suse.com/1107924

https://bugzilla.suse.com/1108096

https://bugzilla.suse.com/1108170

https://bugzilla.suse.com/1108240

https://bugzilla.suse.com/1108399

https://bugzilla.suse.com/1108803

https://bugzilla.suse.com/1108823

https://bugzilla.suse.com/1109333

https://bugzilla.suse.com/1109336

https://bugzilla.suse.com/1109337

https://bugzilla.suse.com/1109441

https://bugzilla.suse.com/1110297

https://bugzilla.suse.com/1110337

Severity
Announcement ID: SUSE-SU-2018:3004-1
Rating: important

Related News