-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2018.2401
                   Security update for the Linux Kernel
                              17 August 2018

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           kernel
Publisher:         SUSE
Operating System:  SUSE
Impact/Access:     Root Compromise        -- Existing Account      
                   Access Privileged Data -- Existing Account      
                   Denial of Service      -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2018-1000204 CVE-2018-14734 CVE-2018-13406
                   CVE-2018-13405 CVE-2018-13053 CVE-2018-12233
                   CVE-2018-10883 CVE-2018-10882 CVE-2018-10881
                   CVE-2018-10880 CVE-2018-10879 CVE-2018-10878
                   CVE-2018-10877 CVE-2018-10876 CVE-2018-10853
                   CVE-2018-9385 CVE-2018-7492 CVE-2018-5814
                   CVE-2018-5803 CVE-2018-5391 CVE-2018-5390
                   CVE-2018-3646 CVE-2018-3620 CVE-2018-1130
                   CVE-2018-1068 CVE-2017-18344 CVE-2017-13305
                   CVE-2017-11600 CVE-2016-8405 

Reference:         ASB-2018.0190
                   ESB-2018.2398
                   ESB-2018.2394
                   ESB-2018.2381
                   ESB-2018.2380
                   ESB-2018.2371
                   ESB-2018.2370
                   ESB-2018.2369
                   ESB-2018.2358
                   ESB-2018.2355

Original Bulletin: 
   https://www.suse.com/support/update/announcement/2018/suse-su-20182389-1.html
   https://www.suse.com/support/update/announcement/2018/suse-su-20182391-1.html
   https://www.suse.com/support/update/announcement/2018/suse-su-20182387-1.html
   https://www.suse.com/support/update/announcement/2018/suse-su-20182384-1.html
   https://www.suse.com/support/update/announcement/2018/suse-su-20182381-1.html
   https://www.suse.com/support/update/announcement/2018/suse-su-20182380-1.html
   https://www.suse.com/support/update/announcement/2018/suse-su-20182374-1.html
   https://www.suse.com/support/update/announcement/2018/suse-su-20182369-1.html
   https://www.suse.com/support/update/announcement/2018/suse-su-20182368-1.html
   https://www.suse.com/support/update/announcement/2018/suse-su-20182367-1.html
   https://www.suse.com/support/update/announcement/2018/suse-su-20182366-1.html
   https://www.suse.com/support/update/announcement/2018/suse-su-20182364-1.html
   https://www.suse.com/support/update/announcement/2018/suse-su-20182363-1.html
   https://www.suse.com/support/update/announcement/2018/suse-su-20182362-1.html
   https://www.suse.com/support/update/announcement/2018/suse-su-20182359-1.html
   https://www.suse.com/support/update/announcement/2018/suse-su-20182358-1.html
   https://www.suse.com/support/update/announcement/2018/suse-su-20182356-1.html
   https://www.suse.com/support/update/announcement/2018/suse-su-20182355-1.html
   https://www.suse.com/support/update/announcement/2018/suse-su-20182354-1.html
   https://www.suse.com/support/update/announcement/2018/suse-su-20182353-1.html
   https://www.suse.com/support/update/announcement/2018/suse-su-20182349-1.html
   https://www.suse.com/support/update/announcement/2018/suse-su-20182352-1.html
   https://www.suse.com/support/update/announcement/2018/suse-su-20182351-1.html
   https://www.suse.com/support/update/announcement/2018/suse-su-20182350-1.html
   https://www.suse.com/support/update/announcement/2018/suse-su-20182348-1.html
   https://www.suse.com/support/update/announcement/2018/suse-su-20182347-1.html
   https://www.suse.com/support/update/announcement/2018/suse-su-20182346-1.html
   https://www.suse.com/support/update/announcement/2018/suse-su-20182345-1.html
   https://www.suse.com/support/update/announcement/2018/suse-su-20182344-1.html
   https://www.suse.com/support/update/announcement/2018/suse-su-20182342-1.html
   https://www.suse.com/support/update/announcement/2018/suse-su-20182341-1.html

Comment: This bulletin contains thirty one (31) SUSE security advisories.

- --------------------------BEGIN INCLUDED TEXT--------------------

   SUSE Security Update: Security update for the Linux Kernel (Live Patch 20 for SLE 12 SP2)
______________________________________________________________________________

Announcement ID:    SUSE-SU-2018:2389-1
Rating:             important
References:         #1097108 #1099306 
Cross-References:   CVE-2018-10853 CVE-2018-3646
Affected Products:
                    SUSE Linux Enterprise Server for SAP 12-SP2
                    SUSE Linux Enterprise Server 12-SP2-LTSS
______________________________________________________________________________

   An update that fixes two vulnerabilities is now available.

Description:

   This update for the Linux Kernel 4.4.120-92_70 fixes several issues.

   The following security issues were fixed:

   - CVE-2018-3646: Local attackers in virtualized guest systems could use
     speculative code patterns on hyperthreaded processors to read data
     present in the L1 Datacache used by other hyperthreads on the same CPU
     core, potentially leaking sensitive data, even from other virtual
     machines or the host system (bsc#1099306).
   - CVE-2018-10853: A flaw was found in kvm. In which certain instructions
     such as sgdt/sidt call segmented_write_std didn't propagate access
     correctly. As such, during userspace induced exception, the guest can
     incorrectly assume that the exception happened in the kernel and panic.
     (bsc#1097108).


Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Server for SAP 12-SP2:

      zypper in -t patch SUSE-SLE-SAP-12-SP2-2018-1645=1 SUSE-SLE-SAP-12-SP2-2018-1646=1 SUSE-SLE-SAP-12-SP2-2018-1647=1 SUSE-SLE-SAP-12-SP2-2018-1648=1

   - SUSE Linux Enterprise Server 12-SP2-LTSS:

      zypper in -t patch SUSE-SLE-SERVER-12-SP2-2018-1645=1 SUSE-SLE-SERVER-12-SP2-2018-1646=1 SUSE-SLE-SERVER-12-SP2-2018-1647=1 SUSE-SLE-SERVER-12-SP2-2018-1648=1



Package List:

   - SUSE Linux Enterprise Server for SAP 12-SP2 (x86_64):

      kgraft-patch-4_4_120-92_70-default-5-2.1
      kgraft-patch-4_4_121-92_73-default-4-2.1
      kgraft-patch-4_4_121-92_80-default-4-2.1
      kgraft-patch-4_4_121-92_85-default-2-2.1

   - SUSE Linux Enterprise Server 12-SP2-LTSS (x86_64):

      kgraft-patch-4_4_120-92_70-default-5-2.1
      kgraft-patch-4_4_121-92_73-default-4-2.1
      kgraft-patch-4_4_121-92_80-default-4-2.1
      kgraft-patch-4_4_121-92_85-default-2-2.1


References:

   https://www.suse.com/security/cve/CVE-2018-10853.html
   https://www.suse.com/security/cve/CVE-2018-3646.html
   https://bugzilla.suse.com/1097108
   https://bugzilla.suse.com/1099306

_______________________________________________

=============================================================================
   SUSE Security Update: Security update for the Linux Kernel (Live Patch 19 for SLE 12 SP2)
______________________________________________________________________________

Announcement ID:    SUSE-SU-2018:2391-1
Rating:             important
References:         #1097108 #1099306 #1103203 
Cross-References:   CVE-2017-18344 CVE-2018-10853 CVE-2018-3646
                   
Affected Products:
                    SUSE Linux Enterprise Server for SAP 12-SP2
                    SUSE Linux Enterprise Server 12-SP2-LTSS
______________________________________________________________________________

   An update that fixes three vulnerabilities is now available.

Description:

   This update for the Linux Kernel 4.4.114-92_67 fixes several issues.

   The following security issues were fixed:

   - CVE-2018-3646: Local attackers in virtualized guest systems could use
     speculative code patterns on hyperthreaded processors to read data
     present in the L1 Datacache used by other hyperthreads on the same CPU
     core, potentially leaking sensitive data, even from other virtual
     machines or the host system (bsc#1099306).
   - CVE-2017-18344: The timer_create syscall implementation in
     kernel/time/posix-timers.c didn't properly validate the
     sigevent->sigev_notify field, which lead to out-of-bounds access in the
     show_timer function (called when /proc/$PID/timers is read). This
     allowed userspace applications to read arbitrary kernel memory (on a
     kernel built with CONFIG_POSIX_TIMERS and CONFIG_CHECKPOINT_RESTORE)
     (bsc#1103203). before 4.14.8
   - CVE-2018-10853: A flaw was found in kvm. In which certain instructions
     such as sgdt/sidt call segmented_write_std didn't propagate access
     correctly. As such, during userspace induced exception, the guest can
     incorrectly assume that the exception happened in the kernel and panic.
     (bsc#1097108).


Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Server for SAP 12-SP2:

      zypper in -t patch SUSE-SLE-SAP-12-SP2-2018-1649=1 SUSE-SLE-SAP-12-SP2-2018-1650=1 SUSE-SLE-SAP-12-SP2-2018-1652=1 SUSE-SLE-SAP-12-SP2-2018-1653=1

   - SUSE Linux Enterprise Server 12-SP2-LTSS:

      zypper in -t patch SUSE-SLE-SERVER-12-SP2-2018-1649=1 SUSE-SLE-SERVER-12-SP2-2018-1650=1 SUSE-SLE-SERVER-12-SP2-2018-1652=1 SUSE-SLE-SERVER-12-SP2-2018-1653=1



Package List:

   - SUSE Linux Enterprise Server for SAP 12-SP2 (x86_64):

      kgraft-patch-4_4_114-92_64-default-6-2.1
      kgraft-patch-4_4_114-92_67-default-6-2.1
      kgraft-patch-4_4_90-92_45-default-9-2.1
      kgraft-patch-4_4_90-92_50-default-9-2.1

   - SUSE Linux Enterprise Server 12-SP2-LTSS (x86_64):

      kgraft-patch-4_4_114-92_64-default-6-2.1
      kgraft-patch-4_4_114-92_67-default-6-2.1
      kgraft-patch-4_4_90-92_45-default-9-2.1
      kgraft-patch-4_4_90-92_50-default-9-2.1


References:

   https://www.suse.com/security/cve/CVE-2017-18344.html
   https://www.suse.com/security/cve/CVE-2018-10853.html
   https://www.suse.com/security/cve/CVE-2018-3646.html
   https://bugzilla.suse.com/1097108
   https://bugzilla.suse.com/1099306
   https://bugzilla.suse.com/1103203

_______________________________________________

=============================================================================
   SUSE Security Update: Security update for the Linux Kernel (Live Patch 13 for SLE 12 SP2)
______________________________________________________________________________

Announcement ID:    SUSE-SU-2018:2387-1
Rating:             important
References:         #1096564 #1097108 #1099306 #1103203 
Cross-References:   CVE-2017-11600 CVE-2017-18344 CVE-2018-10853
                    CVE-2018-3646
Affected Products:
                    SUSE Linux Enterprise Server for SAP 12-SP2
                    SUSE Linux Enterprise Server 12-SP2-LTSS
______________________________________________________________________________

   An update that fixes four vulnerabilities is now available.

Description:

   This update for the Linux Kernel 4.4.74-92_38 fixes several issues.

   The following security issues were fixed:

   - CVE-2018-3646: Local attackers in virtualized guest systems could use
     speculative code patterns on hyperthreaded processors to read data
     present in the L1 Datacache used by other hyperthreads on the same CPU
     core, potentially leaking sensitive data, even from other virtual
     machines or the host system (bsc#1099306).
   - CVE-2017-18344: The timer_create syscall implementation in
     kernel/time/posix-timers.c didn't properly validate the
     sigevent->sigev_notify field, which lead to out-of-bounds access in the
     show_timer function (called when /proc/$PID/timers is read). This
     allowed userspace applications to read arbitrary kernel memory (on a
     kernel built with CONFIG_POSIX_TIMERS and CONFIG_CHECKPOINT_RESTORE)
     (bsc#1103203). before 4.14.8
   - CVE-2017-11600: net/xfrm/xfrm_policy.c did not ensure that the dir value
     of xfrm_userpolicy_id is XFRM_POLICY_MAX or less, which allowed local
     users to cause a denial of service (out-of-bounds access) or possibly
     have unspecified other impact via an XFRM_MSG_MIGRATE xfrm Netlink
     message (bsc#1096564)
   - CVE-2018-10853: A flaw was found in kvm. In which certain instructions
     such as sgdt/sidt call segmented_write_std didn't propagate access
     correctly. As such, during userspace induced exception, the guest can
     incorrectly assume that the exception happened in the kernel and panic.
     (bsc#1097108).


Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Server for SAP 12-SP2:

      zypper in -t patch SUSE-SLE-SAP-12-SP2-2018-1651=1

   - SUSE Linux Enterprise Server 12-SP2-LTSS:

      zypper in -t patch SUSE-SLE-SERVER-12-SP2-2018-1651=1



Package List:

   - SUSE Linux Enterprise Server for SAP 12-SP2 (x86_64):

      kgraft-patch-4_4_74-92_38-default-11-2.1

   - SUSE Linux Enterprise Server 12-SP2-LTSS (x86_64):

      kgraft-patch-4_4_74-92_38-default-11-2.1


References:

   https://www.suse.com/security/cve/CVE-2017-11600.html
   https://www.suse.com/security/cve/CVE-2017-18344.html
   https://www.suse.com/security/cve/CVE-2018-10853.html
   https://www.suse.com/security/cve/CVE-2018-3646.html
   https://bugzilla.suse.com/1096564
   https://bugzilla.suse.com/1097108
   https://bugzilla.suse.com/1099306
   https://bugzilla.suse.com/1103203

_______________________________________________

=============================================================================
   SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID:    SUSE-SU-2018:2384-1
Rating:             important
References:         #1012382 #1064233 #1068032 #1076110 #1083635 
                    #1086654 #1087081 #1089343 #1098016 #1099592 
                    #1099924 #1100089 #1100416 #1100418 #1103119 
                    #1104365 
Cross-References:   CVE-2018-13053 CVE-2018-13405 CVE-2018-13406
                    CVE-2018-14734 CVE-2018-3620 CVE-2018-3646
                   
Affected Products:
                    SUSE Linux Enterprise Server for SAP 12-SP1
                    SUSE Linux Enterprise Server 12-SP1-LTSS
                    SUSE Linux Enterprise Module for Public Cloud 12
______________________________________________________________________________

   An update that solves 6 vulnerabilities and has 10 fixes is
   now available.

Description:



   The SUSE Linux Enterprise 12 SP1 LTSS kernel was updated to receive
   various security and bugfixes.

   The following security bugs were fixed:

   - CVE-2018-3620: Local attackers on baremetal systems could use
     speculative code patterns on hyperthreaded processors to read data
     present in the L1 Datacache used by other hyperthreads on the same CPU
     core, potentially leaking sensitive data. (bnc#1087081).
   - CVE-2018-3646: Local attackers in virtualized guest systems could use
     speculative code patterns on hyperthreaded processors to read data
     present in the L1 Datacache used by other hyperthreads on the same CPU
     core, potentially leaking sensitive data, even from other virtual
     machines or the host system. (bnc#1089343).
   - CVE-2018-14734: drivers/infiniband/core/ucma.c allowed
     ucma_leave_multicast to access a certain data structure after a cleanup
     step in ucma_process_join, which allowed attackers to cause a denial of
     service (use-after-free) (bnc#1103119).
   - CVE-2018-13053: The alarm_timer_nsleep function in
     kernel/time/alarmtimer.c had via a large relative timeout because
     ktime_add_safe is not used (bnc#1099924).
   - CVE-2018-13405: The inode_init_owner function in fs/inode.c allowed
     local users to create files with an unintended group ownership, in a
     scenario where a directory is SGID to a certain group and is writable by
     a user who is not a member of that group. Here, the non-member can
     trigger creation of a plain file whose group ownership is that group.
     The intended behavior was that the non-member can trigger creation of a
     directory (but not a plain file) whose group ownership is that group.
     The non-member can escalate privileges by making the plain file
     executable and SGID (bnc#1100416).
   - CVE-2018-13406: An integer overflow in the uvesafb_setcmap function in
     drivers/video/fbdev/uvesafb.c could result in local attackers being able
     to crash the kernel or potentially elevate privileges because
     kmalloc_array is not used (bnc#1098016 bnc#1100418).

   The following non-security bugs were fixed:

   - bcache: add backing_request_endio() for bi_end_io (bsc#1064233).
   - bcache: add CACHE_SET_IO_DISABLE to struct cache_set flags (bsc#1064233).
   - bcache: add io_disable to struct cached_dev (bsc#1064233).
   - bcache: add journal statistic (bsc#1076110).
   - bcache: Add __printf annotation to __bch_check_keys() (bsc#1076110).
   - bcache: add stop_when_cache_set_failed option to backing device
     (bsc#1064233).
   - bcache: add wait_for_kthread_stop() in bch_allocator_thread()
     (bsc#1064233).
   - bcache: Annotate switch fall-through (bsc#1076110).
   - bcache: closures: move control bits one bit right (bsc#1076110).
   - bcache: correct flash only vols (check all uuids) (bsc#1064233).
   - bcache: count backing device I/O error for writeback I/O (bsc#1064233).
   - bcache: do not attach backing with duplicate UUID (bsc#1076110).
   - bcache: Fix a compiler warning in bcache_device_init() (bsc#1076110).
   - bcache: fix cached_dev->count usage for bch_cache_set_error()
     (bsc#1064233).
   - bcache: fix crashes in duplicate cache device register (bsc#1076110).
   - bcache: fix error return value in memory shrink (bsc#1076110).
   - bcache: fix for allocator and register thread race (bsc#1076110).
   - bcache: fix for data collapse after re-attaching an attached device
     (bsc#1076110).
   - bcache: fix high CPU occupancy during journal (bsc#1076110).
   - bcache: Fix, improve efficiency of closure_sync() (bsc#1076110).
   - bcache: fix incorrect sysfs output value of strip size (bsc#1076110).
   - bcache: Fix indentation (bsc#1076110).
   - bcache: fix kcrashes with fio in RAID5 backend dev (bsc#1076110).
   - bcache: Fix kernel-doc warnings (bsc#1076110).
   - bcache: fix misleading error message in bch_count_io_errors()
     (bsc#1064233).
   - bcache: fix using of loop variable in memory shrink (bsc#1076110).
   - bcache: fix writeback target calc on large devices (bsc#1076110).
   - bcache: fix wrong return value in bch_debug_init() (bsc#1076110).
   - bcache: mark closure_sync() __sched (bsc#1076110).
   - bcache: move closure debug file into debug directory (bsc#1076110).
   - bcache: properly set task state in bch_writeback_thread() (bsc#1064233).
   - bcache: quit dc->writeback_thread when BCACHE_DEV_DETACHING is set
     (bsc#1064233).
   - bcache: reduce cache_set devices iteration by devices_max_used
     (bsc#1064233).
   - bcache: Reduce the number of sparse complaints about lock imbalances
     (bsc#1076110).
   - bcache: Remove an unused variable (bsc#1076110).
   - bcache: ret IOERR when read meets metadata error (bsc#1076110).
   - bcache: return 0 from bch_debug_init() if CONFIG_DEBUG_FS=n
     (bsc#1064233).
   - bcache: return attach error when no cache set exist (bsc#1076110).
   - bcache: segregate flash only volume write streams (bsc#1076110).
   - bcache: set CACHE_SET_IO_DISABLE in bch_cached_dev_error() (bsc#1064233).
   - bcache: set dc->io_disable to true in conditional_stop_bcache_device()
     (bsc#1064233).
   - bcache: set error_limit correctly (bsc#1064233).
   - bcache: set writeback_rate_update_seconds in range [1, 60] seconds
     (bsc#1064233).
   - bcache: stop bcache device when backing device is offline (bsc#1064233).
   - bcache: stop dc->writeback_rate_update properly (bsc#1064233).
   - bcache: stop writeback thread after detaching (bsc#1076110).
   - bcache: store disk name in struct cache and struct cached_dev
     (bsc#1064233).
   - bcache: Suppress more warnings about set-but-not-used variables
     (bsc#1076110).
   - bcache: use pr_info() to inform duplicated CACHE_SET_IO_DISABLE set
     (bsc#1064233).
   - bcache: Use PTR_ERR_OR_ZERO() (bsc#1076110).
   - cpu/hotplug: Add sysfs state interface (bsc#1089343).
   - cpu/hotplug: Provide knobs to control SMT (bsc#1089343).
   - cpu/hotplug: Provide knobs to control SMT (bsc#1089343).
   - cpu/hotplug: Split do_cpu_down() (bsc#1089343).
   - drivers: hv: vmbus: avoid infinite loop in init_vp_index() (bsc#1099592).
   - procfs: add tunable for fd/fdinfo dentry retention (bsc#10866542).
   - Revert "KVM: Fix stack-out-of-bounds read in write_mmio" (bnc#1083635).
   - sched/sysctl: Check user input value of sysctl_sched_time_avg
     (bsc#1100089).
   - x86/CPU/AMD: Do not check CPUID max ext level before parsing SMP info
     (bsc#1089343).
   - x86/cpu/AMD: Evaluate smp_num_siblings early (bsc#1089343).
   - x86/cpu/AMD: Evaluate smp_num_siblings early (bsc#1089343).
   - x86/CPU/AMD: Move TOPOEXT reenablement before reading smp_num_siblings
     (bsc#1089343).
   - x86/cpu/AMD: Remove the pointless detect_ht() call (bsc#1089343).
   - x86/cpu/common: Provide detect_ht_early() (bsc#1089343).
   - x86/cpufeatures: Add X86_BUG_SPECTRE_V[12] (bnc#1012382).
   - x86/cpu/intel: Evaluate smp_num_siblings early (bsc#1089343).
   - x86/cpu: Remove the pointless CPU printout (bsc#1089343).
   - x86/cpu/topology: Provide detect_extended_topology_early() (bsc#1089343).
   - x86/mm: Simplify p[g4um]d_page() macros (bnc#1087081).
   - x86/mm: Simplify p[g4um]xen: d_page() macros (bnc#1087081).
   - x86/smpboot: Do not use smp_num_siblings in __max_logical_packages
     calculation (bsc#1089343).
   - x86/smp: Provide topology_is_primary_thread() (bsc#1089343).
   - x86/topology: Add topology_max_smt_threads() (bsc#1089343).
   - x86/topology: Provide topology_smt_supported() (bsc#1089343).
   - x86/Xen: disable IBRS around CPU stopper function invocation (none so
     far).
   - xen/x86/cpu/common: Provide detect_ht_early() (bsc#1089343).
   - xen/x86/cpufeatures: Add X86_BUG_CPU_INSECURE (bnc#1012382).
   - xen/x86/cpufeatures: Make CPU bugs sticky (bnc#1012382).
   - xen/x86/cpu: Remove the pointless CPU printout (bsc#1089343).
   - xen/x86/cpu/topology: Provide detect_extended_topology_early()
     (bsc#1089343).
   - xen/x86/entry: Add a function to overwrite the RSB (bsc#1068032).
   - xen/x86/entry: Stuff RSB for entry to kernel for non-SMEP platform
     (bsc#1068032).
   - xen/x86/entry: Use IBRS on entry to kernel space (bsc#1068032).
   - xen/x86/mm: Set IBPB upon context switch (bsc#1068032).
   - xen/x86/pti: Rename BUG_CPU_INSECURE to BUG_CPU_MELTDOWN (bnc#1012382).


Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Server for SAP 12-SP1:

      zypper in -t patch SUSE-SLE-SAP-12-SP1-2018-1644=1

   - SUSE Linux Enterprise Server 12-SP1-LTSS:

      zypper in -t patch SUSE-SLE-SERVER-12-SP1-2018-1644=1

   - SUSE Linux Enterprise Module for Public Cloud 12:

      zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2018-1644=1



Package List:

   - SUSE Linux Enterprise Server for SAP 12-SP1 (ppc64le x86_64):

      kernel-default-3.12.74-60.64.99.1
      kernel-default-base-3.12.74-60.64.99.1
      kernel-default-base-debuginfo-3.12.74-60.64.99.1
      kernel-default-debuginfo-3.12.74-60.64.99.1
      kernel-default-debugsource-3.12.74-60.64.99.1
      kernel-default-devel-3.12.74-60.64.99.1
      kernel-syms-3.12.74-60.64.99.1

   - SUSE Linux Enterprise Server for SAP 12-SP1 (noarch):

      kernel-devel-3.12.74-60.64.99.1
      kernel-macros-3.12.74-60.64.99.1
      kernel-source-3.12.74-60.64.99.1

   - SUSE Linux Enterprise Server for SAP 12-SP1 (x86_64):

      kernel-xen-3.12.74-60.64.99.1
      kernel-xen-base-3.12.74-60.64.99.1
      kernel-xen-base-debuginfo-3.12.74-60.64.99.1
      kernel-xen-debuginfo-3.12.74-60.64.99.1
      kernel-xen-debugsource-3.12.74-60.64.99.1
      kernel-xen-devel-3.12.74-60.64.99.1
      kgraft-patch-3_12_74-60_64_99-default-1-2.3.1
      kgraft-patch-3_12_74-60_64_99-xen-1-2.3.1
      lttng-modules-2.7.0-4.2.1
      lttng-modules-debugsource-2.7.0-4.2.1
      lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.99-4.2.1
      lttng-modules-kmp-default-debuginfo-2.7.0_k3.12.74_60.64.99-4.2.1

   - SUSE Linux Enterprise Server 12-SP1-LTSS (ppc64le s390x x86_64):

      kernel-default-3.12.74-60.64.99.1
      kernel-default-base-3.12.74-60.64.99.1
      kernel-default-base-debuginfo-3.12.74-60.64.99.1
      kernel-default-debuginfo-3.12.74-60.64.99.1
      kernel-default-debugsource-3.12.74-60.64.99.1
      kernel-default-devel-3.12.74-60.64.99.1
      kernel-syms-3.12.74-60.64.99.1

   - SUSE Linux Enterprise Server 12-SP1-LTSS (x86_64):

      kernel-xen-3.12.74-60.64.99.1
      kernel-xen-base-3.12.74-60.64.99.1
      kernel-xen-base-debuginfo-3.12.74-60.64.99.1
      kernel-xen-debuginfo-3.12.74-60.64.99.1
      kernel-xen-debugsource-3.12.74-60.64.99.1
      kernel-xen-devel-3.12.74-60.64.99.1
      kgraft-patch-3_12_74-60_64_99-default-1-2.3.1
      kgraft-patch-3_12_74-60_64_99-xen-1-2.3.1
      lttng-modules-2.7.0-4.2.1
      lttng-modules-debugsource-2.7.0-4.2.1
      lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.99-4.2.1
      lttng-modules-kmp-default-debuginfo-2.7.0_k3.12.74_60.64.99-4.2.1

   - SUSE Linux Enterprise Server 12-SP1-LTSS (noarch):

      kernel-devel-3.12.74-60.64.99.1
      kernel-macros-3.12.74-60.64.99.1
      kernel-source-3.12.74-60.64.99.1

   - SUSE Linux Enterprise Server 12-SP1-LTSS (s390x):

      kernel-default-man-3.12.74-60.64.99.1

   - SUSE Linux Enterprise Module for Public Cloud 12 (x86_64):

      kernel-ec2-3.12.74-60.64.99.1
      kernel-ec2-debuginfo-3.12.74-60.64.99.1
      kernel-ec2-debugsource-3.12.74-60.64.99.1
      kernel-ec2-devel-3.12.74-60.64.99.1
      kernel-ec2-extra-3.12.74-60.64.99.1
      kernel-ec2-extra-debuginfo-3.12.74-60.64.99.1


References:

   https://www.suse.com/security/cve/CVE-2018-13053.html
   https://www.suse.com/security/cve/CVE-2018-13405.html
   https://www.suse.com/security/cve/CVE-2018-13406.html
   https://www.suse.com/security/cve/CVE-2018-14734.html
   https://www.suse.com/security/cve/CVE-2018-3620.html
   https://www.suse.com/security/cve/CVE-2018-3646.html
   https://bugzilla.suse.com/1012382
   https://bugzilla.suse.com/1064233
   https://bugzilla.suse.com/1068032
   https://bugzilla.suse.com/1076110
   https://bugzilla.suse.com/1083635
   https://bugzilla.suse.com/1086654
   https://bugzilla.suse.com/1087081
   https://bugzilla.suse.com/1089343
   https://bugzilla.suse.com/1098016
   https://bugzilla.suse.com/1099592
   https://bugzilla.suse.com/1099924
   https://bugzilla.suse.com/1100089
   https://bugzilla.suse.com/1100416
   https://bugzilla.suse.com/1100418
   https://bugzilla.suse.com/1103119
   https://bugzilla.suse.com/1104365

_______________________________________________

=============================================================================
   SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID:    SUSE-SU-2018:2381-1
Rating:             important
References:         #1051510 #1051979 #1066110 #1077761 #1086274 
                    #1086314 #1087081 #1089343 #1099811 #1099813 
                    #1099844 #1099845 #1099846 #1099849 #1099858 
                    #1099863 #1099864 #1100132 #1101116 #1101331 
                    #1101669 #1101828 #1101832 #1101833 #1101837 
                    #1101839 #1101841 #1101843 #1101844 #1101845 
                    #1101847 #1101852 #1101853 #1101867 #1101872 
                    #1101874 #1101875 #1101882 #1101883 #1101885 
                    #1101887 #1101890 #1101891 #1101893 #1101895 
                    #1101896 #1101900 #1101902 #1101903 #1102633 
                    #1102658 #1103097 #1103356 #1103421 #1103517 
                    #1103723 #1103724 #1103725 #1103726 #1103727 
                    #1103728 #1103729 #1103730 #1103917 #1103920 
                    #1103948 #1103949 #1104066 #1104111 #1104174 
                    #1104211 #1104319 
Cross-References:   CVE-2018-10876 CVE-2018-10877 CVE-2018-10878
                    CVE-2018-10879 CVE-2018-10880 CVE-2018-10881
                    CVE-2018-10882 CVE-2018-10883 CVE-2018-3620
                    CVE-2018-3646 CVE-2018-5391
Affected Products:
                    SUSE Linux Enterprise Module for Live Patching 15
______________________________________________________________________________

   An update that solves 11 vulnerabilities and has 61 fixes
   is now available.

Description:



   The SUSE Linux Enterprise 15 kernel was updated to receive various
   security and bugfixes.

   The following security bugs were fixed:

   - CVE-2018-3620: Local attackers on baremetal systems could use
     speculative code patterns on hyperthreaded processors to read data
     present in the L1 Datacache used by other hyperthreads on the same CPU
     core, potentially leaking sensitive data. (bnc#1087081).
   - CVE-2018-3646: Local attackers in virtualized guest systems could use
     speculative code patterns on hyperthreaded processors to read data
     present in the L1 Datacache used by other hyperthreads on the same CPU
     core, potentially leaking sensitive data, even from other virtual
     machines or the host system. (bnc#1089343).
   - CVE-2018-5391 aka "FragmentSmack": A flaw in the IP packet reassembly
     could be used by remote attackers to consume lots of CPU time
     (bnc#1103097).
   - CVE-2018-10876: A flaw was found in the ext4 filesystem code. A
     use-after-free is possible in ext4_ext_remove_space() function when
     mounting and operating a crafted ext4 image. (bnc#1099811)
   - CVE-2018-10877: The ext4 filesystem is vulnerable to an out-of-bound
     access in the ext4_ext_drop_refs() function when operating on a crafted
     ext4 filesystem image. (bnc#1099846)
   - CVE-2018-10878: A flaw was found in the ext4 filesystem. A local user
     can cause an out-of-bounds write and a denial of service or unspecified
     other impact is possible by mounting and operating a crafted ext4
     filesystem image. (bnc#1099813)
   - CVE-2018-10879: A flaw was found in the ext4 filesystem. A local user
     can cause a use-after-free in ext4_xattr_set_entry function and a denial
     of service or unspecified other impact may occur by renaming a file in a
     crafted ext4 filesystem image. (bnc#1099844)
   - CVE-2018-10880: Linux kernel is vulnerable to a stack-out-of-bounds
     write in the ext4 filesystem code when mounting and writing to a crafted
     ext4 image in ext4_update_inline_data(). An attacker could use this to
     cause a system crash and a denial of service. (bnc#1099845)
   - CVE-2018-10881: A flaw was found in the ext4 filesystem. A local user
     can cause an out-of-bound access in ext4_get_group_info function, a
     denial of service, and a system crash by mounting and operating on a
     crafted ext4 filesystem image. (bnc#1099864)
   - CVE-2018-10882: A flaw was found in the ext4 filesystem. A local user
     can cause an out-of-bound write in in fs/jbd2/transaction.c code, a
     denial of service, and a system crash by unmounting a crafted ext4
     filesystem image. (bnc#1099849)
   - CVE-2018-10883: A flaw was found in the ext4 filesystem. A local user
     can cause an out-of-bounds write in jbd2_journal_dirty_metadata(), a
     denial of service, and a system crash by mounting and operating on a
     crafted ext4 filesystem image. (bnc#1099863)

   The following non-security bugs were fixed:

   - acpi / lpss: Only call pwm_add_table() for Bay Trail PWM if PMIC HRV is
     2 (bsc#1051510).
   - af_key: Always verify length of provided sadb_key (bsc#1051510).
   - af_key: fix buffer overread in parse_exthdrs() (bsc#1051510).
   - af_key: fix buffer overread in verify_address_len() (bsc#1051510).
   - afs: Fix directory permissions check (bsc#1101828).
   - agp: uninorth: make two functions static (bsc#1051510).
   - alsa: emu10k1: add error handling for snd_ctl_add (bsc#1051510).
   - alsa: emu10k1: Rate-limit error messages about page errors (bsc#1051510).
   - alsa: fm801: add error handling for snd_ctl_add (bsc#1051510).
   - alsa: usb-audio: Apply rate limit to warning messages in URB complete
     callback (bsc#1051510).
   - arm64: Correct type for PUD macros (bsc#1103723).
   - arm64: Disable unhandled signal log messages by default (bsc#1103724).
   - arm64: kvm: fix VTTBR_BADDR_MASK BUG_ON off-by-one (bsc#1103725).
   - arm64: mm: Fix set_memory_valid() declaration (bsc#1103726).
   - arm64: perf: correct PMUVer probing (bsc#1103727).
   - arm64: ptrace: Avoid setting compat FPR to garbage if get_user fails
     (bsc#1103728).
   - arm64: spinlock: Fix theoretical trylock() A-B-A with LSE atomics
     (bsc#1103729).
   - arm64: vdso: fix clock_getres for 4GiB-aligned res (bsc#1103730).
   - arm: 8715/1: add a private asm/unaligned.h (bsc#1051510).
   - arm: 8720/1: ensure dump_instr() checks addr_limit (bsc#1051510).
   - arm: 8721/1: mm: dump: check hardware RO bit for LPAE (bsc#1051510).
   - arm: 8722/1: mm: make STRICT_KERNEL_RWX effective for LPAE (bsc#1051510).
   - arm: 8731/1: Fix csum_partial_copy_from_user() stack mismatch
     (bsc#1051510).
   - arm: 8743/1: bL_switcher: add MODULE_LICENSE tag (bsc#1051510).
   - arm: 8746/1: vfp: Go back to clearing vfp_current_hw_state[]
     (bsc#1051510).
   - arm: 8748/1: mm: Define vdso_start, vdso_end as array (bsc#1051510).
   - arm: 8753/1: decompressor: add a missing parameter to the addruart macro
     (bsc#1051510).
   - arm: 8758/1: decompressor: restore r1 and r2 just before jumping to the
     kernel (bsc#1051510).
   - arm: 8764/1: kgdb: fix NUMREGBYTES so that gdb_regs[] is the correct
     size (bsc#1051510).
   - arm: 8769/1: kprobes: Fix to use get_kprobe_ctlblk after irq-disabed
     (bsc#1051510).
   - arm: 8770/1: kprobes: Prohibit probing on optimized_callback
     (bsc#1051510).
   - arm: 8771/1: kprobes: Prohibit kprobes on do_undefinstr (bsc#1051510).
   - arm: 8772/1: kprobes: Prohibit kprobes on get_user functions
     (bsc#1051510).
   - arm: AM33xx: PRM: Remove am33xx_pwrdm_read_prev_pwrst function
     (bsc#1051510).
   - arm: amba: Fix race condition with driver_override (bsc#1051510).
   - arm: amba: Fix wrong indentation in driver_override_store()
     (bsc#1051510).
   - arm: amba: Make driver_override output consistent with other buses
     (bsc#1051510).
   - arm: at91: do not select CONFIG_ARM_CPU_SUSPEND for old platforms
     (bsc#1051510).
   - arm: avoid faulting on qemu (bsc#1051510).
   - arm: BUG if jumping to usermode address in kernel mode (bsc#1051510).
   - arm-ccn: perf: Prevent module unload while PMU is in use (bsc#1051510).
   - arm: davinci: Add dma_mask to dm365's eDMA device (bsc#1051510).
   - arm: davinci: board-da830-evm: fix GPIO lookup for MMC/SD (bsc#1051510).
   - arm: davinci: board-da850-evm: fix GPIO lookup for MMC/SD (bsc#1051510).
   - arm: davinci: board-da850-evm: fix WP pin polarity for MMC/SD
     (bsc#1051510).
   - arm: davinci: board-dm355-evm: fix broken networking (bsc#1051510).
   - arm: davinci: board-dm646x-evm: pass correct I2C adapter id for VPIF
     (bsc#1051510).
   - arm: davinci: board-dm646x-evm: set VPIF capture card name (bsc#1051510).
   - arm: davinci: board-omapl138-hawk: fix GPIO numbers for MMC/SD lookup
     (bsc#1051510).
   - arm: davinci: dm646x: fix timer interrupt generation (bsc#1051510).
   - arm: davinci: fix mmc entries in dm365's dma_slave_map (bsc#1051510).
   - arm: davinci: fix the GPIO lookup for omapl138-hawk (bsc#1051510).
   - arm: davinci: Use platform_device_register_full() to create pdev for
     dm365's eDMA (bsc#1051510).
   - arm: DRA722: remove redundant definition of 1.0 device (bsc#1051510).
   - arm: fix return value of parse_cpu_capacity (bsc#1051510).
   - arm: kexec: fix failure to boot crash kernel (bsc#1051510).
   - arm: kexec: fix kdump register saving on panic() (bsc#1051510).
   - arm: keystone: fix platform_domain_notifier array overrun (bsc#1051510).
   - arm: kvm: fix building with gcc-8 (bsc#1051510).
   - arm: multi_v7_defconfig: Replace DRM_RCAR_HDMI by generic bridge options
     (bsc#1051510).
   - arm: multi_v7_defconfig: Replace SND_SOC_RSRC_CARD by
     SND_SIMPLE_SCU_CARD (bsc#1051510).
   - arm: mvebu: Fix broken PL310_ERRATA_753970 selects (bsc#1051510).
   - arm: OMAP1: clock: Fix debugfs_create_*() usage (bsc#1051510).
   - arm: OMAP2+: Fix SRAM virt to phys translation for
     save_secure_ram_context (bsc#1051510).
   - arm: omap2: hide omap3_save_secure_ram on non-OMAP3 builds (bsc#1051510).
   - arm: OMAP2+: omap_device: drop broken RPM status update from
     suspend_noirq (bsc#1051510).
   - arm: OMAP2+: powerdomain: use raw_smp_processor_id() for trace
     (bsc#1051510).
   - arm: OMAP2+: timer: fix a kmemleak caused in omap_get_timer_dt
     (bsc#1051510).
   - arm: OMAP3: Fix prm wake interrupt for resume (bsc#1051510).
   - arm: OMAP3: hwmod_data: add missing module_offs for MMC3 (bsc#1051510).
   - arm: OMAP3+: PRM: fix of_irq_get() result check (bsc#1051510).
   - arm: OMAP4+: PRM: fix of_irq_get() result checks (bsc#1051510).
   - arm: OMAP: Fix dmtimer init for omap1 (bsc#1051510).
   - arm: OMAP: Fix SRAM W+X mapping (bsc#1051510).
   - arm: orion5x: Revert commit 4904dbda41c8 (bsc#1051510).
   - arm: orion: fix orion_ge00_switch_board_info initialization
     (bsc#1051510).
   - arm: pxa: select both FB and FB_W100 for eseries (bsc#1051510).
   - arm: pxa/tosa-bt: add MODULE_LICENSE tag (bsc#1051510).
   - arm: remove wrong CONFIG_PROC_SYSCTL ifdef (bsc#1051510).
   - arm: s3c24xx: Fix NAND ECC mode for mini2440 board (bsc#1051510).
   - arm: shmobile: defconfig: Enable missing PCIE_RCAR dependency
     (bsc#1051510).
   - arm: shmobile: defconfig: Replace DRM_RCAR_HDMI by generic bridge
     options (bsc#1051510).
   - arm: shmobile: defconfig: Replace SND_SOC_RSRC_CARD by
     SND_SIMPLE_SCU_CARD (bsc#1051510).
   - arm: shmobile: defconfig: Replace USB_XHCI_RCAR by USB_XHCI_PLATFORM
     (bsc#1051510).
   - arm: shmobile: rcar-gen2: Fix deadlock in regulator quirk (bsc#1051510).
   - arm: socfpga_defconfig: Remove QSPI Sector 4K size force (bsc#1051510).
   - arm: spear13xx: Fix dmas cells (bsc#1051510).
   - arm: sunxi_defconfig: Enable CMA (bsc#1051510).
   - arm: sunxi: fix the core number of V3s in sunxi README (bsc#1051510).
   - asoc: dpcm: fix BE dai not hw_free and shutdown (bsc#1051510).
   - asoc: topology: Add missing clock gating parameter when parsing
     hw_configs (bsc#1051510).
   - asoc: topology: Fix bclk and fsync inversion in set_link_hw_format()
     (bsc#1051510).
   - ata: do not schedule hot plug if it is a sas host ().
   - ath: Add regulatory mapping for APL13_WORLD (bsc#1051510).
   - ath: Add regulatory mapping for APL2_FCCA (bsc#1051510).
   - ath: Add regulatory mapping for Bahamas (bsc#1051510).
   - ath: Add regulatory mapping for Bermuda (bsc#1051510).
   - ath: Add regulatory mapping for ETSI8_WORLD (bsc#1051510).
   - ath: Add regulatory mapping for FCC3_ETSIC (bsc#1051510).
   - ath: Add regulatory mapping for Serbia (bsc#1051510).
   - ath: Add regulatory mapping for Tanzania (bsc#1051510).
   - ath: Add regulatory mapping for Uganda (bsc#1051510).
   - audit: fix potential null dereference 'context->module.name'
     (bsc#1051510).
   - backlight: pwm_bl: Do not use GPIOF_* with gpiod_get_direction
     (bsc#1051510).
   - bdi: Move cgroup bdi_writeback to a dedicated low concurrency workqueue
     (bsc#1101867).
   - befs_lookup(): use d_splice_alias() (bsc#1101844).
   - block: Fix transfer when chunk sectors exceeds max (bsc#1101874).
   - bluetooth: btusb: Add a new Realtek 8723DE ID 2ff8:b011 (bsc#1051510).
   - bluetooth: btusb: add ID for LiteOn 04ca:301a (bsc#1051510).
   - bluetooth: hci_qca: Fix "Sleep inside atomic section" warning
     (bsc#1051510).
   - branch-check: fix long->int truncation when profiling branches
     (bsc#1101116,).
   - brcmfmac: Add support for bcm43364 wireless chipset (bsc#1051510).
   - cachefiles: Fix missing clear of the CACHEFILES_OBJECT_ACTIVE flag
     (bsc#1099858).
   - cachefiles: Fix refcounting bug in backing-file read monitoring
     (bsc#1099858).
   - cachefiles: Wait rather than BUG'ing on "Unexpected object collision"
     (bsc#1099858).
   - can: dev: increase bus-off message severity (bsc#1051510).
   - can: ems_usb: Fix memory leak on ems_usb_disconnect() (bsc#1051510).
   - can: m_can: change comparison to bitshift when dealing with a mask
     (bsc#1051510).
   - cdrom: do not call check_disk_change() inside cdrom_open() (bsc#1101872).
   - clk: at91: fix clk-generated compilation (bsc#1051510).
   - clk: renesas: cpg-mssr: Stop using printk format %pCr (bsc#1051510).
   - coccinelle: fix parallel build with CHECK=scripts/coccicheck
     (bsc#1051510).
   - compiler.h: enable builtin overflow checkers and add fallback code
     (bsc#1101116,).
   - cpufreq: intel_pstate: Limit the scope of HWP dynamic boost platforms
     (bsc#1066110).
   - cpu/hotplug: Make bringup/teardown of smp threads symmetric
     (bsc#1089343).
   - cpu/hotplug: Provide knobs to control SMT (bsc#1089343).
   - cpu/hotplug: Split do_cpu_down() (bsc#1089343).
   - crypto: authenc - do not leak pointers to authenc keys (bsc#1051510).
   - crypto: authencesn - do not leak pointers to authenc keys (bsc#1051510).
   - crypto: padlock-aes - Fix Nano workaround data corruption (bsc#1051510).
   - delayacct: fix crash in delayacct_blkio_end() after delayacct init
     failure (bsc#1104066).
   - dm: add writecache target (bsc#1101116,).
   - dm: prevent DAX mounts if not supported (bsc#1103917).
   - dm writecache: support optional offset for start of device
     (bsc#1101116,).
   - dm writecache: use 2-factor allocator arguments (bsc#1101116,).
   - doc: Add vendor prefix for Kieback & Peter GmbH (bsc#1051510).
   - drivers: soc: sunxi: fix error processing on base address when claiming
     (bsc#1051510).
   - drm: Add DP PSR2 sink enable bit (bsc#1051510).
   - drm/amdgpu: Remove VRAM from shared bo domains (bsc#1051510).
   - drm/atomic: Check old_plane_state->crtc in
     drm_atomic_helper_async_check() (bsc#1051510).
   - drm/atomic: Handling the case when setting old crtc for plane
     (bsc#1051510).
   - drm/atomic-helper: Drop plane->fb references only for
     drm_atomic_helper_shutdown() (bsc#1051510).
   - drm/atomic: Initialize variables in drm_atomic_helper_async_check() to
     make gcc happy (bsc#1051510).
   - drm/atomic: Make async plane update checks work as intended, v2
     (bsc#1051510).
   - drm/atomic: Make atomic helper track newly assigned planes correctly, v2
     (bsc#1051510).
   - drm/atomic: Make atomic iterators less surprising (bsc#1051510).
   - drm/dp/mst: Fix off-by-one typo when dump payload table (bsc#1051510).
   - drm/gma500: fix psb_intel_lvds_mode_valid()'s return type (bsc#1051510).
   - drm/nouveau/fifo/gk104-: poll for runlist update completion
     (bsc#1051510).
   - drm/radeon: fix mode_valid's return type (bsc#1051510).
   - drm: re-enable error handling (bsc#1051510).
   - drm/vc4: Reset ->{x, y}_scaling[1] when dealing with uniplanar formats
     (bsc#1051510).
   - Enable / support pinctrl-lewisburg ()
   - ext2: fix a block leak (bsc#1101875).
   - ext4: add more mount time checks of the superblock (bsc#1101900).
   - ext4: bubble errors from ext4_find_inline_data_nolock() up to
     ext4_iget() (bsc#1101896).
   - ext4: check superblock mapped prior to committing (bsc#1101902).
   - ext4: do not update s_last_mounted of a frozen fs (bsc#1101841).
   - ext4: factor out helper ext4_sample_last_mounted() (bsc#1101841).
   - ext4: fix check to prevent initializing reserved inodes (bsc#1104319).
   - ext4: fix fencepost error in check for inode count overflow during
     resize (bsc#1101853).
   - ext4: include the illegal physical block in the bad map ext4_error msg
     (bsc#1101903).
   - ext4: report delalloc reserve as non-free in statfs for project quota
     (bsc#1101843).
   - ext4: update mtime in ext4_punch_hole even if no blocks are released
     (bsc#1101895).
   - f2fs: call unlock_new_inode() before d_instantiate() (bsc#1101837).
   - fix io_destroy()/aio_complete() race (bsc#1101852).
   - Force log to disk before reading the AGF during a fstrim (bsc#1101893).
   - fs: allow per-device dax status checking for filesystems (bsc#1103917).
   - fscache: Allow cancelled operations to be enqueued (bsc#1099858).
   - fscache: Fix hanging wait on page discarded by writeback (bsc#1101885).
   - fscache: Fix reference overput in fscache_attach_object() error handling
     (bsc#1099858).
   - fs: clear writeback errors in inode_init_always (bsc#1101882).
   - fs: do not scan the inode cache before SB_BORN is set (bsc#1101883).
   - genirq: Check __free_irq() return value for NULL (bsc#1103517).
   - hid: hid-plantronics: Re-resend Update to map button for PTT products
     (bsc#1051510).
   - hid: i2c-hid: check if device is there before really probing
     (bsc#1051510).
   - hippi: Fix a Fix a possible sleep-in-atomic bug in rr_close
     (bsc#1051510).
   - hv_netvsc: Ensure correct teardown message sequence order ().
   - hv/netvsc: fix handling of fallback to single queue mode ().
   - hv_netvsc: Fix net device attach on older Windows hosts ().
   - hv_netvsc: set master device (bsc#1051979).
   - hv_netvsc: Split netvsc_revoke_buf() and netvsc_teardown_gpadl() ().
   - hv_netvsc: split sub-channel setup into async and sync ().
   - hv_netvsc: Use Windows version instead of NVSP version on GPAD teardown
     ().
   - ibmasm: do not write out of bounds in read handler (bsc#1051510).
   - ibmvnic: Remove code to request error information (bsc#1104174).
   - ibmvnic: Revise RX/TX queue error messages (bsc#1101331).
   - ibmvnic: Update firmware error reporting with cause string (bsc#1104174).
   - input: elan_i2c - add ACPI ID for lenovo ideapad 330 (bsc#1051510).
   - input: elan_i2c - add another ACPI ID for Lenovo Ideapad 330-15AST
     (bsc#1051510).
   - input: i8042 - add Lenovo LaVie Z to the i8042 reset list (bsc#1051510).
   - irqchip: brcmstb-l2: Define an irq_pm_shutdown function (bsc#1051510).
   - irqchip/gic: Take lock when updating irq type (bsc#1051510).
   - irqchip/gic-v3: Change pr_debug message to pr_devel (bsc#1051510).
   - irqchip/gic-v3: Fix the driver probe() fail due to disabled GICC entry
     (bsc#1051510).
   - irqchip/gic-v3: Ignore disabled ITS nodes (bsc#1051510).
   - irqchip/gic-v3: Use wmb() instead of smb_wmb() in gic_raise_softirq()
     (bsc#1051510).
   - irqchip/qcom: Fix check for spurious interrupts (bsc#1051510).
   - irqchip/qcom: Fix u32 comparison with value less than zero (bsc#1051510).
   - isofs: fix potential memory leak in mount option parsing (bsc#1101887).
   - iwlwifi: add more card IDs for 9000 series (bsc#1051510).
   - iwlwifi: pcie: fix race in Rx buffer allocator (bsc#1051510).
   - jump_label: Fix concurrent static_key_enable/disable() (bsc#1089343).
   - jump_label: Provide hotplug context variants (bsc#1089343).
   - jump_label: Reorder hotplug lock and jump_label_lock (bsc#1089343).
   - kabi protect bdev_dax_supported (bsc#1103917).
   - kabi protect struct ccw_device_private (bsc#1103421).
   - kabi/severities: do not complain on hisi_sas internal changes ().
   - kabi/severities: ignore x86_kvm_ops; lttng-modules would have to be
     adjusted in case they depend on this particular change
   - kbuild: add '-fno-stack-check' to kernel build options (bsc#1051510).
   - kbuild: Handle builtin dtb file names containing hyphens (bsc#1051510).
   - kbuild: pkg: use --transform option to prefix paths in tar (bsc#1051510).
   - kconfig: display recursive dependency resolution hint just once
     (bsc#1051510).
   - kmemleak: add scheduling point to kmemleak_scan() (bsc#1051510).
   - kvm: SVM: Add pause filter threshold ().
   - kvm: SVM: Implement pause loop exit logic in SVM ().
   - kvm: VMX: Bring the common code to header file ().
   - kvm: VMX: Fix the module parameters for vmx ().
   - kvm: VMX: Remove ple_window_actual_max ().
   - libata: add refcounting to ata_host (git-fixes).
   - libata: ensure host is free'd on error exit paths (git-fixes).
   - libnvdimm, dimm: fix dpa reservation vs uninitialized label area
     (git-fixes).
   - linvdimm, pmem: Preserve read-only setting for pmem devices (git-fixes).
   - media: media-device: fix ioctl function types (bsc#1051510).
   - media: rcar_jpu: Add missing clk_disable_unprepare() on error in
     jpu_open() (bsc#1051510).
   - media: saa7164: Fix driver name in debug output (bsc#1051510).
   - media: si470x: fix __be16 annotations (bsc#1051510).
   - media: siano: get rid of __le32/__le16 cast warnings (bsc#1051510).
   - media: tw686x: Fix incorrect vb2_mem_ops GFP flags (bsc#1051510).
   - mfd: cros_ec: Fail early if we cannot identify the EC (bsc#1051510).
   - mfd: fsl-imx25: Clean up irq settings during removal (bsc#1051510).
   - mfd: mxs-lradc: Fix error handling in mxs_lradc_probe() (bsc#1051510).
   - misc: pci_endpoint_test: Avoid triggering a BUG() (bsc#1051510).
   - mmc: dw_mmc: update actual clock for mmc debugfs (bsc#1051510).
   - mmc: pwrseq: Use kmalloc_array instead of stack VLA (bsc#1051510).
   - mm: fix __gup_device_huge vs unmap (bsc#1101839).
   - mm/kmemleak.c: make cond_resched() rate-limiting more efficient
     (bsc#1051510).
   - mwifiex: correct histogram data with appropriate index (bsc#1051510).
   - mwifiex: handle race during mwifiex_usb_disconnect (bsc#1051510).
   - nohz: Fix local_timer_softirq_pending() (bsc#1051510).
   - nvme: ensure forward progress during Admin passthru (git-fixes).
   - nvme-fabrics: Ignore nr_io_queues option for discovery controllers
     (bsc#1102633).
   - nvme: fixup crash on failed discovery (bsc#1103920).
   - nvme.h: fixup ANA group descriptor format (bsc#1104111).
   - nvme: use hw qid in trace events (bsc#1102633).
   - orangefs: report attributes_mask and attributes for statx (bsc#1101832).
   - orangefs: set i_size on new symlink (bsc#1101845).
   - overflow.h: Add allocation size calculation helpers (bsc#1101116,).
   - pci: pciehp: Assume NoCompl+ for Thunderbolt ports (bsc#1051510).
   - pci: pciehp: Request control of native hotplug only if supported
     (bsc#1051510).
   - pci: Prevent sysfs disable of device while driver is attached
     (bsc#1051510).
   - pinctrl: at91-pio4: add missing of_node_put (bsc#1051510).
   - pinctrl: intel: Add Intel Lewisburg GPIO support ().
   - pinctrl: nand: meson-gxl: fix missing data pins (bsc#1051510).
   - pmem: only set QUEUE_FLAG_DAX for fsdax mode (bsc#1103917).
   - qed*: Add link change count value to ethtool statistics display
     (bsc#1086314).
   - qed: Add qed APIs for PHY module query (bsc#1086314 ).
   - qed: Add srq core support for RoCE and iWARP (bsc#1086314 ).
   - qede: Add driver callbacks for eeprom module query (bsc#1086314 ).
   - qed: fix spelling mistake "successffuly" -> "successfully" (bsc#1086314).
   - qed: Make some functions static (bsc#1086314).
   - qed: remove redundant functions qed_get_cm_pq_idx_rl (bsc#1086314).
   - qed: remove redundant functions qed_set_gft_event_id_cm_hdr
     (bsc#1086314).
   - qed: remove redundant pointer 'name' (bsc#1086314).
   - qed: use dma_zalloc_coherent instead of allocator/memset (bsc#1086314).
   - qed*: Utilize FW 8.37.2.0 (bsc#1086314).
   - RDMA/qedr: Fix NULL pointer dereference when running over iWARP without
     RDMA-CM (bsc#1086314).
   - RDMA/qedr: fix spelling mistake: "adrresses" -> "addresses"
     (bsc#1086314).
   - RDMA/qedr: fix spelling mistake: "failes" -> "fails" (bsc#1086314).
   - regulator: pfuze100: add .is_enable() for pfuze100_swb_regulator_ops
     (bsc#1051510).
   - reiserfs: fix buffer overflow with long warning messages (bsc#1101847).
   - Revert "drm/nouveau/drm/therm/fan: add a fallback if no fan control is
     specified in the vbios" (bsc#1103356).
   - s390/cio: clear timer when terminating driver I/O (bsc#1103421).
   - s390/cio: fix return code after missing interrupt (bsc#1103421).
   - s390/dasd: fix handling of internal requests (bsc#1103421).
   - s390/dasd: fix wrongly assigned configuration data (bsc#1103421).
   - s390/dasd: prevent prefix I/O error (bsc#1103421).
   - s390/eadm: fix CONFIG_BLOCK include dependency (bsc#1103421).
   - s390/ipl: ensure loadparm valid flag is set (bsc#1103421).
   - s390/pci: do not require AIS facility (bsc#1103421).
   - s390/qdio: do not release memory in qdio_setup_irq() (bsc#1103421).
   - sc16is7xx: Check for an error when the clock is enabled (bsc#1051510).
   - sched/fair: Consider RT/IRQ pressure in capacity_spare_wake()
     (bnc#1101669 optimise numa balancing for fast migrate).
   - sched/fair: Fix find_idlest_group() when local group is not allowed
     (bnc#1101669 optimise numa balancing for fast migrate).
   - sched/fair: Fix usage of find_idlest_group() when no groups are allowed
     (bnc#1101669 optimise numa balancing for fast migrate).
   - sched/fair: Fix usage of find_idlest_group() when the local group is
     idlest (bnc#1101669 optimise numa balancing for fast migrate).
   - sched/fair: Move select_task_rq_fair() slow-path into its own function
     (bnc#1101669 optimise numa balancing for fast migrate).
   - sched/fair: Remove impossible condition from find_idlest_group_cpu()
     (bnc#1101669 optimise numa balancing for fast migrate).
   - sched/fair: Remove unnecessary comparison with -1 (bnc#1101669 optimise
     numa balancing for fast migrate).
   - sched/fair: Spare idle load balancing on nohz_full CPUs (bnc#1101669
     optimise numa balancing for fast migrate).
   - sched/fair: Use 'unsigned long' for utilization, consistently
     (bnc#1101669 optimise numa balancing for fast migrate).
   - sched/smt: Update sched_smt_present at runtime (bsc#1089343).
   - scsi: ata: enhance the definition of SET MAX feature field value ().
   - scsi: hisi_sas: add an mechanism to do reset work synchronously ().
   - scsi: hisi_sas: add check of device in hisi_sas_task_exec() ().
   - scsi: hisi_sas: add internal abort dev in some places ().
   - scsi: hisi_sas: Add LED feature for v3 hw ().
   - scsi: hisi_sas: add RAS feature for v3 hw ().
   - scsi: hisi_sas: add readl poll timeout helper wrappers ().
   - scsi: hisi_sas: Add some checks to avoid free'ing a sas_task twice ().
   - scsi: hisi_sas: add some print to enhance debugging ().
   - scsi: hisi_sas: Add v2 hw force PHY function for internal ATA command ().
   - scsi: hisi_sas: add v2 hw port AXI error handling support ().
   - scsi: hisi_sas: add v3 hw MODULE_DEVICE_TABLE() ().
   - scsi: hisi_sas: add v3 hw suspend and resume ().
   - scsi: hisi_sas: allocate slot buffer earlier ().
   - scsi: hisi_sas: Change common allocation mode of device id ().
   - scsi: hisi_sas: Change frame type for SET MAX commands ().
   - scsi: hisi_sas: change ncq process for v3 hw ().
   - scsi: hisi_sas: change slot index allocation mode ().
   - scsi: hisi_sas: check host frozen before calling "done" function ().
   - scsi: hisi_sas: check IPTT is valid before using it for v3 hw ().
   - scsi: hisi_sas: check sas_dev gone earlier in hisi_sas_abort_task() ().
   - scsi: hisi_sas: Code cleanup and minor bug fixes ().
   - scsi: hisi_sas: config ATA de-reset as an constrained command for v3 hw
     ().
   - scsi: hisi_sas: consolidate command check in hisi_sas_get_ata_protocol()
     ().
   - scsi: hisi_sas: Create a scsi_host_template per HW module ().
   - scsi: hisi_sas: delete timer when removing hisi_sas driver ().
   - scsi: hisi_sas: do link reset for some CHL_INT2 ints ().
   - scsi: hisi_sas: Do not lock DQ for complete task sending ().
   - scsi: hisi_sas: dt-bindings: add an property of signal attenuation ().
   - scsi: hisi_sas: fix a bug in hisi_sas_dev_gone() ().
   - scsi: hisi_sas: fix a typo in hisi_sas_task_prep() ().
   - scsi: hisi_sas: fix dma_unmap_sg() parameter ().
   - scsi: hisi_sas: fix PI memory size ().
   - scsi: hisi_sas: fix return value of hisi_sas_task_prep() ().
   - scsi: hisi_sas: Fix return value when get_free_slot() failed ().
   - scsi: hisi_sas: fix SAS_QUEUE_FULL problem while running IO ().
   - scsi: hisi_sas: fix the issue of link rate inconsistency ().
   - scsi: hisi_sas: fix the issue of setting linkrate register ().
   - scsi: hisi_sas: improve int_chnl_int_v2_hw() consistency with v3 hw ().
   - scsi: hisi_sas: Include TMF elements in struct hisi_sas_slot ().
   - scsi: hisi_sas: increase timer expire of internal abort task ().
   - scsi: hisi_sas: Init disks after controller reset ().
   - scsi: hisi_sas: initialize dq spinlock before use ().
   - scsi: hisi_sas: Introduce hisi_sas_phy_set_linkrate() ().
   - scsi: hisi_sas: judge result of internal abort ().
   - scsi: hisi_sas: make local symbol host_attrs static ().
   - scsi: hisi_sas: make return type of prep functions void ().
   - scsi: hisi_sas: make SAS address of SATA disks unique ().
   - scsi: hisi_sas: Mark PHY as in reset for nexus reset ().
   - scsi: hisi_sas: modify hisi_sas_dev_gone() for reset ().
   - scsi: hisi_sas: modify some register config for hip08 ().
   - scsi: hisi_sas: optimise port id refresh function ().
   - scsi: hisi_sas: optimise the usage of DQ locking ().
   - scsi: hisi_sas: print device id for errors ().
   - scsi: hisi_sas: re-add the lldd_port_deformed() ().
   - scsi: hisi_sas: relocate clearing ITCT and freeing device ().
   - scsi: hisi_sas: relocate smp sg map ().
   - scsi: hisi_sas: Remove depends on HAS_DMA in case of platform dependency
     ().
   - scsi: hisi_sas: remove redundant handling to event95 for v3 ().
   - scsi: hisi_sas: remove some unneeded structure members ().
   - scsi: hisi_sas: remove unused variable hisi_sas_devices.running_req ().
   - scsi: hisi_sas: Reset disks when discovered ().
   - scsi: hisi_sas: some optimizations of host controller reset ().
   - scsi: hisi_sas: stop controller timer for reset ().
   - scsi: hisi_sas: support the property of signal attenuation for v2 hw ().
   - scsi: hisi_sas: Terminate STP reject quickly for v2 hw ().
   - scsi: hisi_sas: Try wait commands before before controller reset ().
   - scsi: hisi_sas: update PHY linkrate after a controller reset ().
   - scsi: hisi_sas: update RAS feature for later revision of v3 HW ().
   - scsi: hisi_sas: use an general way to delay PHY work ().
   - scsi: hisi_sas: Use device lock to protect slot alloc/free ().
   - scsi: hisi_sas: use dma_zalloc_coherent() ().
   - scsi: hisi_sas: workaround a v3 hw hilink bug ().
   - scsi: libsas: defer ata device eh commands to libata ().
   - scsi: lpfc: Add Buffer overflow check, when nvme_info larger than
     PAGE_SIZE (bsc#1102658).
   - scsi: lpfc: Correct LCB ACCept payload (bsc#1102658).
   - scsi: lpfc: devloss timeout race condition caused null pointer reference
     (bsc#1102658).
   - scsi: lpfc: Fix abort error path for NVMET (bsc#1102658).
   - scsi: lpfc: Fix driver crash when re-registering NVME rports
     (bsc#1102658).
   - scsi: lpfc: Fix driver not setting dpp bits correctly in doorbell word
     (bsc#1102658).
   - scsi: lpfc: Fix ELS abort on SLI-3 adapters (bsc#1102658).
   - scsi: lpfc: Fix list corruption on the completion queue (bsc#1102658).
   - scsi: lpfc: Fix NVME Target crash in defer rcv logic (bsc#1102658).
   - scsi: lpfc: Fix panic if driver unloaded when port is offline
     (bsc#1102658).
   - scsi: lpfc: Fix sysfs Speed value on CNA ports (bsc#1102658).
   - scsi: lpfc: Limit tracking of tgt queue depth in fast path (bsc#1102658).
   - scsi: lpfc: Make PBDE optimizations configurable (bsc#1102658).
   - scsi: lpfc: Remove lpfc_enable_pbde as module parameter (bsc#1102658).
   - scsi: lpfc: Revise copyright for new company language (bsc#1102658).
   - scsi: lpfc: Support duration field in Link Cable Beacon V1 command
     (bsc#1102658).
   - scsi: lpfc: update driver version to 12.0.0.5 (bsc#1102658).
   - scsi: lpfc: update driver version to 12.0.0.6 (bsc#1102658).
   - scsi: qla2xxx: Avoid double completion of abort command (git-fixes).
   - scsi: qla2xxx: Fix driver unload by shutting down chip (git-fixes).
   - scsi: qla2xxx: Fix NPIV deletion by calling wait_for_sess_deletion
     (git-fixes).
   - scsi: qla2xxx: Fix NULL pointer dereference for fcport search
     (git-fixes).
   - scsi: qla2xxx: Fix unintialized List head crash (git-fixes).
   - scsi: qla2xxx: Return error when TMF returns (git-fixes).
   - scsi: smartpqi: add in new supported controllers (bsc#1086274).
   - scsi: smartpqi: add inspur advantech ids (bsc#1086274).
   - scsi: smartpqi: bump driver version to 1.1.4-130 (bsc#1086274).
   - scsi: smartpqi: fix critical ARM issue reading PQI index registers
     (bsc#1086274).
   - scsi: smartpqi: improve error checking for sync requests (bsc#1086274).
   - scsi: smartpqi: improve handling for sync requests (bsc#1086274).
   - scsi: smartpqi: update driver version (bsc#1086274).
   - scsi: smartpqi: workaround fw bug for oq deletion (bsc#1086274).
   - sctp: fix the issue that pathmtu may be set lower than MINSEGMENT
     (git-fixes).
   - sctp: introduce sctp_dst_mtu (git-fixes).
   - soc: bcm2835: Make !RASPBERRYPI_FIRMWARE dummies return failure
     (bsc#1051510).
   - soc: bcm: raspberrypi-power: Fix use of __packed (bsc#1051510).
   - soc: imx: gpc: de-register power domains only if initialized
     (bsc#1051510).
   - soc: imx: gpc: restrict register range for regmap access (bsc#1051510).
   - soc: imx: gpcv2: correct PGC offset (bsc#1051510).
   - soc: imx: gpcv2: Do not pass static memory as platform data
     (bsc#1051510).
   - soc: imx: gpcv2: fix regulator deferred probe (bsc#1051510).
   - soc: mediatek: pwrap: fix compiler errors (bsc#1051510).
   - soc: qcom: wcnss_ctrl: Fix increment in NV upload (bsc#1051510).
   - soc: rockchip: power-domain: Fix wrong value when power up pd with
     writemask (bsc#1051510).
   - soc/tegra: Fix bad of_node_put() in powergate init (bsc#1051510).
   - soc/tegra: flowctrl: Fix error handling (bsc#1051510).
   - soc: ti: ti_sci_pm_domains: Populate name for genpd (bsc#1051510).
   - soc: zte: Restrict SOC_ZTE to ARCH_ZX or COMPILE_TEST (bsc#1051510).
   - spi: bcm2835aux: ensure interrupts are enabled for shared handler
     (bsc#1051510).
   - spi/bcm63xx-hspi: Enable the clock before calling clk_get_rate()
     (bsc#1051510).
   - spi: bcm-qspi: Always read and set BSPI_MAST_N_BOOT_CTRL (bsc#1051510).
   - spi: bcm-qspi: Avoid setting MSPI_CDRAM_PCS for spi-nor master
     (bsc#1051510).
   - spi: cadence: Add usleep_range() for cdns_spi_fill_tx_fifo()
     (bsc#1051510).
   - spi: pxa2xx: Allow 64-bit DMA (bsc#1051510).
   - spi: pxa2xx: check clk_prepare_enable() return value (bsc#1051510).
   - sr: pass down correctly sized SCSI sense buffer (git-fixes).
   - staging: ks7010: Use constants from ieee80211_eid instead of literal
     ints (bsc#1051510).
   - staging: speakup: fix wraparound in uaccess length check (bsc#1051510).
   - supported.conf: add drivers/md/dm-writecache
   - sysrq : fix Show Regs call trace on ARM (bsc#1051510).
   - thermal: exynos: fix setting rising_threshold for Exynos5433
     (bsc#1051510).
   - tty: Fix data race in tty_insert_flip_string_fixed_flag (bsc#1051510).
   - typec: tcpm: Fix a msecs vs jiffies bug (bsc#1100132).
   - udf: Detect incorrect directory size (bsc#1101891).
   - udf: Provide saner default for invalid uid / gid (bsc#1101890).
   - Update config files to add CONFIG_DM_WRITECACHE=m
   - Update
     patches.arch/KVM-PPC-Check-if-IOMMU-page-is-contained-in-the-pinn.patch
     (bsc#1077761, git-fixes, bsc#1103948, bsc#1103949).
   - usb: hub: Do not wait for connect state at resume for powered-off ports
     (bsc#1051510).
   - usbip: usbip_detach: Fix memory, udev context and udev leak
     (bsc#1051510).
   - vfs: add the sb_start_intwrite_trylock() helper (bsc#1101841).
   - virtio_balloon: fix another race between migration and ballooning
     (bsc#1051510).
   - wlcore: sdio: check for valid platform device data before suspend
     (bsc#1051510).
   - x86/apic: Ignore secondary threads if nosmt=force (bsc#1089343).
   - x86/CPU/AMD: Do not check CPUID max ext level before parsing SMP info
     (bsc#1089343).
   - x86/cpu/AMD: Evaluate smp_num_siblings early (bsc#1089343).
   - x86/CPU/AMD: Move TOPOEXT reenablement before reading smp_num_siblings
     (bsc#1089343).
   - x86/cpu/AMD: Remove the pointless detect_ht() call (bsc#1089343).
   - x86/cpu/common: Provide detect_ht_early() (bsc#1089343).
   - x86/cpu/intel: Evaluate smp_num_siblings early (bsc#1089343).
   - x86/cpu: Remove the pointless CPU printout (bsc#1089343).
   - x86/cpu/topology: Provide detect_extended_topology_early() (bsc#1089343).
   - x86/KVM/VMX: Add module argument for L1TF mitigation.
   - x86/smp: Provide topology_is_primary_thread() (bsc#1089343).
   - x86/topology: Provide topology_smt_supported() (bsc#1089343).
   - x86: Treat R_X86_64_PLT32 as R_X86_64_PC32 (binutils_2.31).
   - xfs: catch inode allocation state mismatch corruption (bsc#1104211).
   - xfs: prevent creating negative-sized file via INSERT_RANGE (bsc#1101833).


Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Module for Live Patching 15:

      zypper in -t patch SUSE-SLE-Module-Live-Patching-15-2018-1614=1



Package List:

   - SUSE Linux Enterprise Module for Live Patching 15 (ppc64le x86_64):

      kernel-default-debuginfo-4.12.14-25.13.1
      kernel-default-debugsource-4.12.14-25.13.1
      kernel-default-livepatch-4.12.14-25.13.1


References:

   https://www.suse.com/security/cve/CVE-2018-10876.html
   https://www.suse.com/security/cve/CVE-2018-10877.html
   https://www.suse.com/security/cve/CVE-2018-10878.html
   https://www.suse.com/security/cve/CVE-2018-10879.html
   https://www.suse.com/security/cve/CVE-2018-10880.html
   https://www.suse.com/security/cve/CVE-2018-10881.html
   https://www.suse.com/security/cve/CVE-2018-10882.html
   https://www.suse.com/security/cve/CVE-2018-10883.html
   https://www.suse.com/security/cve/CVE-2018-3620.html
   https://www.suse.com/security/cve/CVE-2018-3646.html
   https://www.suse.com/security/cve/CVE-2018-5391.html
   https://bugzilla.suse.com/1051510
   https://bugzilla.suse.com/1051979
   https://bugzilla.suse.com/1066110
   https://bugzilla.suse.com/1077761
   https://bugzilla.suse.com/1086274
   https://bugzilla.suse.com/1086314
   https://bugzilla.suse.com/1087081
   https://bugzilla.suse.com/1089343
   https://bugzilla.suse.com/1099811
   https://bugzilla.suse.com/1099813
   https://bugzilla.suse.com/1099844
   https://bugzilla.suse.com/1099845
   https://bugzilla.suse.com/1099846
   https://bugzilla.suse.com/1099849
   https://bugzilla.suse.com/1099858
   https://bugzilla.suse.com/1099863
   https://bugzilla.suse.com/1099864
   https://bugzilla.suse.com/1100132
   https://bugzilla.suse.com/1101116
   https://bugzilla.suse.com/1101331
   https://bugzilla.suse.com/1101669
   https://bugzilla.suse.com/1101828
   https://bugzilla.suse.com/1101832
   https://bugzilla.suse.com/1101833
   https://bugzilla.suse.com/1101837
   https://bugzilla.suse.com/1101839
   https://bugzilla.suse.com/1101841
   https://bugzilla.suse.com/1101843
   https://bugzilla.suse.com/1101844
   https://bugzilla.suse.com/1101845
   https://bugzilla.suse.com/1101847
   https://bugzilla.suse.com/1101852
   https://bugzilla.suse.com/1101853
   https://bugzilla.suse.com/1101867
   https://bugzilla.suse.com/1101872
   https://bugzilla.suse.com/1101874
   https://bugzilla.suse.com/1101875
   https://bugzilla.suse.com/1101882
   https://bugzilla.suse.com/1101883
   https://bugzilla.suse.com/1101885
   https://bugzilla.suse.com/1101887
   https://bugzilla.suse.com/1101890
   https://bugzilla.suse.com/1101891
   https://bugzilla.suse.com/1101893
   https://bugzilla.suse.com/1101895
   https://bugzilla.suse.com/1101896
   https://bugzilla.suse.com/1101900
   https://bugzilla.suse.com/1101902
   https://bugzilla.suse.com/1101903
   https://bugzilla.suse.com/1102633
   https://bugzilla.suse.com/1102658
   https://bugzilla.suse.com/1103097
   https://bugzilla.suse.com/1103356
   https://bugzilla.suse.com/1103421
   https://bugzilla.suse.com/1103517
   https://bugzilla.suse.com/1103723
   https://bugzilla.suse.com/1103724
   https://bugzilla.suse.com/1103725
   https://bugzilla.suse.com/1103726
   https://bugzilla.suse.com/1103727
   https://bugzilla.suse.com/1103728
   https://bugzilla.suse.com/1103729
   https://bugzilla.suse.com/1103730
   https://bugzilla.suse.com/1103917
   https://bugzilla.suse.com/1103920
   https://bugzilla.suse.com/1103948
   https://bugzilla.suse.com/1103949
   https://bugzilla.suse.com/1104066
   https://bugzilla.suse.com/1104111
   https://bugzilla.suse.com/1104174
   https://bugzilla.suse.com/1104211
   https://bugzilla.suse.com/1104319

_______________________________________________

=============================================================================
   SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID:    SUSE-SU-2018:2380-1
Rating:             important
References:         #1051510 #1051979 #1066110 #1077761 #1086274 
                    #1086314 #1087081 #1089343 #1099811 #1099813 
                    #1099844 #1099845 #1099846 #1099849 #1099858 
                    #1099863 #1099864 #1100132 #1101116 #1101331 
                    #1101669 #1101828 #1101832 #1101833 #1101837 
                    #1101839 #1101841 #1101843 #1101844 #1101845 
                    #1101847 #1101852 #1101853 #1101867 #1101872 
                    #1101874 #1101875 #1101882 #1101883 #1101885 
                    #1101887 #1101890 #1101891 #1101893 #1101895 
                    #1101896 #1101900 #1101902 #1101903 #1102633 
                    #1102658 #1103097 #1103356 #1103421 #1103517 
                    #1103723 #1103724 #1103725 #1103726 #1103727 
                    #1103728 #1103729 #1103730 #1103917 #1103920 
                    #1103948 #1103949 #1104066 #1104111 #1104174 
                    #1104211 #1104319 
Cross-References:   CVE-2018-10876 CVE-2018-10877 CVE-2018-10878
                    CVE-2018-10879 CVE-2018-10880 CVE-2018-10881
                    CVE-2018-10882 CVE-2018-10883 CVE-2018-3620
                    CVE-2018-3646 CVE-2018-5391
Affected Products:
                    SUSE Linux Enterprise Workstation Extension 15
                    SUSE Linux Enterprise Module for Legacy Software 15
                    SUSE Linux Enterprise Module for Development Tools 15
                    SUSE Linux Enterprise Module for Basesystem 15
                    SUSE Linux Enterprise High Availability 15
______________________________________________________________________________

   An update that solves 11 vulnerabilities and has 61 fixes
   is now available.

Description:



   The SUSE Linux Enterprise 15 kernel was updated to receive various
   security and bugfixes.

   The following security bugs were fixed:

   - CVE-2018-3620: Local attackers on baremetal systems could use
     speculative code patterns on hyperthreaded processors to read data
     present in the L1 Datacache used by other hyperthreads on the same CPU
     core, potentially leaking sensitive data. (bnc#1087081).
   - CVE-2018-3646: Local attackers in virtualized guest systems could use
     speculative code patterns on hyperthreaded processors to read data
     present in the L1 Datacache used by other hyperthreads on the same CPU
     core, potentially leaking sensitive data, even from other virtual
     machines or the host system. (bnc#1089343).
   - CVE-2018-5391 aka "FragmentSmack": A flaw in the IP packet reassembly
     could be used by remote attackers to consume lots of CPU time
     (bnc#1103097).
   - CVE-2018-10876: A flaw was found in the ext4 filesystem code. A
     use-after-free is possible in ext4_ext_remove_space() function when
     mounting and operating a crafted ext4 image. (bnc#1099811)
   - CVE-2018-10877: The ext4 filesystem is vulnerable to an out-of-bound
     access in the ext4_ext_drop_refs() function when operating on a crafted
     ext4 filesystem image. (bnc#1099846)
   - CVE-2018-10878: A flaw was found in the ext4 filesystem. A local user
     can cause an out-of-bounds write and a denial of service or unspecified
     other impact is possible by mounting and operating a crafted ext4
     filesystem image. (bnc#1099813)
   - CVE-2018-10879: A flaw was found in the ext4 filesystem. A local user
     can cause a use-after-free in ext4_xattr_set_entry function and a denial
     of service or unspecified other impact may occur by renaming a file in a
     crafted ext4 filesystem image. (bnc#1099844)
   - CVE-2018-10880: Linux kernel is vulnerable to a stack-out-of-bounds
     write in the ext4 filesystem code when mounting and writing to a crafted
     ext4 image in ext4_update_inline_data(). An attacker could use this to
     cause a system crash and a denial of service. (bnc#1099845)
   - CVE-2018-10881: A flaw was found in the ext4 filesystem. A local user
     can cause an out-of-bound access in ext4_get_group_info function, a
     denial of service, and a system crash by mounting and operating on a
     crafted ext4 filesystem image. (bnc#1099864)
   - CVE-2018-10882: A flaw was found in the ext4 filesystem. A local user
     can cause an out-of-bound write in in fs/jbd2/transaction.c code, a
     denial of service, and a system crash by unmounting a crafted ext4
     filesystem image. (bnc#1099849)
   - CVE-2018-10883: A flaw was found in the ext4 filesystem. A local user
     can cause an out-of-bounds write in jbd2_journal_dirty_metadata(), a
     denial of service, and a system crash by mounting and operating on a
     crafted ext4 filesystem image. (bnc#1099863)

   The following non-security bugs were fixed:

   - acpi / lpss: Only call pwm_add_table() for Bay Trail PWM if PMIC HRV is
     2 (bsc#1051510).
   - af_key: Always verify length of provided sadb_key (bsc#1051510).
   - af_key: fix buffer overread in parse_exthdrs() (bsc#1051510).
   - af_key: fix buffer overread in verify_address_len() (bsc#1051510).
   - afs: Fix directory permissions check (bsc#1101828).
   - agp: uninorth: make two functions static (bsc#1051510).
   - alsa: emu10k1: add error handling for snd_ctl_add (bsc#1051510).
   - alsa: emu10k1: Rate-limit error messages about page errors (bsc#1051510).
   - alsa: fm801: add error handling for snd_ctl_add (bsc#1051510).
   - alsa: usb-audio: Apply rate limit to warning messages in URB complete
     callback (bsc#1051510).
   - arm64: Correct type for PUD macros (bsc#1103723).
   - arm64: Disable unhandled signal log messages by default (bsc#1103724).
   - arm64: kvm: fix VTTBR_BADDR_MASK BUG_ON off-by-one (bsc#1103725).
   - arm64: mm: Fix set_memory_valid() declaration (bsc#1103726).
   - arm64: perf: correct PMUVer probing (bsc#1103727).
   - arm64: ptrace: Avoid setting compat FPR to garbage if get_user fails
     (bsc#1103728).
   - arm64: spinlock: Fix theoretical trylock() A-B-A with LSE atomics
     (bsc#1103729).
   - arm64: vdso: fix clock_getres for 4GiB-aligned res (bsc#1103730).
   - arm: 8715/1: add a private asm/unaligned.h (bsc#1051510).
   - arm: 8720/1: ensure dump_instr() checks addr_limit (bsc#1051510).
   - arm: 8721/1: mm: dump: check hardware RO bit for LPAE (bsc#1051510).
   - arm: 8722/1: mm: make STRICT_KERNEL_RWX effective for LPAE (bsc#1051510).
   - arm: 8731/1: Fix csum_partial_copy_from_user() stack mismatch
     (bsc#1051510).
   - arm: 8743/1: bL_switcher: add MODULE_LICENSE tag (bsc#1051510).
   - arm: 8746/1: vfp: Go back to clearing vfp_current_hw_state[]
     (bsc#1051510).
   - arm: 8748/1: mm: Define vdso_start, vdso_end as array (bsc#1051510).
   - arm: 8753/1: decompressor: add a missing parameter to the addruart macro
     (bsc#1051510).
   - arm: 8758/1: decompressor: restore r1 and r2 just before jumping to the
     kernel (bsc#1051510).
   - arm: 8764/1: kgdb: fix NUMREGBYTES so that gdb_regs[] is the correct
     size (bsc#1051510).
   - arm: 8769/1: kprobes: Fix to use get_kprobe_ctlblk after irq-disabed
     (bsc#1051510).
   - arm: 8770/1: kprobes: Prohibit probing on optimized_callback
     (bsc#1051510).
   - arm: 8771/1: kprobes: Prohibit kprobes on do_undefinstr (bsc#1051510).
   - arm: 8772/1: kprobes: Prohibit kprobes on get_user functions
     (bsc#1051510).
   - arm: AM33xx: PRM: Remove am33xx_pwrdm_read_prev_pwrst function
     (bsc#1051510).
   - arm: amba: Fix race condition with driver_override (bsc#1051510).
   - arm: amba: Fix wrong indentation in driver_override_store()
     (bsc#1051510).
   - arm: amba: Make driver_override output consistent with other buses
     (bsc#1051510).
   - arm: at91: do not select CONFIG_ARM_CPU_SUSPEND for old platforms
     (bsc#1051510).
   - arm: avoid faulting on qemu (bsc#1051510).
   - arm: BUG if jumping to usermode address in kernel mode (bsc#1051510).
   - arm-ccn: perf: Prevent module unload while PMU is in use (bsc#1051510).
   - arm: davinci: Add dma_mask to dm365's eDMA device (bsc#1051510).
   - arm: davinci: board-da830-evm: fix GPIO lookup for MMC/SD (bsc#1051510).
   - arm: davinci: board-da850-evm: fix GPIO lookup for MMC/SD (bsc#1051510).
   - arm: davinci: board-da850-evm: fix WP pin polarity for MMC/SD
     (bsc#1051510).
   - arm: davinci: board-dm355-evm: fix broken networking (bsc#1051510).
   - arm: davinci: board-dm646x-evm: pass correct I2C adapter id for VPIF
     (bsc#1051510).
   - arm: davinci: board-dm646x-evm: set VPIF capture card name (bsc#1051510).
   - arm: davinci: board-omapl138-hawk: fix GPIO numbers for MMC/SD lookup
     (bsc#1051510).
   - arm: davinci: dm646x: fix timer interrupt generation (bsc#1051510).
   - arm: davinci: fix mmc entries in dm365's dma_slave_map (bsc#1051510).
   - arm: davinci: fix the GPIO lookup for omapl138-hawk (bsc#1051510).
   - arm: davinci: Use platform_device_register_full() to create pdev for
     dm365's eDMA (bsc#1051510).
   - arm: DRA722: remove redundant definition of 1.0 device (bsc#1051510).
   - arm: fix return value of parse_cpu_capacity (bsc#1051510).
   - arm: kexec: fix failure to boot crash kernel (bsc#1051510).
   - arm: kexec: fix kdump register saving on panic() (bsc#1051510).
   - arm: keystone: fix platform_domain_notifier array overrun (bsc#1051510).
   - arm: kvm: fix building with gcc-8 (bsc#1051510).
   - arm: multi_v7_defconfig: Replace DRM_RCAR_HDMI by generic bridge options
     (bsc#1051510).
   - arm: multi_v7_defconfig: Replace SND_SOC_RSRC_CARD by
     SND_SIMPLE_SCU_CARD (bsc#1051510).
   - arm: mvebu: Fix broken PL310_ERRATA_753970 selects (bsc#1051510).
   - arm: OMAP1: clock: Fix debugfs_create_*() usage (bsc#1051510).
   - arm: OMAP2+: Fix SRAM virt to phys translation for
     save_secure_ram_context (bsc#1051510).
   - arm: omap2: hide omap3_save_secure_ram on non-OMAP3 builds (bsc#1051510).
   - arm: OMAP2+: omap_device: drop broken RPM status update from
     suspend_noirq (bsc#1051510).
   - arm: OMAP2+: powerdomain: use raw_smp_processor_id() for trace
     (bsc#1051510).
   - arm: OMAP2+: timer: fix a kmemleak caused in omap_get_timer_dt
     (bsc#1051510).
   - arm: OMAP3: Fix prm wake interrupt for resume (bsc#1051510).
   - arm: OMAP3: hwmod_data: add missing module_offs for MMC3 (bsc#1051510).
   - arm: OMAP3+: PRM: fix of_irq_get() result check (bsc#1051510).
   - arm: OMAP4+: PRM: fix of_irq_get() result checks (bsc#1051510).
   - arm: OMAP: Fix dmtimer init for omap1 (bsc#1051510).
   - arm: OMAP: Fix SRAM W+X mapping (bsc#1051510).
   - arm: orion5x: Revert commit 4904dbda41c8 (bsc#1051510).
   - arm: orion: fix orion_ge00_switch_board_info initialization
     (bsc#1051510).
   - arm: pxa: select both FB and FB_W100 for eseries (bsc#1051510).
   - arm: pxa/tosa-bt: add MODULE_LICENSE tag (bsc#1051510).
   - arm: remove wrong CONFIG_PROC_SYSCTL ifdef (bsc#1051510).
   - arm: s3c24xx: Fix NAND ECC mode for mini2440 board (bsc#1051510).
   - arm: shmobile: defconfig: Enable missing PCIE_RCAR dependency
     (bsc#1051510).
   - arm: shmobile: defconfig: Replace DRM_RCAR_HDMI by generic bridge
     options (bsc#1051510).
   - arm: shmobile: defconfig: Replace SND_SOC_RSRC_CARD by
     SND_SIMPLE_SCU_CARD (bsc#1051510).
   - arm: shmobile: defconfig: Replace USB_XHCI_RCAR by USB_XHCI_PLATFORM
     (bsc#1051510).
   - arm: shmobile: rcar-gen2: Fix deadlock in regulator quirk (bsc#1051510).
   - arm: socfpga_defconfig: Remove QSPI Sector 4K size force (bsc#1051510).
   - arm: spear13xx: Fix dmas cells (bsc#1051510).
   - arm: sunxi_defconfig: Enable CMA (bsc#1051510).
   - arm: sunxi: fix the core number of V3s in sunxi README (bsc#1051510).
   - asoc: dpcm: fix BE dai not hw_free and shutdown (bsc#1051510).
   - asoc: topology: Add missing clock gating parameter when parsing
     hw_configs (bsc#1051510).
   - asoc: topology: Fix bclk and fsync inversion in set_link_hw_format()
     (bsc#1051510).
   - ata: do not schedule hot plug if it is a sas host ().
   - ath: Add regulatory mapping for APL13_WORLD (bsc#1051510).
   - ath: Add regulatory mapping for APL2_FCCA (bsc#1051510).
   - ath: Add regulatory mapping for Bahamas (bsc#1051510).
   - ath: Add regulatory mapping for Bermuda (bsc#1051510).
   - ath: Add regulatory mapping for ETSI8_WORLD (bsc#1051510).
   - ath: Add regulatory mapping for FCC3_ETSIC (bsc#1051510).
   - ath: Add regulatory mapping for Serbia (bsc#1051510).
   - ath: Add regulatory mapping for Tanzania (bsc#1051510).
   - ath: Add regulatory mapping for Uganda (bsc#1051510).
   - audit: fix potential null dereference 'context->module.name'
     (bsc#1051510).
   - backlight: pwm_bl: Do not use GPIOF_* with gpiod_get_direction
     (bsc#1051510).
   - bdi: Move cgroup bdi_writeback to a dedicated low concurrency workqueue
     (bsc#1101867).
   - befs_lookup(): use d_splice_alias() (bsc#1101844).
   - block: Fix transfer when chunk sectors exceeds max (bsc#1101874).
   - bluetooth: btusb: Add a new Realtek 8723DE ID 2ff8:b011 (bsc#1051510).
   - bluetooth: btusb: add ID for LiteOn 04ca:301a (bsc#1051510).
   - bluetooth: hci_qca: Fix "Sleep inside atomic section" warning
     (bsc#1051510).
   - branch-check: fix long->int truncation when profiling branches
     (bsc#1101116,).
   - brcmfmac: Add support for bcm43364 wireless chipset (bsc#1051510).
   - cachefiles: Fix missing clear of the CACHEFILES_OBJECT_ACTIVE flag
     (bsc#1099858).
   - cachefiles: Fix refcounting bug in backing-file read monitoring
     (bsc#1099858).
   - cachefiles: Wait rather than BUG'ing on "Unexpected object collision"
     (bsc#1099858).
   - can: dev: increase bus-off message severity (bsc#1051510).
   - can: ems_usb: Fix memory leak on ems_usb_disconnect() (bsc#1051510).
   - can: m_can: change comparison to bitshift when dealing with a mask
     (bsc#1051510).
   - cdrom: do not call check_disk_change() inside cdrom_open() (bsc#1101872).
   - clk: at91: fix clk-generated compilation (bsc#1051510).
   - clk: renesas: cpg-mssr: Stop using printk format %pCr (bsc#1051510).
   - coccinelle: fix parallel build with CHECK=scripts/coccicheck
     (bsc#1051510).
   - compiler.h: enable builtin overflow checkers and add fallback code
     (bsc#1101116,).
   - cpufreq: intel_pstate: Limit the scope of HWP dynamic boost platforms
     (bsc#1066110).
   - cpu/hotplug: Make bringup/teardown of smp threads symmetric
     (bsc#1089343).
   - cpu/hotplug: Provide knobs to control SMT (bsc#1089343).
   - cpu/hotplug: Split do_cpu_down() (bsc#1089343).
   - crypto: authenc - do not leak pointers to authenc keys (bsc#1051510).
   - crypto: authencesn - do not leak pointers to authenc keys (bsc#1051510).
   - crypto: padlock-aes - Fix Nano workaround data corruption (bsc#1051510).
   - delayacct: fix crash in delayacct_blkio_end() after delayacct init
     failure (bsc#1104066).
   - dm: add writecache target (bsc#1101116,).
   - dm: prevent DAX mounts if not supported (bsc#1103917).
   - dm writecache: support optional offset for start of device
     (bsc#1101116,).
   - dm writecache: use 2-factor allocator arguments (bsc#1101116,).
   - doc: Add vendor prefix for Kieback & Peter GmbH (bsc#1051510).
   - drivers: soc: sunxi: fix error processing on base address when claiming
     (bsc#1051510).
   - drm: Add DP PSR2 sink enable bit (bsc#1051510).
   - drm/amdgpu: Remove VRAM from shared bo domains (bsc#1051510).
   - drm/atomic: Check old_plane_state->crtc in
     drm_atomic_helper_async_check() (bsc#1051510).
   - drm/atomic: Handling the case when setting old crtc for plane
     (bsc#1051510).
   - drm/atomic-helper: Drop plane->fb references only for
     drm_atomic_helper_shutdown() (bsc#1051510).
   - drm/atomic: Initialize variables in drm_atomic_helper_async_check() to
     make gcc happy (bsc#1051510).
   - drm/atomic: Make async plane update checks work as intended, v2
     (bsc#1051510).
   - drm/atomic: Make atomic helper track newly assigned planes correctly, v2
     (bsc#1051510).
   - drm/atomic: Make atomic iterators less surprising (bsc#1051510).
   - drm/dp/mst: Fix off-by-one typo when dump payload table (bsc#1051510).
   - drm/gma500: fix psb_intel_lvds_mode_valid()'s return type (bsc#1051510).
   - drm/nouveau/fifo/gk104-: poll for runlist update completion
     (bsc#1051510).
   - drm/radeon: fix mode_valid's return type (bsc#1051510).
   - drm: re-enable error handling (bsc#1051510).
   - drm/vc4: Reset ->{x, y}_scaling[1] when dealing with uniplanar formats
     (bsc#1051510).
   - Enable / support pinctrl-lewisburg ()
   - ext2: fix a block leak (bsc#1101875).
   - ext4: add more mount time checks of the superblock (bsc#1101900).
   - ext4: bubble errors from ext4_find_inline_data_nolock() up to
     ext4_iget() (bsc#1101896).
   - ext4: check superblock mapped prior to committing (bsc#1101902).
   - ext4: do not update s_last_mounted of a frozen fs (bsc#1101841).
   - ext4: factor out helper ext4_sample_last_mounted() (bsc#1101841).
   - ext4: fix check to prevent initializing reserved inodes (bsc#1104319).
   - ext4: fix fencepost error in check for inode count overflow during
     resize (bsc#1101853).
   - ext4: include the illegal physical block in the bad map ext4_error msg
     (bsc#1101903).
   - ext4: report delalloc reserve as non-free in statfs for project quota
     (bsc#1101843).
   - ext4: update mtime in ext4_punch_hole even if no blocks are released
     (bsc#1101895).
   - f2fs: call unlock_new_inode() before d_instantiate() (bsc#1101837).
   - fix io_destroy()/aio_complete() race (bsc#1101852).
   - Force log to disk before reading the AGF during a fstrim (bsc#1101893).
   - fs: allow per-device dax status checking for filesystems (bsc#1103917).
   - fscache: Allow cancelled operations to be enqueued (bsc#1099858).
   - fscache: Fix hanging wait on page discarded by writeback (bsc#1101885).
   - fscache: Fix reference overput in fscache_attach_object() error handling
     (bsc#1099858).
   - fs: clear writeback errors in inode_init_always (bsc#1101882).
   - fs: do not scan the inode cache before SB_BORN is set (bsc#1101883).
   - genirq: Check __free_irq() return value for NULL (bsc#1103517).
   - hid: hid-plantronics: Re-resend Update to map button for PTT products
     (bsc#1051510).
   - hid: i2c-hid: check if device is there before really probing
     (bsc#1051510).
   - hippi: Fix a Fix a possible sleep-in-atomic bug in rr_close
     (bsc#1051510).
   - hv_netvsc: Ensure correct teardown message sequence order ().
   - hv/netvsc: fix handling of fallback to single queue mode ().
   - hv_netvsc: Fix net device attach on older Windows hosts ().
   - hv_netvsc: set master device (bsc#1051979).
   - hv_netvsc: Split netvsc_revoke_buf() and netvsc_teardown_gpadl() ().
   - hv_netvsc: split sub-channel setup into async and sync ().
   - hv_netvsc: Use Windows version instead of NVSP version on GPAD teardown
     ().
   - ibmasm: do not write out of bounds in read handler (bsc#1051510).
   - ibmvnic: Remove code to request error information (bsc#1104174).
   - ibmvnic: Revise RX/TX queue error messages (bsc#1101331).
   - ibmvnic: Update firmware error reporting with cause string (bsc#1104174).
   - input: elan_i2c - add ACPI ID for lenovo ideapad 330 (bsc#1051510).
   - input: elan_i2c - add another ACPI ID for Lenovo Ideapad 330-15AST
     (bsc#1051510).
   - input: i8042 - add Lenovo LaVie Z to the i8042 reset list (bsc#1051510).
   - irqchip: brcmstb-l2: Define an irq_pm_shutdown function (bsc#1051510).
   - irqchip/gic: Take lock when updating irq type (bsc#1051510).
   - irqchip/gic-v3: Change pr_debug message to pr_devel (bsc#1051510).
   - irqchip/gic-v3: Fix the driver probe() fail due to disabled GICC entry
     (bsc#1051510).
   - irqchip/gic-v3: Ignore disabled ITS nodes (bsc#1051510).
   - irqchip/gic-v3: Use wmb() instead of smb_wmb() in gic_raise_softirq()
     (bsc#1051510).
   - irqchip/qcom: Fix check for spurious interrupts (bsc#1051510).
   - irqchip/qcom: Fix u32 comparison with value less than zero (bsc#1051510).
   - isofs: fix potential memory leak in mount option parsing (bsc#1101887).
   - iwlwifi: add more card IDs for 9000 series (bsc#1051510).
   - iwlwifi: pcie: fix race in Rx buffer allocator (bsc#1051510).
   - jump_label: Fix concurrent static_key_enable/disable() (bsc#1089343).
   - jump_label: Provide hotplug context variants (bsc#1089343).
   - jump_label: Reorder hotplug lock and jump_label_lock (bsc#1089343).
   - kabi protect bdev_dax_supported (bsc#1103917).
   - kabi protect struct ccw_device_private (bsc#1103421).
   - kabi/severities: do not complain on hisi_sas internal changes ().
   - kabi/severities: ignore x86_kvm_ops; lttng-modules would have to be
     adjusted in case they depend on this particular change
   - kbuild: add '-fno-stack-check' to kernel build options (bsc#1051510).
   - kbuild: Handle builtin dtb file names containing hyphens (bsc#1051510).
   - kbuild: pkg: use --transform option to prefix paths in tar (bsc#1051510).
   - kconfig: display recursive dependency resolution hint just once
     (bsc#1051510).
   - kmemleak: add scheduling point to kmemleak_scan() (bsc#1051510).
   - kvm: SVM: Add pause filter threshold ().
   - kvm: SVM: Implement pause loop exit logic in SVM ().
   - kvm: VMX: Bring the common code to header file ().
   - kvm: VMX: Fix the module parameters for vmx ().
   - kvm: VMX: Remove ple_window_actual_max ().
   - libata: add refcounting to ata_host (git-fixes).
   - libata: ensure host is free'd on error exit paths (git-fixes).
   - libnvdimm, dimm: fix dpa reservation vs uninitialized label area
     (git-fixes).
   - linvdimm, pmem: Preserve read-only setting for pmem devices (git-fixes).
   - media: media-device: fix ioctl function types (bsc#1051510).
   - media: rcar_jpu: Add missing clk_disable_unprepare() on error in
     jpu_open() (bsc#1051510).
   - media: saa7164: Fix driver name in debug output (bsc#1051510).
   - media: si470x: fix __be16 annotations (bsc#1051510).
   - media: siano: get rid of __le32/__le16 cast warnings (bsc#1051510).
   - media: tw686x: Fix incorrect vb2_mem_ops GFP flags (bsc#1051510).
   - mfd: cros_ec: Fail early if we cannot identify the EC (bsc#1051510).
   - mfd: fsl-imx25: Clean up irq settings during removal (bsc#1051510).
   - mfd: mxs-lradc: Fix error handling in mxs_lradc_probe() (bsc#1051510).
   - misc: pci_endpoint_test: Avoid triggering a BUG() (bsc#1051510).
   - mmc: dw_mmc: update actual clock for mmc debugfs (bsc#1051510).
   - mmc: pwrseq: Use kmalloc_array instead of stack VLA (bsc#1051510).
   - mm: fix __gup_device_huge vs unmap (bsc#1101839).
   - mm/kmemleak.c: make cond_resched() rate-limiting more efficient
     (bsc#1051510).
   - mwifiex: correct histogram data with appropriate index (bsc#1051510).
   - mwifiex: handle race during mwifiex_usb_disconnect (bsc#1051510).
   - nohz: Fix local_timer_softirq_pending() (bsc#1051510).
   - nvme: ensure forward progress during Admin passthru (git-fixes).
   - nvme-fabrics: Ignore nr_io_queues option for discovery controllers
     (bsc#1102633).
   - nvme: fixup crash on failed discovery (bsc#1103920).
   - nvme.h: fixup ANA group descriptor format (bsc#1104111).
   - nvme: use hw qid in trace events (bsc#1102633).
   - orangefs: report attributes_mask and attributes for statx (bsc#1101832).
   - orangefs: set i_size on new symlink (bsc#1101845).
   - overflow.h: Add allocation size calculation helpers (bsc#1101116,).
   - pci: pciehp: Assume NoCompl+ for Thunderbolt ports (bsc#1051510).
   - pci: pciehp: Request control of native hotplug only if supported
     (bsc#1051510).
   - pci: Prevent sysfs disable of device while driver is attached
     (bsc#1051510).
   - pinctrl: at91-pio4: add missing of_node_put (bsc#1051510).
   - pinctrl: intel: Add Intel Lewisburg GPIO support ().
   - pinctrl: nand: meson-gxl: fix missing data pins (bsc#1051510).
   - pmem: only set QUEUE_FLAG_DAX for fsdax mode (bsc#1103917).
   - qed*: Add link change count value to ethtool statistics display
     (bsc#1086314).
   - qed: Add qed APIs for PHY module query (bsc#1086314 ).
   - qed: Add srq core support for RoCE and iWARP (bsc#1086314 ).
   - qede: Add driver callbacks for eeprom module query (bsc#1086314 ).
   - qed: fix spelling mistake "successffuly" -> "successfully" (bsc#1086314).
   - qed: Make some functions static (bsc#1086314).
   - qed: remove redundant functions qed_get_cm_pq_idx_rl (bsc#1086314).
   - qed: remove redundant functions qed_set_gft_event_id_cm_hdr
     (bsc#1086314).
   - qed: remove redundant pointer 'name' (bsc#1086314).
   - qed: use dma_zalloc_coherent instead of allocator/memset (bsc#1086314).
   - qed*: Utilize FW 8.37.2.0 (bsc#1086314).
   - RDMA/qedr: Fix NULL pointer dereference when running over iWARP without
     RDMA-CM (bsc#1086314).
   - RDMA/qedr: fix spelling mistake: "adrresses" -> "addresses"
     (bsc#1086314).
   - RDMA/qedr: fix spelling mistake: "failes" -> "fails" (bsc#1086314).
   - regulator: pfuze100: add .is_enable() for pfuze100_swb_regulator_ops
     (bsc#1051510).
   - reiserfs: fix buffer overflow with long warning messages (bsc#1101847).
   - Revert "drm/nouveau/drm/therm/fan: add a fallback if no fan control is
     specified in the vbios" (bsc#1103356).
   - s390/cio: clear timer when terminating driver I/O (bsc#1103421).
   - s390/cio: fix return code after missing interrupt (bsc#1103421).
   - s390/dasd: fix handling of internal requests (bsc#1103421).
   - s390/dasd: fix wrongly assigned configuration data (bsc#1103421).
   - s390/dasd: prevent prefix I/O error (bsc#1103421).
   - s390/eadm: fix CONFIG_BLOCK include dependency (bsc#1103421).
   - s390/ipl: ensure loadparm valid flag is set (bsc#1103421).
   - s390/pci: do not require AIS facility (bsc#1103421).
   - s390/qdio: do not release memory in qdio_setup_irq() (bsc#1103421).
   - sc16is7xx: Check for an error when the clock is enabled (bsc#1051510).
   - sched/fair: Consider RT/IRQ pressure in capacity_spare_wake()
     (bnc#1101669 optimise numa balancing for fast migrate).
   - sched/fair: Fix find_idlest_group() when local group is not allowed
     (bnc#1101669 optimise numa balancing for fast migrate).
   - sched/fair: Fix usage of find_idlest_group() when no groups are allowed
     (bnc#1101669 optimise numa balancing for fast migrate).
   - sched/fair: Fix usage of find_idlest_group() when the local group is
     idlest (bnc#1101669 optimise numa balancing for fast migrate).
   - sched/fair: Move select_task_rq_fair() slow-path into its own function
     (bnc#1101669 optimise numa balancing for fast migrate).
   - sched/fair: Remove impossible condition from find_idlest_group_cpu()
     (bnc#1101669 optimise numa balancing for fast migrate).
   - sched/fair: Remove unnecessary comparison with -1 (bnc#1101669 optimise
     numa balancing for fast migrate).
   - sched/fair: Spare idle load balancing on nohz_full CPUs (bnc#1101669
     optimise numa balancing for fast migrate).
   - sched/fair: Use 'unsigned long' for utilization, consistently
     (bnc#1101669 optimise numa balancing for fast migrate).
   - sched/smt: Update sched_smt_present at runtime (bsc#1089343).
   - scsi: ata: enhance the definition of SET MAX feature field value ().
   - scsi: hisi_sas: add an mechanism to do reset work synchronously ().
   - scsi: hisi_sas: add check of device in hisi_sas_task_exec() ().
   - scsi: hisi_sas: add internal abort dev in some places ().
   - scsi: hisi_sas: Add LED feature for v3 hw ().
   - scsi: hisi_sas: add RAS feature for v3 hw ().
   - scsi: hisi_sas: add readl poll timeout helper wrappers ().
   - scsi: hisi_sas: Add some checks to avoid free'ing a sas_task twice ().
   - scsi: hisi_sas: add some print to enhance debugging ().
   - scsi: hisi_sas: Add v2 hw force PHY function for internal ATA command ().
   - scsi: hisi_sas: add v2 hw port AXI error handling support ().
   - scsi: hisi_sas: add v3 hw MODULE_DEVICE_TABLE() ().
   - scsi: hisi_sas: add v3 hw suspend and resume ().
   - scsi: hisi_sas: allocate slot buffer earlier ().
   - scsi: hisi_sas: Change common allocation mode of device id ().
   - scsi: hisi_sas: Change frame type for SET MAX commands ().
   - scsi: hisi_sas: change ncq process for v3 hw ().
   - scsi: hisi_sas: change slot index allocation mode ().
   - scsi: hisi_sas: check host frozen before calling "done" function ().
   - scsi: hisi_sas: check IPTT is valid before using it for v3 hw ().
   - scsi: hisi_sas: check sas_dev gone earlier in hisi_sas_abort_task() ().
   - scsi: hisi_sas: Code cleanup and minor bug fixes ().
   - scsi: hisi_sas: config ATA de-reset as an constrained command for v3 hw
     ().
   - scsi: hisi_sas: consolidate command check in hisi_sas_get_ata_protocol()
     ().
   - scsi: hisi_sas: Create a scsi_host_template per HW module ().
   - scsi: hisi_sas: delete timer when removing hisi_sas driver ().
   - scsi: hisi_sas: do link reset for some CHL_INT2 ints ().
   - scsi: hisi_sas: Do not lock DQ for complete task sending ().
   - scsi: hisi_sas: dt-bindings: add an property of signal attenuation ().
   - scsi: hisi_sas: fix a bug in hisi_sas_dev_gone() ().
   - scsi: hisi_sas: fix a typo in hisi_sas_task_prep() ().
   - scsi: hisi_sas: fix dma_unmap_sg() parameter ().
   - scsi: hisi_sas: fix PI memory size ().
   - scsi: hisi_sas: fix return value of hisi_sas_task_prep() ().
   - scsi: hisi_sas: Fix return value when get_free_slot() failed ().
   - scsi: hisi_sas: fix SAS_QUEUE_FULL problem while running IO ().
   - scsi: hisi_sas: fix the issue of link rate inconsistency ().
   - scsi: hisi_sas: fix the issue of setting linkrate register ().
   - scsi: hisi_sas: improve int_chnl_int_v2_hw() consistency with v3 hw ().
   - scsi: hisi_sas: Include TMF elements in struct hisi_sas_slot ().
   - scsi: hisi_sas: increase timer expire of internal abort task ().
   - scsi: hisi_sas: Init disks after controller reset ().
   - scsi: hisi_sas: initialize dq spinlock before use ().
   - scsi: hisi_sas: Introduce hisi_sas_phy_set_linkrate() ().
   - scsi: hisi_sas: judge result of internal abort ().
   - scsi: hisi_sas: make local symbol host_attrs static ().
   - scsi: hisi_sas: make return type of prep functions void ().
   - scsi: hisi_sas: make SAS address of SATA disks unique ().
   - scsi: hisi_sas: Mark PHY as in reset for nexus reset ().
   - scsi: hisi_sas: modify hisi_sas_dev_gone() for reset ().
   - scsi: hisi_sas: modify some register config for hip08 ().
   - scsi: hisi_sas: optimise port id refresh function ().
   - scsi: hisi_sas: optimise the usage of DQ locking ().
   - scsi: hisi_sas: print device id for errors ().
   - scsi: hisi_sas: re-add the lldd_port_deformed() ().
   - scsi: hisi_sas: relocate clearing ITCT and freeing device ().
   - scsi: hisi_sas: relocate smp sg map ().
   - scsi: hisi_sas: Remove depends on HAS_DMA in case of platform dependency
     ().
   - scsi: hisi_sas: remove redundant handling to event95 for v3 ().
   - scsi: hisi_sas: remove some unneeded structure members ().
   - scsi: hisi_sas: remove unused variable hisi_sas_devices.running_req ().
   - scsi: hisi_sas: Reset disks when discovered ().
   - scsi: hisi_sas: some optimizations of host controller reset ().
   - scsi: hisi_sas: stop controller timer for reset ().
   - scsi: hisi_sas: support the property of signal attenuation for v2 hw ().
   - scsi: hisi_sas: Terminate STP reject quickly for v2 hw ().
   - scsi: hisi_sas: Try wait commands before before controller reset ().
   - scsi: hisi_sas: update PHY linkrate after a controller reset ().
   - scsi: hisi_sas: update RAS feature for later revision of v3 HW ().
   - scsi: hisi_sas: use an general way to delay PHY work ().
   - scsi: hisi_sas: Use device lock to protect slot alloc/free ().
   - scsi: hisi_sas: use dma_zalloc_coherent() ().
   - scsi: hisi_sas: workaround a v3 hw hilink bug ().
   - scsi: libsas: defer ata device eh commands to libata ().
   - scsi: lpfc: Add Buffer overflow check, when nvme_info larger than
     PAGE_SIZE (bsc#1102658).
   - scsi: lpfc: Correct LCB ACCept payload (bsc#1102658).
   - scsi: lpfc: devloss timeout race condition caused null pointer reference
     (bsc#1102658).
   - scsi: lpfc: Fix abort error path for NVMET (bsc#1102658).
   - scsi: lpfc: Fix driver crash when re-registering NVME rports
     (bsc#1102658).
   - scsi: lpfc: Fix driver not setting dpp bits correctly in doorbell word
     (bsc#1102658).
   - scsi: lpfc: Fix ELS abort on SLI-3 adapters (bsc#1102658).
   - scsi: lpfc: Fix list corruption on the completion queue (bsc#1102658).
   - scsi: lpfc: Fix NVME Target crash in defer rcv logic (bsc#1102658).
   - scsi: lpfc: Fix panic if driver unloaded when port is offline
     (bsc#1102658).
   - scsi: lpfc: Fix sysfs Speed value on CNA ports (bsc#1102658).
   - scsi: lpfc: Limit tracking of tgt queue depth in fast path (bsc#1102658).
   - scsi: lpfc: Make PBDE optimizations configurable (bsc#1102658).
   - scsi: lpfc: Remove lpfc_enable_pbde as module parameter (bsc#1102658).
   - scsi: lpfc: Revise copyright for new company language (bsc#1102658).
   - scsi: lpfc: Support duration field in Link Cable Beacon V1 command
     (bsc#1102658).
   - scsi: lpfc: update driver version to 12.0.0.5 (bsc#1102658).
   - scsi: lpfc: update driver version to 12.0.0.6 (bsc#1102658).
   - scsi: qla2xxx: Avoid double completion of abort command (git-fixes).
   - scsi: qla2xxx: Fix driver unload by shutting down chip (git-fixes).
   - scsi: qla2xxx: Fix NPIV deletion by calling wait_for_sess_deletion
     (git-fixes).
   - scsi: qla2xxx: Fix NULL pointer dereference for fcport search
     (git-fixes).
   - scsi: qla2xxx: Fix unintialized List head crash (git-fixes).
   - scsi: qla2xxx: Return error when TMF returns (git-fixes).
   - scsi: smartpqi: add in new supported controllers (bsc#1086274).
   - scsi: smartpqi: add inspur advantech ids (bsc#1086274).
   - scsi: smartpqi: bump driver version to 1.1.4-130 (bsc#1086274).
   - scsi: smartpqi: fix critical ARM issue reading PQI index registers
     (bsc#1086274).
   - scsi: smartpqi: improve error checking for sync requests (bsc#1086274).
   - scsi: smartpqi: improve handling for sync requests (bsc#1086274).
   - scsi: smartpqi: update driver version (bsc#1086274).
   - scsi: smartpqi: workaround fw bug for oq deletion (bsc#1086274).
   - sctp: fix the issue that pathmtu may be set lower than MINSEGMENT
     (git-fixes).
   - sctp: introduce sctp_dst_mtu (git-fixes).
   - soc: bcm2835: Make !RASPBERRYPI_FIRMWARE dummies return failure
     (bsc#1051510).
   - soc: bcm: raspberrypi-power: Fix use of __packed (bsc#1051510).
   - soc: imx: gpc: de-register power domains only if initialized
     (bsc#1051510).
   - soc: imx: gpc: restrict register range for regmap access (bsc#1051510).
   - soc: imx: gpcv2: correct PGC offset (bsc#1051510).
   - soc: imx: gpcv2: Do not pass static memory as platform data
     (bsc#1051510).
   - soc: imx: gpcv2: fix regulator deferred probe (bsc#1051510).
   - soc: mediatek: pwrap: fix compiler errors (bsc#1051510).
   - soc: qcom: wcnss_ctrl: Fix increment in NV upload (bsc#1051510).
   - soc: rockchip: power-domain: Fix wrong value when power up pd with
     writemask (bsc#1051510).
   - soc/tegra: Fix bad of_node_put() in powergate init (bsc#1051510).
   - soc/tegra: flowctrl: Fix error handling (bsc#1051510).
   - soc: ti: ti_sci_pm_domains: Populate name for genpd (bsc#1051510).
   - soc: zte: Restrict SOC_ZTE to ARCH_ZX or COMPILE_TEST (bsc#1051510).
   - spi: bcm2835aux: ensure interrupts are enabled for shared handler
     (bsc#1051510).
   - spi/bcm63xx-hspi: Enable the clock before calling clk_get_rate()
     (bsc#1051510).
   - spi: bcm-qspi: Always read and set BSPI_MAST_N_BOOT_CTRL (bsc#1051510).
   - spi: bcm-qspi: Avoid setting MSPI_CDRAM_PCS for spi-nor master
     (bsc#1051510).
   - spi: cadence: Add usleep_range() for cdns_spi_fill_tx_fifo()
     (bsc#1051510).
   - spi: pxa2xx: Allow 64-bit DMA (bsc#1051510).
   - spi: pxa2xx: check clk_prepare_enable() return value (bsc#1051510).
   - sr: pass down correctly sized SCSI sense buffer (git-fixes).
   - staging: ks7010: Use constants from ieee80211_eid instead of literal
     ints (bsc#1051510).
   - staging: speakup: fix wraparound in uaccess length check (bsc#1051510).
   - supported.conf: add drivers/md/dm-writecache
   - sysrq : fix Show Regs call trace on ARM (bsc#1051510).
   - thermal: exynos: fix setting rising_threshold for Exynos5433
     (bsc#1051510).
   - tty: Fix data race in tty_insert_flip_string_fixed_flag (bsc#1051510).
   - typec: tcpm: Fix a msecs vs jiffies bug (bsc#1100132).
   - udf: Detect incorrect directory size (bsc#1101891).
   - udf: Provide saner default for invalid uid / gid (bsc#1101890).
   - Update config files to add CONFIG_DM_WRITECACHE=m
   - Update
     patches.arch/KVM-PPC-Check-if-IOMMU-page-is-contained-in-the-pinn.patch
     (bsc#1077761, git-fixes, bsc#1103948, bsc#1103949).
   - usb: hub: Do not wait for connect state at resume for powered-off ports
     (bsc#1051510).
   - usbip: usbip_detach: Fix memory, udev context and udev leak
     (bsc#1051510).
   - vfs: add the sb_start_intwrite_trylock() helper (bsc#1101841).
   - virtio_balloon: fix another race between migration and ballooning
     (bsc#1051510).
   - wlcore: sdio: check for valid platform device data before suspend
     (bsc#1051510).
   - x86/apic: Ignore secondary threads if nosmt=force (bsc#1089343).
   - x86/CPU/AMD: Do not check CPUID max ext level before parsing SMP info
     (bsc#1089343).
   - x86/cpu/AMD: Evaluate smp_num_siblings early (bsc#1089343).
   - x86/CPU/AMD: Move TOPOEXT reenablement before reading smp_num_siblings
     (bsc#1089343).
   - x86/cpu/AMD: Remove the pointless detect_ht() call (bsc#1089343).
   - x86/cpu/common: Provide detect_ht_early() (bsc#1089343).
   - x86/cpu/intel: Evaluate smp_num_siblings early (bsc#1089343).
   - x86/cpu: Remove the pointless CPU printout (bsc#1089343).
   - x86/cpu/topology: Provide detect_extended_topology_early() (bsc#1089343).
   - x86/KVM/VMX: Add module argument for L1TF mitigation.
   - x86/smp: Provide topology_is_primary_thread() (bsc#1089343).
   - x86/topology: Provide topology_smt_supported() (bsc#1089343).
   - x86: Treat R_X86_64_PLT32 as R_X86_64_PC32 (binutils_2.31).
   - xfs: catch inode allocation state mismatch corruption (bsc#1104211).
   - xfs: prevent creating negative-sized file via INSERT_RANGE (bsc#1101833).


Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Workstation Extension 15:

      zypper in -t patch SUSE-SLE-Product-WE-15-2018-1614=1

   - SUSE Linux Enterprise Module for Legacy Software 15:

      zypper in -t patch SUSE-SLE-Module-Legacy-15-2018-1614=1

   - SUSE Linux Enterprise Module for Development Tools 15:

      zypper in -t patch SUSE-SLE-Module-Development-Tools-15-2018-1614=1

   - SUSE Linux Enterprise Module for Basesystem 15:

      zypper in -t patch SUSE-SLE-Module-Basesystem-15-2018-1614=1

   - SUSE Linux Enterprise High Availability 15:

      zypper in -t patch SUSE-SLE-Product-HA-15-2018-1614=1



Package List:

   - SUSE Linux Enterprise Workstation Extension 15 (x86_64):

      kernel-default-debuginfo-4.12.14-25.13.1
      kernel-default-debugsource-4.12.14-25.13.1
      kernel-default-extra-4.12.14-25.13.1
      kernel-default-extra-debuginfo-4.12.14-25.13.1

   - SUSE Linux Enterprise Module for Legacy Software 15 (aarch64 ppc64le s390x x86_64):

      kernel-default-debuginfo-4.12.14-25.13.1
      kernel-default-debugsource-4.12.14-25.13.1
      reiserfs-kmp-default-4.12.14-25.13.1
      reiserfs-kmp-default-debuginfo-4.12.14-25.13.1

   - SUSE Linux Enterprise Module for Development Tools 15 (aarch64 ppc64le s390x x86_64):

      kernel-obs-build-4.12.14-25.13.1
      kernel-obs-build-debugsource-4.12.14-25.13.1
      kernel-syms-4.12.14-25.13.1
      kernel-vanilla-base-4.12.14-25.13.1
      kernel-vanilla-base-debuginfo-4.12.14-25.13.1
      kernel-vanilla-debuginfo-4.12.14-25.13.1
      kernel-vanilla-debugsource-4.12.14-25.13.1

   - SUSE Linux Enterprise Module for Development Tools 15 (noarch):

      kernel-docs-4.12.14-25.13.1
      kernel-source-4.12.14-25.13.1

   - SUSE Linux Enterprise Module for Development Tools 15 (x86_64):

      lttng-modules-2.10.0-5.4.2
      lttng-modules-debugsource-2.10.0-5.4.2
      lttng-modules-kmp-default-2.10.0_k4.12.14_25.13-5.4.2
      lttng-modules-kmp-default-debuginfo-2.10.0_k4.12.14_25.13-5.4.2

   - SUSE Linux Enterprise Module for Basesystem 15 (aarch64 ppc64le s390x x86_64):

      kernel-default-4.12.14-25.13.1
      kernel-default-debuginfo-4.12.14-25.13.1
      kernel-default-debugsource-4.12.14-25.13.1
      kernel-default-devel-4.12.14-25.13.1
      kernel-default-devel-debuginfo-4.12.14-25.13.1

   - SUSE Linux Enterprise Module for Basesystem 15 (noarch):

      kernel-devel-4.12.14-25.13.1
      kernel-macros-4.12.14-25.13.1

   - SUSE Linux Enterprise Module for Basesystem 15 (s390x):

      kernel-default-man-4.12.14-25.13.1
      kernel-zfcpdump-4.12.14-25.13.1
      kernel-zfcpdump-debuginfo-4.12.14-25.13.1
      kernel-zfcpdump-debugsource-4.12.14-25.13.1

   - SUSE Linux Enterprise High Availability 15 (aarch64 ppc64le s390x x86_64):

      cluster-md-kmp-default-4.12.14-25.13.1
      cluster-md-kmp-default-debuginfo-4.12.14-25.13.1
      dlm-kmp-default-4.12.14-25.13.1
      dlm-kmp-default-debuginfo-4.12.14-25.13.1
      gfs2-kmp-default-4.12.14-25.13.1
      gfs2-kmp-default-debuginfo-4.12.14-25.13.1
      kernel-default-debuginfo-4.12.14-25.13.1
      kernel-default-debugsource-4.12.14-25.13.1
      ocfs2-kmp-default-4.12.14-25.13.1
      ocfs2-kmp-default-debuginfo-4.12.14-25.13.1


References:

   https://www.suse.com/security/cve/CVE-2018-10876.html
   https://www.suse.com/security/cve/CVE-2018-10877.html
   https://www.suse.com/security/cve/CVE-2018-10878.html
   https://www.suse.com/security/cve/CVE-2018-10879.html
   https://www.suse.com/security/cve/CVE-2018-10880.html
   https://www.suse.com/security/cve/CVE-2018-10881.html
   https://www.suse.com/security/cve/CVE-2018-10882.html
   https://www.suse.com/security/cve/CVE-2018-10883.html
   https://www.suse.com/security/cve/CVE-2018-3620.html
   https://www.suse.com/security/cve/CVE-2018-3646.html
   https://www.suse.com/security/cve/CVE-2018-5391.html
   https://bugzilla.suse.com/1051510
   https://bugzilla.suse.com/1051979
   https://bugzilla.suse.com/1066110
   https://bugzilla.suse.com/1077761
   https://bugzilla.suse.com/1086274
   https://bugzilla.suse.com/1086314
   https://bugzilla.suse.com/1087081
   https://bugzilla.suse.com/1089343
   https://bugzilla.suse.com/1099811
   https://bugzilla.suse.com/1099813
   https://bugzilla.suse.com/1099844
   https://bugzilla.suse.com/1099845
   https://bugzilla.suse.com/1099846
   https://bugzilla.suse.com/1099849
   https://bugzilla.suse.com/1099858
   https://bugzilla.suse.com/1099863
   https://bugzilla.suse.com/1099864
   https://bugzilla.suse.com/1100132
   https://bugzilla.suse.com/1101116
   https://bugzilla.suse.com/1101331
   https://bugzilla.suse.com/1101669
   https://bugzilla.suse.com/1101828
   https://bugzilla.suse.com/1101832
   https://bugzilla.suse.com/1101833
   https://bugzilla.suse.com/1101837
   https://bugzilla.suse.com/1101839
   https://bugzilla.suse.com/1101841
   https://bugzilla.suse.com/1101843
   https://bugzilla.suse.com/1101844
   https://bugzilla.suse.com/1101845
   https://bugzilla.suse.com/1101847
   https://bugzilla.suse.com/1101852
   https://bugzilla.suse.com/1101853
   https://bugzilla.suse.com/1101867
   https://bugzilla.suse.com/1101872
   https://bugzilla.suse.com/1101874
   https://bugzilla.suse.com/1101875
   https://bugzilla.suse.com/1101882
   https://bugzilla.suse.com/1101883
   https://bugzilla.suse.com/1101885
   https://bugzilla.suse.com/1101887
   https://bugzilla.suse.com/1101890
   https://bugzilla.suse.com/1101891
   https://bugzilla.suse.com/1101893
   https://bugzilla.suse.com/1101895
   https://bugzilla.suse.com/1101896
   https://bugzilla.suse.com/1101900
   https://bugzilla.suse.com/1101902
   https://bugzilla.suse.com/1101903
   https://bugzilla.suse.com/1102633
   https://bugzilla.suse.com/1102658
   https://bugzilla.suse.com/1103097
   https://bugzilla.suse.com/1103356
   https://bugzilla.suse.com/1103421
   https://bugzilla.suse.com/1103517
   https://bugzilla.suse.com/1103723
   https://bugzilla.suse.com/1103724
   https://bugzilla.suse.com/1103725
   https://bugzilla.suse.com/1103726
   https://bugzilla.suse.com/1103727
   https://bugzilla.suse.com/1103728
   https://bugzilla.suse.com/1103729
   https://bugzilla.suse.com/1103730
   https://bugzilla.suse.com/1103917
   https://bugzilla.suse.com/1103920
   https://bugzilla.suse.com/1103948
   https://bugzilla.suse.com/1103949
   https://bugzilla.suse.com/1104066
   https://bugzilla.suse.com/1104111
   https://bugzilla.suse.com/1104174
   https://bugzilla.suse.com/1104211
   https://bugzilla.suse.com/1104319

_______________________________________________


=============================================================================
   SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID:    SUSE-SU-2018:2374-1
Rating:             important
References:         #1012382 #1023711 #1064232 #1076110 #1078216 
                    #1082653 #1082979 #1085042 #1085536 #1085657 
                    #1087081 #1087659 #1089343 #1089525 #1090123 
                    #1090340 #1090435 #1090888 #1091107 #1092001 
                    #1092207 #1093777 #1094120 #1094244 #1095453 
                    #1095643 #1096790 #1096978 #1097034 #1097501 
                    #1097771 #1098599 #1099306 #1099713 #1099792 
                    #1099810 #1099858 #1099918 #1099966 #1099993 
                    #1100089 #1100132 #1100340 #1100843 #1100930 
                    #1101296 #1101331 #1101658 #1101789 #1102188 
                    #1102197 #1102203 #1102205 #1102207 #1102211 
                    #1102214 #1102215 #1102340 #1102394 #1102683 
                    #1102851 #1103097 #1103119 #1103580 #1103717 
                    #1103745 #1103884 #1104174 #997935 
Cross-References:   CVE-2017-18344 CVE-2018-14734 CVE-2018-3620
                    CVE-2018-3646 CVE-2018-5390 CVE-2018-5391
                   
Affected Products:
                    SUSE Linux Enterprise Software Development Kit 12-SP3
                    SUSE Linux Enterprise Server 12-SP3
______________________________________________________________________________

   An update that solves 6 vulnerabilities and has 63 fixes is
   now available.

Description:



   The SUSE Linux Enterprise 12 SP3 Azure kernel was updated to 4.4.143 to
   receive various security and bugfixes.

   The following security bugs were fixed:

   - CVE-2018-3620: Local attackers on baremetal systems could use
     speculative code patterns on hyperthreaded processors to read data
     present in the L1 Datacache used by other hyperthreads on the same CPU
     core, potentially leaking sensitive data. (bnc#1087081).
   - CVE-2018-3646: Local attackers in virtualized guest systems could use
     speculative code patterns on hyperthreaded processors to read data
     present in the L1 Datacache used by other hyperthreads on the same CPU
     core, potentially leaking sensitive data, even from other virtual
     machines or the host system. (bnc#1089343).
   - CVE-2018-5391: A flaw in the IP packet reassembly could be used by
     remote attackers to consume CPU time (bnc#1103097).
   - CVE-2018-5390: Linux kernel versions 4.9+ can be forced to make very
     expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue()
     for every incoming packet which can lead to a denial of service
     (bnc#1102340).
   - CVE-2018-14734: drivers/infiniband/core/ucma.c allowed
     ucma_leave_multicast to access a certain data structure after a cleanup
     step in ucma_process_join, which allowed attackers to cause a denial of
     service (use-after-free) (bnc#1103119).
   - CVE-2017-18344: The timer_create syscall implementation in
     kernel/time/posix-timers.c didn't properly validate the
     sigevent->sigev_notify field, which leads to out-of-bounds access in the
     show_timer function (called when /proc/$PID/timers is read). This
     allowed userspace applications to read arbitrary kernel memory (on a
     kernel built with CONFIG_POSIX_TIMERS and CONFIG_CHECKPOINT_RESTORE)
     (bnc#1102851 1103580).

   The following non-security bugs were fixed:

   - 1wire: family module autoload fails because of upper/lower case mismatch
     (bnc#1012382).
   - Add support for 5,25,50, and 100G to 802.3ad bonding driver (bsc#1096978)
   - ahci: Disable LPM on Lenovo 50 series laptops with a too old BIOS
     (bnc#1012382).
   - alsa: hda - Fix pincfg at resume on Lenovo T470 dock (bsc#1099810).
   - alsa: hda - Handle kzalloc() failure in snd_hda_attach_pcm_stream()
     (bnc#1012382).
   - alsa: hda/realtek - set PINCFG_HEADSET_MIC to parse_flags (bsc#1099810).
   - arm64: do not open code page table entry creation (bsc#1102197).
   - arm64: kpti: Use early_param for kpti= command-line option (bsc#1102188).
   - arm64: Make sure permission updates happen for pmd/pud (bsc#1102197).
   - arm: 8764/1: kgdb: fix NUMREGBYTES so that gdb_regs[] is the correct
     size (bnc#1012382).
   - arm: dts: imx6q: Use correct SDMA script for SPI5 core (bnc#1012382).
   - ASoC: cirrus: i2s: Fix LRCLK configuration (bnc#1012382).
   - ASoC: cirrus: i2s: Fix {TX|RX}LinCtrlData setup (bnc#1012382).
   - ASoC: dapm: delete dapm_kcontrol_data paths list before freeing it
     (bnc#1012382).
   - ath10k: fix rfc1042 header retrieval in QCA4019 with eth decap mode
     (bnc#1012382).
   - atm: zatm: fix memcmp casting (bnc#1012382).
   - atm: zatm: Fix potential Spectre v1 (bnc#1012382).
   - backlight: as3711_bl: Fix Device Tree node lookup (bnc#1012382).
   - backlight: max8925_bl: Fix Device Tree node lookup (bnc#1012382).
   - backlight: tps65217_bl: Fix Device Tree node lookup (bnc#1012382).
   - bcache: add backing_request_endio() for bi_end_io (bsc#1064232).
   - bcache: add CACHE_SET_IO_DISABLE to struct cache_set flags (bsc#1064232).
   - bcache: add io_disable to struct cached_dev (bsc#1064232).
   - bcache: add journal statistic (bsc#1076110).
   - bcache: Add __printf annotation to __bch_check_keys() (bsc#1064232).
   - bcache: add stop_when_cache_set_failed option to backing device
     (bsc#1064232).
   - bcache: add wait_for_kthread_stop() in bch_allocator_thread()
     (bsc#1064232).
   - bcache: Annotate switch fall-through (bsc#1064232).
   - bcache: closures: move control bits one bit right (bsc#1076110).
   - bcache: correct flash only vols (check all uuids) (bsc#1064232).
   - bcache: count backing device I/O error for writeback I/O (bsc#1064232).
   - bcache: Fix a compiler warning in bcache_device_init() (bsc#1064232).
   - bcache: fix cached_dev->count usage for bch_cache_set_error()
     (bsc#1064232).
   - bcache: fix crashes in duplicate cache device register (bsc#1076110).
   - bcache: fix error return value in memory shrink (bsc#1064232).
   - bcache: fix high CPU occupancy during journal (bsc#1076110).
   - bcache: Fix, improve efficiency of closure_sync() (bsc#1076110).
   - bcache: fix inaccurate io state for detached bcache devices
     (bsc#1064232).
   - bcache: fix incorrect sysfs output value of strip size (bsc#1064232).
   - bcache: Fix indentation (bsc#1064232).
   - bcache: Fix kernel-doc warnings (bsc#1064232).
   - bcache: fix misleading error message in bch_count_io_errors()
     (bsc#1064232).
   - bcache: fix using of loop variable in memory shrink (bsc#1064232).
   - bcache: fix writeback target calc on large devices (bsc#1076110).
   - bcache: fix wrong return value in bch_debug_init() (bsc#1076110).
   - bcache: mark closure_sync() __sched (bsc#1076110).
   - bcache: move closure debug file into debug directory (bsc#1064232).
   - bcache: reduce cache_set devices iteration by devices_max_used
     (bsc#1064232).
   - bcache: Reduce the number of sparse complaints about lock imbalances
     (bsc#1064232).
   - bcache: Remove an unused variable (bsc#1064232).
   - bcache: ret IOERR when read meets metadata error (bsc#1076110).
   - bcache: return 0 from bch_debug_init() if CONFIG_DEBUG_FS=n
     (bsc#1064232).
   - bcache: set CACHE_SET_IO_DISABLE in bch_cached_dev_error() (bsc#1064232).
   - bcache: set dc->io_disable to true in conditional_stop_bcache_device()
     (bsc#1064232).
   - bcache: set error_limit correctly (bsc#1064232).
   - bcache: set writeback_rate_update_seconds in range [1, 60] seconds
     (bsc#1064232).
   - bcache: stop bcache device when backing device is offline (bsc#1064232).
   - bcache: stop dc->writeback_rate_update properly (bsc#1064232).
   - bcache: stop writeback thread after detaching (bsc#1076110).
   - bcache: store disk name in struct cache and struct cached_dev
     (bsc#1064232).
   - bcache: Suppress more warnings about set-but-not-used variables
     (bsc#1064232).
   - bcache: use pr_info() to inform duplicated CACHE_SET_IO_DISABLE set
     (bsc#1064232).
   - bcache: Use PTR_ERR_OR_ZERO() (bsc#1076110).
   - bcm63xx_enet: correct clock usage (bnc#1012382).
   - bcm63xx_enet: do not write to random DMA channel on BCM6345
     (bnc#1012382).
   - blkcg: simplify statistic accumulation code (bsc#1082979).
   - block: copy ioprio in __bio_clone_fast() (bsc#1082653).
   - block: Fix transfer when chunk sectors exceeds max (bnc#1012382).
   - block/swim: Fix array bounds check (bsc#1082979).
   - bluetooth: Fix connection if directed advertising and privacy is used
     (bnc#1012382).
   - bluetooth: hci_qca: Avoid missing rampatch failure with userspace fw
     loader (bnc#1012382).
   - bonding: re-evaluate force_primary when the primary slave name changes
     (bnc#1012382).
   - bpf: fix loading of BPF_MAXINSNS sized programs (bsc#1012382).
   - bpf, x64: fix memleak when not converging after image (bsc#1012382).
   - btrfs: fix clone vs chattr NODATASUM race (bnc#1012382).
   - btrfs: fix unexpected cow in run_delalloc_nocow (bnc#1012382).
   - btrfs: make raid6 rebuild retry more (bnc#1012382).
   - btrfs: scrub: Do not use inode pages for device replace (bnc#1012382).
   - cachefiles: Fix missing clear of the CACHEFILES_OBJECT_ACTIVE flag
     (bsc#1099858).
   - cachefiles: Fix refcounting bug in backing-file read monitoring
     (bsc#1099858).
   - cachefiles: Wait rather than BUG'ing on "Unexpected object collision"
     (bsc#1099858).
   - cdc_ncm: avoid padding beyond end of skb (bnc#1012382).
   - cifs: fix bad/NULL ptr dereferencing in SMB2_sess_setup() (bsc#1090123).
   - cifs: Fix infinite loop when using hard mount option (bnc#1012382).
   - compiler, clang: always inline when CONFIG_OPTIMIZE_INLINING is disabled
     (bnc#1012382).
   - compiler, clang: properly override 'inline' for clang (bnc#1012382).
   - compiler, clang: suppress warning for unused static inline functions
     (bnc#1012382).
   - compiler-gcc.h: Add __attribute__((gnu_inline)) to all inline
     declarations (bnc#1012382).
   - CONFIG_HOTPLUG_SMT=y
   - cpufreq: Fix new policy initialization during limits updates via sysfs
     (bnc#1012382).
   - cpu/hotplug: Add sysfs state interface (bsc#1089343).
   - cpu/hotplug: Provide knobs to control SMT (bsc#1089343).
   - cpu/hotplug: Split do_cpu_down() (bsc#1089343).
   - cpuidle: powernv: Fix promotion from snooze if next state disabled
     (bnc#1012382).
   - crypto: crypto4xx - fix crypto4xx_build_pdr, crypto4xx_build_sdr leak
     (bnc#1012382).
   - crypto: crypto4xx - remove bad list_del (bnc#1012382).
   - dm: convert DM printk macros to pr_<level> macros (bsc#1099918).
   - dm: fix printk() rate limiting code (bsc#1099918).
   - dm thin: handle running out of data space vs concurrent discard
     (bnc#1012382).
   - dm thin metadata: remove needless work from __commit_transaction
     (bsc#1082979).
   - drbd: fix access after free (bnc#1012382).
   - driver core: Do not ignore class_dir_create_and_add() failure
     (bnc#1012382).
   - drm/msm: Fix possible null dereference on failure of get_pages()
     (bsc#1102394).
   - drm: re-enable error handling (bsc#1103884).
   - esp6: fix memleak on error path in esp6_input (git-fixes).
   - ext4: add more inode number paranoia checks (bnc#1012382).
   - ext4: add more mount time checks of the superblock (bnc#1012382).
   - ext4: always check block group bounds in ext4_init_block_bitmap()
     (bnc#1012382).
   - ext4: check superblock mapped prior to committing (bnc#1012382).
   - ext4: clear i_data in ext4_inode_info when removing inline data
     (bnc#1012382).
   - ext4: fix fencepost error in check for inode count overflow during
     resize (bnc#1012382).
   - ext4: include the illegal physical block in the bad map ext4_error msg
     (bnc#1012382).
   - ext4: make sure bitmaps and the inode table do not overlap with bg
     descriptors (bnc#1012382).
   - ext4: only look at the bg_flags field if it is valid (bnc#1012382).
   - ext4: update mtime in ext4_punch_hole even if no blocks are released
     (bnc#1012382).
   - ext4: verify the depth of extent tree in ext4_find_extent()
     (bnc#1012382).
   - fscache: Allow cancelled operations to be enqueued (bsc#1099858).
   - fscache: Fix reference overput in fscache_attach_object() error handling
     (bsc#1099858).
   - fuse: atomic_o_trunc should truncate pagecache (bnc#1012382).
   - fuse: do not keep dead fuse_conn at fuse_fill_super() (bnc#1012382).
   - fuse: fix control dir setup and teardown (bnc#1012382).
   - genirq: Make force irq threading setup more robust (bsc#1082979).
   - hid: debug: check length before copy_to_user() (bnc#1012382).
   - hid: hiddev: fix potential Spectre v1 (bnc#1012382).
   - hid: i2c-hid: Fix "incomplete report" noise (bnc#1012382).
   - hid: usbhid: add quirk for innomedia INNEX GENESIS/ATARI adapter
     (bnc#1012382).
   - i2c: rcar: fix resume by always initializing registers before transfer
     (bnc#1012382).
   - ib/isert: fix T10-pi check mask setting (bsc#1082979).
   - ibmasm: do not write out of bounds in read handler (bnc#1012382).
   - ibmvnic: Fix error recovery on login failure (bsc#1101789).
   - ibmvnic: Remove code to request error information (bsc#1104174).
   - ibmvnic: Revise RX/TX queue error messages (bsc#1101331).
   - ibmvnic: Update firmware error reporting with cause string (bsc#1104174).
   - ib/qib: Fix DMA api warning with debug kernel (bnc#1012382).
   - iio:buffer: make length types match kfifo types (bnc#1012382).
   - input: elan_i2c - add ELAN0618 (Lenovo v330 15IKB) ACPI ID (bnc#1012382).
   - input: elan_i2c_smbus - fix more potential stack buffer overflows
     (bnc#1012382).
   - input: elantech - enable middle button of touchpads on ThinkPad P52
     (bnc#1012382).
   - input: elantech - fix V4 report decoding for module with middle key
     (bnc#1012382).
   - iommu/vt-d: Fix race condition in add_unmap() (bsc#1096790, bsc#1097034).
   - ipmi:bt: Set the timeout before doing a capabilities check (bnc#1012382).
   - ipv4: Fix error return value in fib_convert_metrics() (bnc#1012382).
   - ipvs: fix buffer overflow with sync daemon and service (bnc#1012382).
   - iw_cxgb4: correctly enforce the max reg_mr depth (bnc#1012382).
   - jbd2: do not mark block as modified if the handle is out of credits
     (bnc#1012382).
   - kabi protect net/core/utils.c includes (bsc#1095643).
   - kABI: protect struct loop_device (kabi).
   - kABI: reintroduce __static_cpu_has_safe (kabi).
   - kabi/severities: add 'drivers/md/bcache/* PASS' since no one uses
     symboles expoted by bcache.
   - kbuild: fix # escaping in .cmd files for future Make (bnc#1012382).
   - keys: DNS: fix parsing multiple options (bnc#1012382).
   - kmod: fix wait on recursive loop (bsc#1099792).
   - kmod: reduce atomic operations on kmod_concurrent and simplify
     (bsc#1099792).
   - kmod: throttle kmod thread limit (bsc#1099792).
   - kprobes/x86: Do not modify singlestep buffer while resuming
     (bnc#1012382).
   - kvm: arm/arm64: Drop resource size check for GICV window (bsc#1102215).
   - kvm: arm/arm64: Set dist->spis to NULL after kfree (bsc#1102214).
   - libata: do not try to pass through NCQ commands to non-NCQ devices
     (bsc#1082979).
   - libata: Drop SanDisk SD7UB3Q*G1001 NOLPM quirk (bnc#1012382).
   - libata: zpodd: make arrays cdb static, reduces object code size
     (bnc#1012382).
   - libata: zpodd: small read overflow in eject_tray() (bnc#1012382).
   - lib/vsprintf: Remove atomic-unsafe support for %pCr (bnc#1012382).
   - linvdimm, pmem: Preserve read-only setting for pmem devices
     (bnc#1012382).
   - loop: add recursion validation to LOOP_CHANGE_FD (bnc#1012382).
   - loop: remember whether sysfs_create_group() was done (bnc#1012382).
   - m68k/mm: Adjust VM area to be unmapped by gap size for __iounmap()
     (bnc#1012382).
   - media: cx231xx: Add support for AverMedia DVD EZMaker 7 (bnc#1012382).
   - media: cx25840: Use subdev host data for PLL override (bnc#1012382).
   - media: dvb_frontend: fix locking issues at dvb_frontend_get_event()
     (bnc#1012382).
   - media: smiapp: fix timeout checking in smiapp_read_nvm (bsc#1099918).
   - media: v4l2-compat-ioctl32: prevent go past max size (bnc#1012382).
   - mfd: intel-lpss: Program REMAP register in PIO mode (bnc#1012382).
   - mips: ftrace: fix static function graph tracing (bnc#1012382).
   - mmc: dw_mmc: fix card threshold control configuration (bsc#1102203).
   - mm: check VMA flags to avoid invalid PROT_NONE NUMA balancing
     (bsc#1097771).
   - mm: hugetlb: yield when prepping struct pages (bnc#1012382).
   - mtd: cfi_cmdset_0002: Avoid walking all chips when unlocking
     (bnc#1012382).
   - mtd: cfi_cmdset_0002: Change definition naming to retry write operation
     (bnc#1012382).
   - mtd: cfi_cmdset_0002: Change erase functions to check chip good only
     (bnc#1012382).
   - mtd: cfi_cmdset_0002: Change erase functions to retry for error
     (bnc#1012382).
   - mtd: cfi_cmdset_0002: Change write buffer to check correct value
     (bnc#1012382).
   - mtd: cfi_cmdset_0002: fix SEGV unlocking multiple chips (bnc#1012382).
   - mtd: cfi_cmdset_0002: Fix unlocking requests crossing a chip boudary
     (bnc#1012382).
   - mtd: cfi_cmdset_0002: Use right chip in do_ppb_xxlock() (bnc#1012382).
   - mtd: cmdlinepart: Update comment for introduction of OFFSET_CONTINUOUS
     (bsc#1099918).
   - mtd: partitions: add helper for deleting partition (bsc#1099918).
   - mtd: partitions: remove sysfs files when deleting all master's
     partitions (bsc#1099918).
   - mtd: rawnand: mxc: set spare area size register explicitly (bnc#1012382).
   - net: cxgb3_main: fix potential Spectre v1 (bnc#1012382).
   - net: dccp: avoid crash in ccid3_hc_rx_send_feedback() (bnc#1012382).
   - net: dccp: switch rx_tstamp_last_feedback to monotonic clock
     (bnc#1012382).
   - netfilter: ebtables: handle string from userspace with care
     (bnc#1012382).
   - netfilter: ebtables: reject non-bridge targets (bnc#1012382).
   - netfilter: nf_log: do not hold nf_log_mutex during user access
     (bnc#1012382).
   - netfilter: nf_queue: augment nfqa_cfg_policy (bnc#1012382).
   - netfilter: nf_tables: use WARN_ON_ONCE instead of BUG_ON in
     nft_do_chain() (bnc#1012382).
   - netfilter: x_tables: initialise match/target check parameter struct
     (bnc#1012382).
   - net/mlx5: Fix command interface race in polling mode (bnc#1012382).
   - net/mlx5: Fix incorrect raw command length parsing (bnc#1012382).
   - net: mvneta: fix the Rx desc DMA address in the Rx path (bsc#1102207).
   - net/nfc: Avoid stalls when nfc_alloc_send_skb() returned NULL
     (bnc#1012382).
   - net: off by one in inet6_pton() (bsc#1095643).
   - net: phy: marvell: Use strlcpy() for ethtool::get_strings (bsc#1102205).
   - net: qmi_wwan: Add Netgear Aircard 779S (bnc#1012382).
   - net_sched: blackhole: tell upper qdisc about dropped packets
     (bnc#1012382).
   - net/sonic: Use dma_mapping_error() (bnc#1012382).
   - net: sungem: fix rx checksum support (bnc#1012382).
   - net/utils: generic inet_pton_with_scope helper (bsc#1095643).
   - nfsd: restrict rd_maxcount to svc_max_payload in nfsd_encode_readdir
     (bnc#1012382).
   - NFSv4: Fix possible 1-byte stack overflow in
     nfs_idmap_read_and_verify_message (bnc#1012382).
   - n_tty: Access echo_* variables carefully (bnc#1012382).
   - n_tty: Fix stall at n_tty_receive_char_special() (bnc#1012382).
   - null_blk: use sector_div instead of do_div (bsc#1082979).
   - nvme-pci: initialize queue memory before interrupts (bnc#1012382).
   - nvme-rdma: Check remotely invalidated rkey matches our expected rkey
     (bsc#1092001).
   - nvme-rdma: default MR page size to 4k (bsc#1092001).
   - nvme-rdma: do not complete requests before a send work request has
     completed (bsc#1092001).
   - nvme-rdma: do not suppress send completions (bsc#1092001).
   - nvme-rdma: Fix command completion race at error recovery (bsc#1090435).
   - nvme-rdma: make nvme_rdma_[create|destroy]_queue_ib symmetrical
     (bsc#1092001).
   - nvme-rdma: use inet_pton_with_scope helper (bsc#1095643).
   - nvme-rdma: Use mr pool (bsc#1092001).
   - nvme-rdma: wait for local invalidation before completing a request
     (bsc#1092001).
   - ocfs2: subsystem.su_mutex is required while accessing the
     item->ci_parent (bnc#1012382).
   - of: unittest: for strings, account for trailing \0 in property length
     field (bnc#1012382).
   - ovl: fix random return value on mount (bsc#1099993).
   - ovl: fix uid/gid when creating over whiteout (bsc#1099993).
   - ovl: override creds with the ones from the superblock mounter
     (bsc#1099993).
   - pci: ibmphp: Fix use-before-set in get_max_bus_speed() (bsc#1100132).
   - pci: pciehp: Clear Presence Detect and Data Link Layer Status Changed on
     resume (bnc#1012382).
   - perf intel-pt: Fix decoding to accept CBR between FUP and corresponding
     TIP (bnc#1012382).
   - perf intel-pt: Fix MTC timing after overflow (bnc#1012382).
   - perf intel-pt: Fix packet decoding of CYC packets (bnc#1012382).
   - perf intel-pt: Fix sync_switch INTEL_PT_SS_NOT_TRACING (bnc#1012382).
   - perf intel-pt: Fix "Unexpected indirect branch" error (bnc#1012382).
   - perf tools: Fix symbol and object code resolution for vdso32 and vdsox32
     (bnc#1012382).
   - perf tools: Move syscall number fallbacks from perf-sys.h to
     tools/arch/x86/include/asm/ (bnc#1012382).
   - PM / hibernate: Fix oops at snapshot_write() (bnc#1012382).
   - powerpc/64: Initialise thread_info for emergency stacks (bsc#1094244,
     bsc#1100930, bsc#1102683).
   - powerpc/64s: Exception macro for stack frame and initial register save
     (bsc#1094244).
   - powerpc/64s: Fix mce accounting for powernv (bsc#1094244).
   - powerpc/fadump: Unregister fadump on kexec down path (bnc#1012382).
   - powerpc: Machine check interrupt is a non-maskable interrupt
     (bsc#1094244).
   - powerpc/mm/hash: Add missing isync prior to kernel stack SLB switch
     (bnc#1012382).
   - powerpc/ptrace: Fix enforcement of DAWR constraints (bnc#1012382).
   - powerpc/ptrace: Fix setting 512B aligned breakpoints with
     PTRACE_SET_DEBUGREG (bnc#1012382).
   - qed: Limit msix vectors in kdump kernel to the minimum required count
     (bnc#1012382).
   - qla2xxx: Fix inconsistent DMA mem alloc/free (bsc#1085657).
   - qla2xxx: Fix kernel crash due to late workqueue allocation (bsc#1085657).
   - qla2xxx: Fix NULL pointer derefrence for fcport search (bsc#1085657).
   - r8152: napi hangup fix after disconnect (bnc#1012382).
   - RDMA/mlx4: Discard unknown SQP work requests (bnc#1012382).
   - RDMA/ocrdma: Fix an error code in ocrdma_alloc_pd() (bsc#1082979).
   - RDMA/ocrdma: Fix error codes in ocrdma_create_srq() (bsc#1082979).
   - RDMA/ucm: Mark UCM interface as BROKEN (bnc#1012382).
   - rds: avoid unenecessary cong_update in loop transport (bnc#1012382).
   - restore cond_resched() in shrink_dcache_parent() (bsc#1098599).
   - Revert 'block-cancel-workqueue-entries-on-blk_mq_freeze_queue'
     (bsc#1103717
   - Revert "Btrfs: fix scrub to repair raid6 corruption" (bnc#1012382).
   - Revert "sit: reload iphdr in ipip6_rcv" (bnc#1012382).
   - Revert "x86/cpufeature: Move some of the scattered feature bits to
     x86_capability" (kabi).
   - Revert "x86/cpu: Probe CPUID leaf 6 even when cpuid_level == 6" (kabi).
   - rmdir(),rename(): do shrink_dcache_parent() only on success
     (bsc#1100340).
   - rpm/config.sh: Add support for non-default upstream URL Currently the
     scripts assume Linus' tree as the upstream URL where to pull things
     from. One may want to package test kernels from other upstream repos.
     Add support to add an URL to config.sh.
   - rtlwifi: rtl8821ae: fix firmware is not ready to run (bnc#1012382).
   - run_oldconfig.sh: Add --olddefconfig as an alias to --yes On later
     kernels there is the make target 'olddefconfig'. This is equvalent to
     what the '--yes' option does. Therefore, add the option '--olddefconfig'
     as an alias.
   - s390: Correct register corruption in critical section cleanup
     (bnc#1012382).
   - s390/qeth: fix error handling in adapter command callbacks (bnc#1103745,
     LTC#169699).
   - sched/smt: Update sched_smt_present at runtime (bsc#1089343).
   - sched/sysctl: Check user input value of sysctl_sched_time_avg
     (bsc#1100089).
   - scsi: lpfc: Change IO submit return to EBUSY if remote port is
     recovering (bsc#1092207).
   - scsi: lpfc: correct oversubscription of nvme io requests for an adapter
     (bsc#1095453).
   - scsi: lpfc: Driver NVME load fails when CPU cnt > WQ resource cnt
     (bsc#1092207).
   - scsi: lpfc: Fix 16gb hbas failing cq create (bsc#1089525).
   - scsi: lpfc: Fix 16gb hbas failing cq create (bsc#1095453).
   - scsi: lpfc: Fix crash in blk_mq layer when executing modprobe -r lpfc
     (bsc#1095453).
   - scsi: lpfc: Fix MDS diagnostics failure (Rx < Tx) (bsc#1095453).
   - scsi: lpfc: Fix port initialization failure (bsc#1095453).
   - scsi: lpfc: Fix up log messages and stats counters in IO submit code
     path (bsc#1092207).
   - scsi: lpfc: Handle new link fault code returned by adapter firmware
     (bsc#1092207).
   - scsi: lpfc: update driver version to 11.4.0.7-3 (bsc#1092207).
   - scsi: lpfc: update driver version to 11.4.0.7-4 (bsc#1095453).
   - scsi: qla2xxx: Fix setting lower transfer speed if GPSC fails
     (bnc#1012382).
   - scsi: qla2xxx: Spinlock recursion in qla_target (bsc#1097501)
   - scsi: qlogicpti: Fix an error handling path in 'qpti_sbus_probe()'
     (bsc#1082979).
   - scsi: sg: fix minor memory leak in error path (bsc#1082979).
   - scsi: sg: mitigate read/write abuse (bsc#1101296).
   - scsi: target: fix crash with iscsi target and dvd (bsc#1082979).
   - scsi: zfcp: fix misleading REC trigger trace where erp_action setup
     failed (LTC#168765 bnc#1012382 bnc#1099713).
   - scsi: zfcp: fix missing REC trigger trace for all objects in ERP_FAILED
     (LTC#168765 bnc#1012382 bnc#1099713).
   - scsi: zfcp: fix missing REC trigger trace on enqueue without ERP thread
     (LTC#168765 bnc#1012382 bnc#1099713).
   - scsi: zfcp: fix missing REC trigger trace on terminate_rport_io early
     return (LTC#168765 bnc#1012382 bnc#1099713).
   - scsi: zfcp: fix missing REC trigger trace on terminate_rport_io for
     ERP_FAILED (LTC#168765 bnc#1012382 bnc#1099713).
   - scsi: zfcp: fix missing SCSI trace for result of eh_host_reset_handler
     (LTC#168765 bnc#1012382 bnc#1099713).
   - scsi: zfcp: fix missing SCSI trace for retry of abort / scsi_eh TMF
     (LTC#168765 bnc#1012382 bnc#1099713).
   - serial: sh-sci: Use spin_{try}lock_irqsave instead of open coding
     version (bnc#1012382).
   - signal/xtensa: Consistenly use SIGBUS in do_unaligned_user (bnc#1012382).
   - smsc75xx: Add workaround for gigabit link up hardware errata
     (bsc#1100132).
   - smsc95xx: Configure pause time to 0xffff when tx flow control enabled
     (bsc#1085536).
   - spi: Fix scatterlist elements size in spi_map_buf (bnc#1012382).
   - staging: android: ion: Return an ERR_PTR in ion_map_kernel (bnc#1012382).
   - staging: comedi: quatech_daqp_cs: fix no-op loop daqp_ao_insn_write()
     (bnc#1012382).
   - tcp: do not overshoot window_clamp in tcp_rcv_space_adjust()
     (bnc#1012382).
   - tcp: fix Fast Open key endianness (bnc#1012382).
   - tcp: prevent bogus FRTO undos with non-SACK flows (bnc#1012382).
   - tcp: verify the checksum of the first data segment in a new connection
     (bnc#1012382).
   - time: Make sure jiffies_to_msecs() preserves non-zero time periods
     (bnc#1012382).
   - tracing: Fix missing return symbol in function_graph output
     (bnc#1012382).
   - ubi: fastmap: Cancel work upon detach (bnc#1012382).
   - ubi: fastmap: Correctly handle interrupted erasures in EBA (bnc#1012382).
   - ubifs: Fix potential integer overflow in allocation (bnc#1012382).
   - udf: Detect incorrect directory size (bnc#1012382).
   - Update config files. CONFIG_X86_FAST_FEATURE_TESTS=y
   - uprobes/x86: Remove incorrect WARN_ON() in uprobe_init_insn()
     (bnc#1012382).
   - usb: cdc_acm: Add quirk for Uniden UBC125 scanner (bnc#1012382).
   - usb: core: handle hub C_PORT_OVER_CURRENT condition (bsc#1100132).
   - usb: do not reset if a low-speed or full-speed device timed out
     (bnc#1012382).
   - usb: musb: fix remote wakeup racing with suspend (bnc#1012382).
   - usb: quirks: add delay quirks for Corsair Strafe (bnc#1012382).
   - usb: serial: ch341: fix type promotion bug in ch341_control_in()
     (bnc#1012382).
   - usb: serial: cp210x: add another USB ID for Qivicon ZigBee stick
     (bnc#1012382).
   - usb: serial: cp210x: add CESINEL device ids (bnc#1012382).
   - usb: serial: cp210x: add Silicon Labs IDs for Windows Update
     (bnc#1012382).
   - usb: serial: keyspan_pda: fix modem-status error handling (bnc#1012382).
   - usb: serial: mos7840: fix status-register error handling (bnc#1012382).
   - usb: yurex: fix out-of-bounds uaccess in read handler (bnc#1012382).
   - vfio: platform: Fix reset module leak in error path (bsc#1102211).
   - vhost_net: validate sock before trying to put its fd (bnc#1012382).
   - video/fbdev/stifb: Return -ENOMEM after a failed kzalloc() in
     stifb_init_fb() (bsc#1090888 bsc#1099966).
   - video: uvesafb: Fix integer overflow in allocation (bnc#1012382).
   - vmw_balloon: fix inflation with batching (bnc#1012382).
   - w1: mxc_w1: Enable clock before calling clk_get_rate() on it
     (bnc#1012382).
   - wait: add wait_event_killable_timeout() (bsc#1099792).
   - watchdog: da9063: Fix setting/changing timeout (bsc#1100843).
   - watchdog: da9063: Fix timeout handling during probe (bsc#1100843).
   - watchdog: da9063: Fix updating timeout value (bsc#1100843).
   - x86/alternatives: Add an auxilary section (bnc#1012382).
   - x86/alternatives: Discard dynamic check after init (bnc#1012382).
   - x86/apic: Ignore secondary threads if nosmt=force (bsc#1089343).
   - x86/asm: Add _ASM_ARG* constants for argument registers to <asm/asm.h>
     (bnc#1012382).
   - x86/boot: Simplify kernel load address alignment check (bnc#1012382).
   - x86/CPU/AMD: Do not check CPUID max ext level before parsing SMP info
     (bsc#1089343).
   - x86/cpu/AMD: Evaluate smp_num_siblings early (bsc#1089343).
   - x86/CPU/AMD: Move TOPOEXT reenablement before reading smp_num_siblings
     (bsc#1089343). Update config files.
   - x86/cpu/AMD: Remove the pointless detect_ht() call (bsc#1089343).
   - x86/cpu/common: Provide detect_ht_early() (bsc#1089343).
   - x86/cpufeature: Add helper macro for mask check macros (bnc#1012382).
   - x86/cpufeature: Carve out X86_FEATURE_* (bnc#1012382).
   - x86/cpufeature: Get rid of the non-asm goto variant (bnc#1012382).
   - x86/cpufeature: Make sure DISABLED/REQUIRED macros are updated
     (bnc#1012382).
   - x86/cpufeature: Move some of the scattered feature bits to
     x86_capability (bnc#1012382).
   - x86/cpufeature: Replace the old static_cpu_has() with safe variant
     (bnc#1012382).
   - x86/cpufeature: Speed up cpu_feature_enabled() (bnc#1012382).
   - x86/cpufeature: Update cpufeaure macros (bnc#1012382).
   - x86/cpu/intel: Evaluate smp_num_siblings early (bsc#1089343).
   - x86/cpu: Probe CPUID leaf 6 even when cpuid_level == 6 (bnc#1012382).
   - x86/cpu: Provide a config option to disable static_cpu_has (bnc#1012382).
   - x86/cpu: Remove the pointless CPU printout (bsc#1089343).
   - x86/cpu/topology: Provide detect_extended_topology_early() (bsc#1089343).
   - x86/fpu: Add an XSTATE_OP() macro (bnc#1012382).
   - x86/fpu: Get rid of xstate_fault() (bnc#1012382).
   - x86/headers: Do not include asm/processor.h in asm/atomic.h
     (bnc#1012382).
   - x86/mce: Fix incorrect "Machine check from unknown source" message
     (bnc#1012382).
   - x86/mm/pkeys: Fix mismerge of protection keys CPUID bits (bnc#1012382).
   - x86/mm: Simplify p[g4um]d_page() macros (1087081).
   - x86/smpboot: Do not use smp_num_siblings in __max_logical_packages
     calculation (bsc#1089343).
   - x86/smp: Provide topology_is_primary_thread() (bsc#1089343).
   - x86/topology: Add topology_max_smt_threads() (bsc#1089343).
   - x86/topology: Provide topology_smt_supported() (bsc#1089343).
   - x86/vdso: Use static_cpu_has() (bnc#1012382).
   - xen/grant-table: log the lack of grants (bnc#1085042).
   - xen-netfront: Fix mismatched rtnl_unlock (bnc#1101658).
   - xen-netfront: Update features after registering netdev (bnc#1101658).
   - xen: Remove unnecessary BUG_ON from __unbind_from_irq() (bnc#1012382).
   - xfrm6: avoid potential infinite loop in _decode_session6() (bnc#1012382).
   - xfrm: Ignore socket policies when rebuilding hash tables (bnc#1012382).
   - xfrm: skip policies marked as dead while rehashing (bnc#1012382).
   - xhci: xhci-mem: off by one in xhci_stream_id_to_ring() (bnc#1012382).


Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Software Development Kit 12-SP3:

      zypper in -t patch SUSE-SLE-SDK-12-SP3-2018-1606=1

   - SUSE Linux Enterprise Server 12-SP3:

      zypper in -t patch SUSE-SLE-SERVER-12-SP3-2018-1606=1



Package List:

   - SUSE Linux Enterprise Software Development Kit 12-SP3 (noarch):

      kernel-docs-azure-4.4.143-4.13.1

   - SUSE Linux Enterprise Server 12-SP3 (noarch):

      kernel-devel-azure-4.4.143-4.13.1
      kernel-source-azure-4.4.143-4.13.1

   - SUSE Linux Enterprise Server 12-SP3 (x86_64):

      kernel-azure-4.4.143-4.13.1
      kernel-azure-base-4.4.143-4.13.1
      kernel-azure-base-debuginfo-4.4.143-4.13.1
      kernel-azure-debuginfo-4.4.143-4.13.1
      kernel-azure-debugsource-4.4.143-4.13.1
      kernel-azure-devel-4.4.143-4.13.1


References:

   https://www.suse.com/security/cve/CVE-2017-18344.html
   https://www.suse.com/security/cve/CVE-2018-14734.html
   https://www.suse.com/security/cve/CVE-2018-3620.html
   https://www.suse.com/security/cve/CVE-2018-3646.html
   https://www.suse.com/security/cve/CVE-2018-5390.html
   https://www.suse.com/security/cve/CVE-2018-5391.html
   https://bugzilla.suse.com/1012382
   https://bugzilla.suse.com/1023711
   https://bugzilla.suse.com/1064232
   https://bugzilla.suse.com/1076110
   https://bugzilla.suse.com/1078216
   https://bugzilla.suse.com/1082653
   https://bugzilla.suse.com/1082979
   https://bugzilla.suse.com/1085042
   https://bugzilla.suse.com/1085536
   https://bugzilla.suse.com/1085657
   https://bugzilla.suse.com/1087081
   https://bugzilla.suse.com/1087659
   https://bugzilla.suse.com/1089343
   https://bugzilla.suse.com/1089525
   https://bugzilla.suse.com/1090123
   https://bugzilla.suse.com/1090340
   https://bugzilla.suse.com/1090435
   https://bugzilla.suse.com/1090888
   https://bugzilla.suse.com/1091107
   https://bugzilla.suse.com/1092001
   https://bugzilla.suse.com/1092207
   https://bugzilla.suse.com/1093777
   https://bugzilla.suse.com/1094120
   https://bugzilla.suse.com/1094244
   https://bugzilla.suse.com/1095453
   https://bugzilla.suse.com/1095643
   https://bugzilla.suse.com/1096790
   https://bugzilla.suse.com/1096978
   https://bugzilla.suse.com/1097034
   https://bugzilla.suse.com/1097501
   https://bugzilla.suse.com/1097771
   https://bugzilla.suse.com/1098599
   https://bugzilla.suse.com/1099306
   https://bugzilla.suse.com/1099713
   https://bugzilla.suse.com/1099792
   https://bugzilla.suse.com/1099810
   https://bugzilla.suse.com/1099858
   https://bugzilla.suse.com/1099918
   https://bugzilla.suse.com/1099966
   https://bugzilla.suse.com/1099993
   https://bugzilla.suse.com/1100089
   https://bugzilla.suse.com/1100132
   https://bugzilla.suse.com/1100340
   https://bugzilla.suse.com/1100843
   https://bugzilla.suse.com/1100930
   https://bugzilla.suse.com/1101296
   https://bugzilla.suse.com/1101331
   https://bugzilla.suse.com/1101658
   https://bugzilla.suse.com/1101789
   https://bugzilla.suse.com/1102188
   https://bugzilla.suse.com/1102197
   https://bugzilla.suse.com/1102203
   https://bugzilla.suse.com/1102205
   https://bugzilla.suse.com/1102207
   https://bugzilla.suse.com/1102211
   https://bugzilla.suse.com/1102214
   https://bugzilla.suse.com/1102215
   https://bugzilla.suse.com/1102340
   https://bugzilla.suse.com/1102394
   https://bugzilla.suse.com/1102683
   https://bugzilla.suse.com/1102851
   https://bugzilla.suse.com/1103097
   https://bugzilla.suse.com/1103119
   https://bugzilla.suse.com/1103580
   https://bugzilla.suse.com/1103717
   https://bugzilla.suse.com/1103745
   https://bugzilla.suse.com/1103884
   https://bugzilla.suse.com/1104174
   https://bugzilla.suse.com/997935

_______________________________________________

=============================================================================
   SUSE Security Update: Security update for the Linux Kernel (Live Patch 36 for SLE 12)
______________________________________________________________________________

Announcement ID:    SUSE-SU-2018:2369-1
Rating:             important
References:         #1097108 #1099306 
Cross-References:   CVE-2018-10853 CVE-2018-3646
Affected Products:
                    SUSE Linux Enterprise Server 12-LTSS
______________________________________________________________________________

   An update that fixes two vulnerabilities is now available.

Description:

   This update for the Linux Kernel 3.12.61-52_136 fixes several issues.

   The following security issues were fixed:

   - CVE-2018-3646: Local attackers in virtualized guest systems could use
     speculative code patterns on hyperthreaded processors to read data
     present in the L1 Datacache used by other hyperthreads on the same CPU
     core, potentially leaking sensitive data, even from other virtual
     machines or the host system (bsc#1099306).
   - CVE-2018-10853: A flaw was found in kvm. In which certain instructions
     such as sgdt/sidt call segmented_write_std didn't propagate access
     correctly. As such, during userspace induced exception, the guest can
     incorrectly assume that the exception happened in the kernel and panic.
     (bsc#1097108).


Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Server 12-LTSS:

      zypper in -t patch SUSE-SLE-SERVER-12-2018-1587=1



Package List:

   - SUSE Linux Enterprise Server 12-LTSS (x86_64):

      kgraft-patch-3_12_61-52_136-default-3-2.1
      kgraft-patch-3_12_61-52_136-xen-3-2.1


References:

   https://www.suse.com/security/cve/CVE-2018-10853.html
   https://www.suse.com/security/cve/CVE-2018-3646.html
   https://bugzilla.suse.com/1097108
   https://bugzilla.suse.com/1099306

_______________________________________________

=============================================================================
   SUSE Security Update: Security update for the Linux Kernel (Live Patch 26 for SLE 12 SP1)
______________________________________________________________________________

Announcement ID:    SUSE-SU-2018:2368-1
Rating:             important
References:         #1097108 #1099306 
Cross-References:   CVE-2018-10853 CVE-2018-3646
Affected Products:
                    SUSE Linux Enterprise Server for SAP 12-SP1
                    SUSE Linux Enterprise Server 12-SP1-LTSS
______________________________________________________________________________

   An update that fixes two vulnerabilities is now available.

Description:

   This update for the Linux Kernel 3.12.74-60_64_85 fixes several issues.

   The following security issues were fixed:

   - CVE-2018-3646: Local attackers in virtualized guest systems could use
     speculative code patterns on hyperthreaded processors to read data
     present in the L1 Datacache used by other hyperthreads on the same CPU
     core, potentially leaking sensitive data, even from other virtual
     machines or the host system (bsc#1099306).
   - CVE-2018-10853: A flaw was found in kvm. In which certain instructions
     such as sgdt/sidt call segmented_write_std didn't propagate access
     correctly. As such, during userspace induced exception, the guest can
     incorrectly assume that the exception happened in the kernel and panic.
     (bsc#1097108).


Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Server for SAP 12-SP1:

      zypper in -t patch SUSE-SLE-SAP-12-SP1-2018-1595=1

   - SUSE Linux Enterprise Server 12-SP1-LTSS:

      zypper in -t patch SUSE-SLE-SERVER-12-SP1-2018-1595=1



Package List:

   - SUSE Linux Enterprise Server for SAP 12-SP1 (x86_64):

      kgraft-patch-3_12_74-60_64_85-default-6-2.1
      kgraft-patch-3_12_74-60_64_85-xen-6-2.1

   - SUSE Linux Enterprise Server 12-SP1-LTSS (x86_64):

      kgraft-patch-3_12_74-60_64_85-default-6-2.1
      kgraft-patch-3_12_74-60_64_85-xen-6-2.1


References:

   https://www.suse.com/security/cve/CVE-2018-10853.html
   https://www.suse.com/security/cve/CVE-2018-3646.html
   https://bugzilla.suse.com/1097108
   https://bugzilla.suse.com/1099306

_______________________________________________

=============================================================================
   SUSE Security Update: Security update for the Linux Kernel (Live Patch 23 for SLE 12 SP1)
______________________________________________________________________________

Announcement ID:    SUSE-SU-2018:2367-1
Rating:             important
References:         #1096564 #1097108 #1099306 
Cross-References:   CVE-2017-11600 CVE-2018-10853 CVE-2018-3646
                   
Affected Products:
                    SUSE Linux Enterprise Server for SAP 12-SP1
                    SUSE Linux Enterprise Server 12-SP1-LTSS
______________________________________________________________________________

   An update that fixes three vulnerabilities is now available.

Description:

   This update for the Linux Kernel 3.12.74-60_64_66 fixes several issues.

   The following security issues were fixed:

   - CVE-2018-3646: Local attackers in virtualized guest systems could use
     speculative code patterns on hyperthreaded processors to read data
     present in the L1 Datacache used by other hyperthreads on the same CPU
     core, potentially leaking sensitive data, even from other virtual
     machines or the host system (bsc#1099306).
   - CVE-2017-11600: net/xfrm/xfrm_policy.c did not ensure that the dir value
     of xfrm_userpolicy_id is XFRM_POLICY_MAX or less, which allowed local
     users to cause a denial of service (out-of-bounds access) or possibly
     have unspecified other impact via an XFRM_MSG_MIGRATE xfrm Netlink
     message (bsc#1096564)
   - CVE-2018-10853: A flaw was found in kvm. In which certain instructions
     such as sgdt/sidt call segmented_write_std didn't propagate access
     correctly. As such, during userspace induced exception, the guest can
     incorrectly assume that the exception happened in the kernel and panic.
     (bsc#1097108).


Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Server for SAP 12-SP1:

      zypper in -t patch SUSE-SLE-SAP-12-SP1-2018-1598=1

   - SUSE Linux Enterprise Server 12-SP1-LTSS:

      zypper in -t patch SUSE-SLE-SERVER-12-SP1-2018-1598=1



Package List:

   - SUSE Linux Enterprise Server for SAP 12-SP1 (x86_64):

      kgraft-patch-3_12_74-60_64_66-default-7-2.1
      kgraft-patch-3_12_74-60_64_66-xen-7-2.1

   - SUSE Linux Enterprise Server 12-SP1-LTSS (x86_64):

      kgraft-patch-3_12_74-60_64_66-default-7-2.1
      kgraft-patch-3_12_74-60_64_66-xen-7-2.1


References:

   https://www.suse.com/security/cve/CVE-2017-11600.html
   https://www.suse.com/security/cve/CVE-2018-10853.html
   https://www.suse.com/security/cve/CVE-2018-3646.html
   https://bugzilla.suse.com/1096564
   https://bugzilla.suse.com/1097108
   https://bugzilla.suse.com/1099306

_______________________________________________


=============================================================================
   SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID:    SUSE-SU-2018:2366-1
Rating:             important
References:         #1082962 #1083900 #1085107 #1087081 #1089343 
                    #1092904 #1094353 #1096480 #1096728 #1097234 
                    #1098016 #1099924 #1099942 #1100418 #1104475 
                    #1104684 #909361 
Cross-References:   CVE-2016-8405 CVE-2017-13305 CVE-2018-1000204
                    CVE-2018-1068 CVE-2018-1130 CVE-2018-12233
                    CVE-2018-13053 CVE-2018-13406 CVE-2018-3620
                    CVE-2018-3646 CVE-2018-5803 CVE-2018-5814
                    CVE-2018-7492
Affected Products:
                    SUSE Linux Enterprise Server 11-SP3-LTSS
                    SUSE Linux Enterprise Server 11-EXTRA
                    SUSE Linux Enterprise Point of Sale 11-SP3
                    SUSE Linux Enterprise Debuginfo 11-SP3
______________________________________________________________________________

   An update that solves 13 vulnerabilities and has four fixes
   is now available.

Description:



   The SUSE Linux Enterprise 11 SP3 LTSS kernel was updated to receive
   various security and bugfixes.

   The following security bugs were fixed:

   - CVE-2016-8405: An information disclosure vulnerability in kernel
     components including the ION subsystem, Binder, USB driver and
     networking subsystem could enable a local malicious application to
     access data outside of its permission levels. (bnc#1099942).
   - CVE-2017-13305: A information disclosure vulnerability existed in the
     encrypted-keys handling. (bnc#1094353).
   - CVE-2018-1000204: A malformed SG_IO ioctl issued for a SCSI device could
     lead to a local kernel information leak manifesting in up to
     approximately 1000 memory pages copied to the userspace. The problem has
     limited scope as non-privileged users usually have no permissions to
     access SCSI device files. (bnc#1096728).
   - CVE-2018-1068: A flaw was found in the implementation of 32-bit syscall
     interface for bridging. This allowed a privileged user to arbitrarily
     write to a limited range of kernel memory (bnc#1085107).
   - CVE-2018-1130: A null pointer dereference in dccp_write_xmit() function
     in net/dccp/output.c allowed a local user to cause a denial of service
     by a number of certain crafted system calls (bnc#1092904).
   - CVE-2018-12233: In the ea_get function in fs/jfs/xattr.c a memory
     corruption bug in JFS can be triggered by calling setxattr twice with
     two different extended attribute names on the same file. This
     vulnerability can be triggered by an unprivileged user with the ability
     to create files and execute programs. A kmalloc call is incorrect,
     leading to slab-out-of-bounds in jfs_xattr (bnc#1097234).
   - CVE-2018-13053: The alarm_timer_nsleep function in
     kernel/time/alarmtimer.c had an integer overflow via a large relative
     timeout because ktime_add_safe is not used (bnc#1099924).
   - CVE-2018-13406: An integer overflow in the uvesafb_setcmap function in
     drivers/video/fbdev/uvesafb.c kernel could result in local attackers
     being able to crash the kernel or potentially elevate privileges because
     kmalloc_array is not used (bnc#1098016 1100418).
   - CVE-2018-3620: Local attackers on baremetal systems could use
     speculative code patterns on hyperthreaded processors to read data
     present in the L1 Datacache used by other hyperthreads on the same CPU
     core, potentially leaking sensitive data. (bnc#1087081).
   - CVE-2018-3646: Local attackers in virtualized guest systems could use
     speculative code patterns on hyperthreaded processors to read data
     present in the L1 Datacache used by other hyperthreads on the same CPU
     core, potentially leaking sensitive data, even from other virtual
     machines or the host system. (bnc#1089343).
   - CVE-2018-5803: An error in the "_sctp_make_chunk()" function
     (net/sctp/sm_make_chunk.c) when handling SCTP packets length could be
     exploited to cause a kernel crash (bnc#1083900).
   - CVE-2018-5814: Multiple race condition errors when handling probe,
     disconnect, and rebind operations could be exploited to trigger a
     use-after-free condition or a NULL pointer dereference by sending
     multiple USB over IP packets (bnc#1096480).
   - CVE-2018-7492: A NULL pointer dereference was found in the
     net/rds/rdma.c __rds_rdma_map() function allowing local attackers to
     cause a system panic and a denial-of-service, related to RDS_GET_MR and
     RDS_GET_MR_FOR_DEST (bnc#1082962).

   The following non-security bugs were fixed:

   - cpu/hotplug: Add sysfs state interface (bsc#1089343).
   - cpu/hotplug: Provide knobs to control SMT (bsc#1089343).
   - cpu/hotplug: Provide knobs to control SMT (bsc#1089343).
   - cpu/hotplug: Split do_cpu_down() (bsc#1089343).
   - disable-prot_none_mitigation.patch: disable prot_none native mitigation
     (bnc#1104684)
   - fix pgd underflow (bnc#1104475) custom walk_page_range rework was
     incorrect and could underflow pgd if the given range was below a first
     vma.
   - slab: introduce kmalloc_array() (bsc#909361).
   - x86/apic: Ignore secondary threads if nosmt=force (bsc#1089343).
   - x86/CPU/AMD: Do not check CPUID max ext level before parsing SMP info
     (bsc#1089343).
   - x86/cpu/AMD: Evaluate smp_num_siblings early (bsc#1089343).
   - x86/cpu/AMD: Evaluate smp_num_siblings early (bsc#1089343).
   - x86/CPU/AMD: Move TOPOEXT reenablement before reading smp_num_siblings
     (bsc#1089343).
   - x86/cpu/AMD: Remove the pointless detect_ht() call (bsc#1089343).
   - x86/cpu/common: Provide detect_ht_early() (bsc#1089343).
   - x86/cpu/intel: Evaluate smp_num_siblings early (bsc#1089343).
   - x86/cpu: Remove the pointless CPU printout (bsc#1089343).
   - x86/cpu/topology: Provide detect_extended_topology_early() (bsc#1089343).
   - x86/smpboot: Do not use smp_num_siblings in __max_logical_packages
     calculation (bsc#1089343).
   - x86/smp: Provide topology_is_primary_thread() (bsc#1089343).
   - x86/topology: Add topology_max_smt_threads() (bsc#1089343).
   - x86/topology: Provide topology_smt_supported() (bsc#1089343).
   - xen/x86/cpu/common: Provide detect_ht_early() (bsc#1089343).
   - xen/x86/cpu: Remove the pointless CPU printout (bsc#1089343).
   - xen/x86/cpu/topology: Provide detect_extended_topology_early()
     (bsc#1089343).
   - x86/mm: Simplify p[g4um]d_page() macros (bnc#1087081, bnc#1104684).


Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Server 11-SP3-LTSS:

      zypper in -t patch slessp3-kernel-20180809-13731=1

   - SUSE Linux Enterprise Server 11-EXTRA:

      zypper in -t patch slexsp3-kernel-20180809-13731=1

   - SUSE Linux Enterprise Point of Sale 11-SP3:

      zypper in -t patch sleposp3-kernel-20180809-13731=1

   - SUSE Linux Enterprise Debuginfo 11-SP3:

      zypper in -t patch dbgsp3-kernel-20180809-13731=1



Package List:

   - SUSE Linux Enterprise Server 11-SP3-LTSS (i586 s390x x86_64):

      kernel-default-3.0.101-0.47.106.43.1
      kernel-default-base-3.0.101-0.47.106.43.1
      kernel-default-devel-3.0.101-0.47.106.43.1
      kernel-source-3.0.101-0.47.106.43.1
      kernel-syms-3.0.101-0.47.106.43.1
      kernel-trace-3.0.101-0.47.106.43.1
      kernel-trace-base-3.0.101-0.47.106.43.1
      kernel-trace-devel-3.0.101-0.47.106.43.1

   - SUSE Linux Enterprise Server 11-SP3-LTSS (i586 x86_64):

      kernel-ec2-3.0.101-0.47.106.43.1
      kernel-ec2-base-3.0.101-0.47.106.43.1
      kernel-ec2-devel-3.0.101-0.47.106.43.1
      kernel-xen-3.0.101-0.47.106.43.1
      kernel-xen-base-3.0.101-0.47.106.43.1
      kernel-xen-devel-3.0.101-0.47.106.43.1

   - SUSE Linux Enterprise Server 11-SP3-LTSS (x86_64):

      kernel-bigsmp-3.0.101-0.47.106.43.1
      kernel-bigsmp-base-3.0.101-0.47.106.43.1
      kernel-bigsmp-devel-3.0.101-0.47.106.43.1

   - SUSE Linux Enterprise Server 11-SP3-LTSS (s390x):

      kernel-default-man-3.0.101-0.47.106.43.1

   - SUSE Linux Enterprise Server 11-SP3-LTSS (i586):

      kernel-pae-3.0.101-0.47.106.43.1
      kernel-pae-base-3.0.101-0.47.106.43.1
      kernel-pae-devel-3.0.101-0.47.106.43.1

   - SUSE Linux Enterprise Server 11-EXTRA (i586 ia64 ppc64 s390x x86_64):

      kernel-default-extra-3.0.101-0.47.106.43.1

   - SUSE Linux Enterprise Server 11-EXTRA (i586 x86_64):

      kernel-xen-extra-3.0.101-0.47.106.43.1

   - SUSE Linux Enterprise Server 11-EXTRA (x86_64):

      kernel-bigsmp-extra-3.0.101-0.47.106.43.1
      kernel-trace-extra-3.0.101-0.47.106.43.1

   - SUSE Linux Enterprise Server 11-EXTRA (ppc64):

      kernel-ppc64-extra-3.0.101-0.47.106.43.1

   - SUSE Linux Enterprise Server 11-EXTRA (i586):

      kernel-pae-extra-3.0.101-0.47.106.43.1

   - SUSE Linux Enterprise Point of Sale 11-SP3 (i586):

      kernel-default-3.0.101-0.47.106.43.1
      kernel-default-base-3.0.101-0.47.106.43.1
      kernel-default-devel-3.0.101-0.47.106.43.1
      kernel-ec2-3.0.101-0.47.106.43.1
      kernel-ec2-base-3.0.101-0.47.106.43.1
      kernel-ec2-devel-3.0.101-0.47.106.43.1
      kernel-pae-3.0.101-0.47.106.43.1
      kernel-pae-base-3.0.101-0.47.106.43.1
      kernel-pae-devel-3.0.101-0.47.106.43.1
      kernel-source-3.0.101-0.47.106.43.1
      kernel-syms-3.0.101-0.47.106.43.1
      kernel-trace-3.0.101-0.47.106.43.1
      kernel-trace-base-3.0.101-0.47.106.43.1
      kernel-trace-devel-3.0.101-0.47.106.43.1
      kernel-xen-3.0.101-0.47.106.43.1
      kernel-xen-base-3.0.101-0.47.106.43.1
      kernel-xen-devel-3.0.101-0.47.106.43.1

   - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 s390x x86_64):

      kernel-default-debuginfo-3.0.101-0.47.106.43.1
      kernel-default-debugsource-3.0.101-0.47.106.43.1
      kernel-trace-debuginfo-3.0.101-0.47.106.43.1
      kernel-trace-debugsource-3.0.101-0.47.106.43.1

   - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 x86_64):

      kernel-ec2-debuginfo-3.0.101-0.47.106.43.1
      kernel-ec2-debugsource-3.0.101-0.47.106.43.1
      kernel-xen-debuginfo-3.0.101-0.47.106.43.1
      kernel-xen-debugsource-3.0.101-0.47.106.43.1

   - SUSE Linux Enterprise Debuginfo 11-SP3 (x86_64):

      kernel-bigsmp-debuginfo-3.0.101-0.47.106.43.1
      kernel-bigsmp-debugsource-3.0.101-0.47.106.43.1

   - SUSE Linux Enterprise Debuginfo 11-SP3 (i586):

      kernel-pae-debuginfo-3.0.101-0.47.106.43.1
      kernel-pae-debugsource-3.0.101-0.47.106.43.1


References:

   https://www.suse.com/security/cve/CVE-2016-8405.html
   https://www.suse.com/security/cve/CVE-2017-13305.html
   https://www.suse.com/security/cve/CVE-2018-1000204.html
   https://www.suse.com/security/cve/CVE-2018-1068.html
   https://www.suse.com/security/cve/CVE-2018-1130.html
   https://www.suse.com/security/cve/CVE-2018-12233.html
   https://www.suse.com/security/cve/CVE-2018-13053.html
   https://www.suse.com/security/cve/CVE-2018-13406.html
   https://www.suse.com/security/cve/CVE-2018-3620.html
   https://www.suse.com/security/cve/CVE-2018-3646.html
   https://www.suse.com/security/cve/CVE-2018-5803.html
   https://www.suse.com/security/cve/CVE-2018-5814.html
   https://www.suse.com/security/cve/CVE-2018-7492.html
   https://bugzilla.suse.com/1082962
   https://bugzilla.suse.com/1083900
   https://bugzilla.suse.com/1085107
   https://bugzilla.suse.com/1087081
   https://bugzilla.suse.com/1089343
   https://bugzilla.suse.com/1092904
   https://bugzilla.suse.com/1094353
   https://bugzilla.suse.com/1096480
   https://bugzilla.suse.com/1096728
   https://bugzilla.suse.com/1097234
   https://bugzilla.suse.com/1098016
   https://bugzilla.suse.com/1099924
   https://bugzilla.suse.com/1099942
   https://bugzilla.suse.com/1100418
   https://bugzilla.suse.com/1104475
   https://bugzilla.suse.com/1104684
   https://bugzilla.suse.com/909361

_______________________________________________

=============================================================================
   SUSE Security Update: Security update for the Linux Kernel (Live Patch 28 for SLE 12 SP1)
______________________________________________________________________________

Announcement ID:    SUSE-SU-2018:2364-1
Rating:             important
References:         #1097108 #1099306 
Cross-References:   CVE-2018-10853 CVE-2018-3646
Affected Products:
                    SUSE Linux Enterprise Server for SAP 12-SP1
                    SUSE Linux Enterprise Server 12-SP1-LTSS
______________________________________________________________________________

   An update that fixes two vulnerabilities is now available.

Description:

   This update for the Linux Kernel 3.12.74-60_64_93 fixes several issues.

   The following security issues were fixed:

   - CVE-2018-3646: Local attackers in virtualized guest systems could use
     speculative code patterns on hyperthreaded processors to read data
     present in the L1 Datacache used by other hyperthreads on the same CPU
     core, potentially leaking sensitive data, even from other virtual
     machines or the host system (bsc#1099306).
   - CVE-2018-10853: A flaw was found in kvm. In which certain instructions
     such as sgdt/sidt call segmented_write_std didn't propagate access
     correctly. As such, during userspace induced exception, the guest can
     incorrectly assume that the exception happened in the kernel and panic.
     (bsc#1097108).


Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Server for SAP 12-SP1:

      zypper in -t patch SUSE-SLE-SAP-12-SP1-2018-1593=1

   - SUSE Linux Enterprise Server 12-SP1-LTSS:

      zypper in -t patch SUSE-SLE-SERVER-12-SP1-2018-1593=1



Package List:

   - SUSE Linux Enterprise Server for SAP 12-SP1 (x86_64):

      kgraft-patch-3_12_74-60_64_93-default-3-2.1
      kgraft-patch-3_12_74-60_64_93-xen-3-2.1

   - SUSE Linux Enterprise Server 12-SP1-LTSS (x86_64):

      kgraft-patch-3_12_74-60_64_93-default-3-2.1
      kgraft-patch-3_12_74-60_64_93-xen-3-2.1


References:

   https://www.suse.com/security/cve/CVE-2018-10853.html
   https://www.suse.com/security/cve/CVE-2018-3646.html
   https://bugzilla.suse.com/1097108
   https://bugzilla.suse.com/1099306

_______________________________________________

=============================================================================
   SUSE Security Update: Security update for the Linux Kernel (Live Patch 25 for SLE 12 SP1)
______________________________________________________________________________

Announcement ID:    SUSE-SU-2018:2363-1
Rating:             important
References:         #1097108 #1099306 
Cross-References:   CVE-2018-10853 CVE-2018-3646
Affected Products:
                    SUSE Linux Enterprise Server for SAP 12-SP1
                    SUSE Linux Enterprise Server 12-SP1-LTSS
______________________________________________________________________________

   An update that fixes two vulnerabilities is now available.

Description:

   This update for the Linux Kernel 3.12.74-60_64_82 fixes several issues.

   The following security issues were fixed:

   - CVE-2018-3646: Local attackers in virtualized guest systems could use
     speculative code patterns on hyperthreaded processors to read data
     present in the L1 Datacache used by other hyperthreads on the same CPU
     core, potentially leaking sensitive data, even from other virtual
     machines or the host system (bsc#1099306).
   - CVE-2018-10853: A flaw was found in kvm. In which certain instructions
     such as sgdt/sidt call segmented_write_std didn't propagate access
     correctly. As such, during userspace induced exception, the guest can
     incorrectly assume that the exception happened in the kernel and panic.
     (bsc#1097108).


Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Server for SAP 12-SP1:

      zypper in -t patch SUSE-SLE-SAP-12-SP1-2018-1596=1

   - SUSE Linux Enterprise Server 12-SP1-LTSS:

      zypper in -t patch SUSE-SLE-SERVER-12-SP1-2018-1596=1



Package List:

   - SUSE Linux Enterprise Server for SAP 12-SP1 (x86_64):

      kgraft-patch-3_12_74-60_64_82-default-6-2.1
      kgraft-patch-3_12_74-60_64_82-xen-6-2.1

   - SUSE Linux Enterprise Server 12-SP1-LTSS (x86_64):

      kgraft-patch-3_12_74-60_64_82-default-6-2.1
      kgraft-patch-3_12_74-60_64_82-xen-6-2.1


References:

   https://www.suse.com/security/cve/CVE-2018-10853.html
   https://www.suse.com/security/cve/CVE-2018-3646.html
   https://bugzilla.suse.com/1097108
   https://bugzilla.suse.com/1099306

_______________________________________________

=============================================================================
   SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID:    SUSE-SU-2018:2362-1
Rating:             important
References:         #1012382 #1064232 #1068032 #1087081 #1089343 
                    #1098016 #1099924 #1100416 #1100418 #1103119 
                    
Cross-References:   CVE-2018-13053 CVE-2018-13405 CVE-2018-13406
                    CVE-2018-14734 CVE-2018-3620 CVE-2018-3646
                   
Affected Products:
                    SUSE Linux Enterprise Server 12-LTSS
                    SUSE Linux Enterprise Module for Public Cloud 12
______________________________________________________________________________

   An update that solves 6 vulnerabilities and has four fixes
   is now available.

Description:



   The SUSE Linux Enterprise 12 GA LTSS kernel was updated to receive various
   security and bugfixes.

   The following security bugs were fixed:

   - CVE-2018-13053: The alarm_timer_nsleep function in
     kernel/time/alarmtimer.c had an integer overflow via a large relative
     timeout because ktime_add_safe is not used (bnc#1099924).
   - CVE-2018-13405: The inode_init_owner function in fs/inode.c allowed
     local users to create files with an unintended group ownership, in a
     scenario where a directory is SGID to a certain group and is writable by
     a user who is not a member of that group. Here, the non-member can
     trigger creation of a plain file whose group ownership is that group.
     The intended behavior was that the non-member can trigger creation of a
     directory (but not a plain file) whose group ownership is that group.
     The non-member can escalate privileges by making the plain file
     executable and SGID (bnc#1100416).
   - CVE-2018-13406: An integer overflow in the uvesafb_setcmap function in
     drivers/video/fbdev/uvesafb.c could result in local attackers being able
     to crash the kernel or potentially elevate privileges because
     kmalloc_array is not used (bnc#1098016 bnc#1100418).
   - CVE-2018-14734: drivers/infiniband/core/ucma.c allowed
     ucma_leave_multicast to access a certain data structure after a cleanup
     step in ucma_process_join, which allowed attackers to cause a denial of
     service (use-after-free) (bnc#1103119).
   - CVE-2018-3620: Local attackers on baremetal systems could use
     speculative code patterns on hyperthreaded processors to read data
     present in the L1 Datacache used by other hyperthreads on the same CPU
     core, potentially leaking sensitive data. (bnc#1087081).
   - CVE-2018-3646: Local attackers in virtualized guest systems could use
     speculative code patterns on hyperthreaded processors to read data
     present in the L1 Datacache used by other hyperthreads on the same CPU
     core, potentially leaking sensitive data, even from other virtual
     machines or the host system. (bnc#1089343).

   The following non-security bugs were fixed:

   - bcache: Add __printf annotation to __bch_check_keys() (bsc#1064232).
   - bcache: Annotate switch fall-through (bsc#1064232).
   - bcache: Fix a compiler warning in bcache_device_init() (bsc#1064232).
   - bcache: Fix indentation (bsc#1064232).
   - bcache: Fix kernel-doc warnings (bsc#1064232).
   - bcache: Fix, improve efficiency of closure_sync() (bsc#1064232).
   - bcache: Reduce the number of sparse complaints about lock imbalances
     (bsc#1064232).
   - bcache: Remove an unused variable (bsc#1064232).
   - bcache: Suppress more warnings about set-but-not-used variables
     (bsc#1064232).
   - bcache: Use PTR_ERR_OR_ZERO() (bsc#1064232).
   - bcache: add CACHE_SET_IO_DISABLE to struct cache_set flags (bsc#1064232).
   - bcache: add backing_request_endio() for bi_end_io (bsc#1064232).
   - bcache: add io_disable to struct cached_dev (bsc#1064232).
   - bcache: add journal statistic (bsc#1064232).
   - bcache: add stop_when_cache_set_failed option to backing device
     (bsc#1064232).
   - bcache: add wait_for_kthread_stop() in bch_allocator_thread()
     (bsc#1064232).
   - bcache: closures: move control bits one bit right (bsc#1064232).
   - bcache: correct flash only vols (check all uuids) (bsc#1064232).
   - bcache: count backing device I/O error for writeback I/O (bsc#1064232).
   - bcache: do not attach backing with duplicate UUID (bsc#1064232).
   - bcache: fix cached_dev->count usage for bch_cache_set_error()
     (bsc#1064232).
   - bcache: fix crashes in duplicate cache device register (bsc#1064232).
   - bcache: fix error return value in memory shrink (bsc#1064232).
   - bcache: fix for allocator and register thread race (bsc#1064232).
   - bcache: fix for data collapse after re-attaching an attached device
     (bsc#1064232).
   - bcache: fix high CPU occupancy during journal (bsc#1064232).
   - bcache: fix incorrect sysfs output value of strip size (bsc#1064232).
   - bcache: fix kcrashes with fio in RAID5 backend dev (bsc#1064232).
   - bcache: fix misleading error message in bch_count_io_errors()
     (bsc#1064232).
   - bcache: fix using of loop variable in memory shrink (bsc#1064232).
   - bcache: fix writeback target calc on large devices (bsc#1064232).
   - bcache: fix wrong return value in bch_debug_init() (bsc#1064232).
   - bcache: mark closure_sync() __sched (bsc#1064232).
   - bcache: move closure debug file into debug directory (bsc#1064232).
   - bcache: properly set task state in bch_writeback_thread() (bsc#1064232).
   - bcache: quit dc->writeback_thread when BCACHE_DEV_DETACHING is set
     (bsc#1064232).
   - bcache: reduce cache_set devices iteration by devices_max_used
     (bsc#1064232).
   - bcache: ret IOERR when read meets metadata error (bsc#1064232).
   - bcache: return 0 from bch_debug_init() if CONFIG_DEBUG_FS=n
     (bsc#1064232).
   - bcache: return attach error when no cache set exist (bsc#1064232).
   - bcache: segregate flash only volume write streams (bsc#1064232).
   - bcache: set CACHE_SET_IO_DISABLE in bch_cached_dev_error() (bsc#1064232).
   - bcache: set dc->io_disable to true in conditional_stop_bcache_device()
     (bsc#1064232).
   - bcache: set error_limit correctly (bsc#1064232).
   - bcache: set writeback_rate_update_seconds in range [1, 60] seconds
     (bsc#1064232).
   - bcache: stop bcache device when backing device is offline (bsc#1064232).
   - bcache: stop dc->writeback_rate_update properly (bsc#1064232).
   - bcache: stop writeback thread after detaching (bsc#1064232).
   - bcache: store disk name in struct cache and struct cached_dev
     (bsc#1064232).
   - bcache: use pr_info() to inform duplicated CACHE_SET_IO_DISABLE set
     (bsc#1064232).
   - cpu/hotplug: Add sysfs state interface (bsc#1089343).
   - cpu/hotplug: Provide knobs to control SMT (bsc#1089343).
   - cpu/hotplug: Provide knobs to control SMT (bsc#1089343).
   - cpu/hotplug: Split do_cpu_down() (bsc#1089343).
   - x86/CPU/AMD: Do not check CPUID max ext level before parsing SMP info
     (bsc#1089343).
   - x86/CPU/AMD: Move TOPOEXT reenablement before reading smp_num_siblings
     (bsc#1089343).
   - x86/Xen: disable IBRS around CPU stopper function invocation (none so
     far).
   - x86/cpu/AMD: Evaluate smp_num_siblings early (bsc#1089343).
   - x86/cpu/AMD: Evaluate smp_num_siblings early (bsc#1089343).
   - x86/cpu/AMD: Remove the pointless detect_ht() call (bsc#1089343).
   - x86/cpu/common: Provide detect_ht_early() (bsc#1089343).
   - x86/cpu/intel: Evaluate smp_num_siblings early (bsc#1089343).
   - x86/cpu/topology: Provide detect_extended_topology_early() (bsc#1089343).
   - x86/cpu: Remove the pointless CPU printout (bsc#1089343).
   - x86/cpufeatures: Add X86_BUG_SPECTRE_V[12] (bnc#1012382).
   - x86/mm: Simplify p[g4um]xen: d_page() macros (bnc#1087081).
   - x86/smp: Provide topology_is_primary_thread() (bsc#1089343).
   - x86/smpboot: Do not use smp_num_siblings in __max_logical_packages
     calculation (bsc#1089343).
   - x86/topology: Add topology_max_smt_threads() (bsc#1089343).
   - x86/topology: Provide topology_smt_supported() (bsc#1089343).
   - xen/x86/cpu/common: Provide detect_ht_early() (bsc#1089343).
   - xen/x86/cpu/topology: Provide detect_extended_topology_early()
     (bsc#1089343).
   - xen/x86/cpu: Remove the pointless CPU printout (bsc#1089343).
   - xen/x86/cpufeatures: Add X86_BUG_CPU_INSECURE (bnc#1012382).
   - xen/x86/cpufeatures: Make CPU bugs sticky (bnc#1012382).
   - xen/x86/entry: Add a function to overwrite the RSB (bsc#1068032).
   - xen/x86/entry: Stuff RSB for entry to kernel for non-SMEP platform
     (bsc#1068032).
   - xen/x86/entry: Use IBRS on entry to kernel space (bsc#1068032).
   - xen/x86/mm: Set IBPB upon context switch (bsc#1068032).
   - xen/x86/pti: Rename BUG_CPU_INSECURE to BUG_CPU_MELTDOWN (bnc#1012382).


Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Server 12-LTSS:

      zypper in -t patch SUSE-SLE-SERVER-12-2018-1605=1

   - SUSE Linux Enterprise Module for Public Cloud 12:

      zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2018-1605=1



Package List:

   - SUSE Linux Enterprise Server 12-LTSS (ppc64le s390x x86_64):

      kernel-default-3.12.61-52.141.1
      kernel-default-base-3.12.61-52.141.1
      kernel-default-base-debuginfo-3.12.61-52.141.1
      kernel-default-debuginfo-3.12.61-52.141.1
      kernel-default-debugsource-3.12.61-52.141.1
      kernel-default-devel-3.12.61-52.141.1
      kernel-syms-3.12.61-52.141.1

   - SUSE Linux Enterprise Server 12-LTSS (noarch):

      kernel-devel-3.12.61-52.141.1
      kernel-macros-3.12.61-52.141.1
      kernel-source-3.12.61-52.141.1

   - SUSE Linux Enterprise Server 12-LTSS (x86_64):

      kernel-xen-3.12.61-52.141.1
      kernel-xen-base-3.12.61-52.141.1
      kernel-xen-base-debuginfo-3.12.61-52.141.1
      kernel-xen-debuginfo-3.12.61-52.141.1
      kernel-xen-debugsource-3.12.61-52.141.1
      kernel-xen-devel-3.12.61-52.141.1
      kgraft-patch-3_12_61-52_141-default-1-1.5.1
      kgraft-patch-3_12_61-52_141-xen-1-1.5.1
      lttng-modules-2.4.1-16.6.1
      lttng-modules-debugsource-2.4.1-16.6.1
      lttng-modules-kmp-default-2.4.1_k3.12.61_52.141-16.6.1
      lttng-modules-kmp-default-debuginfo-2.4.1_k3.12.61_52.141-16.6.1

   - SUSE Linux Enterprise Server 12-LTSS (s390x):

      kernel-default-man-3.12.61-52.141.1

   - SUSE Linux Enterprise Module for Public Cloud 12 (x86_64):

      kernel-ec2-3.12.61-52.141.1
      kernel-ec2-debuginfo-3.12.61-52.141.1
      kernel-ec2-debugsource-3.12.61-52.141.1
      kernel-ec2-devel-3.12.61-52.141.1
      kernel-ec2-extra-3.12.61-52.141.1
      kernel-ec2-extra-debuginfo-3.12.61-52.141.1


References:

   https://www.suse.com/security/cve/CVE-2018-13053.html
   https://www.suse.com/security/cve/CVE-2018-13405.html
   https://www.suse.com/security/cve/CVE-2018-13406.html
   https://www.suse.com/security/cve/CVE-2018-14734.html
   https://www.suse.com/security/cve/CVE-2018-3620.html
   https://www.suse.com/security/cve/CVE-2018-3646.html
   https://bugzilla.suse.com/1012382
   https://bugzilla.suse.com/1064232
   https://bugzilla.suse.com/1068032
   https://bugzilla.suse.com/1087081
   https://bugzilla.suse.com/1089343
   https://bugzilla.suse.com/1098016
   https://bugzilla.suse.com/1099924
   https://bugzilla.suse.com/1100416
   https://bugzilla.suse.com/1100418
   https://bugzilla.suse.com/1103119

_______________________________________________

=============================================================================
   SUSE Security Update: Security update for the Linux Kernel (Live Patch 24 for SLE 12 SP1)
______________________________________________________________________________

Announcement ID:    SUSE-SU-2018:2359-1
Rating:             important
References:         #1097108 #1099306 
Cross-References:   CVE-2018-10853 CVE-2018-3646
Affected Products:
                    SUSE Linux Enterprise Server for SAP 12-SP1
                    SUSE Linux Enterprise Server 12-SP1-LTSS
______________________________________________________________________________

   An update that fixes two vulnerabilities is now available.

Description:

   This update for the Linux Kernel 3.12.74-60_64_69 fixes several issues.

   The following security issues were fixed:

   - CVE-2018-3646: Local attackers in virtualized guest systems could use
     speculative code patterns on hyperthreaded processors to read data
     present in the L1 Datacache used by other hyperthreads on the same CPU
     core, potentially leaking sensitive data, even from other virtual
     machines or the host system (bsc#1099306).
   - CVE-2018-10853: A flaw was found in kvm. In which certain instructions
     such as sgdt/sidt call segmented_write_std didn't propagate access
     correctly. As such, during userspace induced exception, the guest can
     incorrectly assume that the exception happened in the kernel and panic.
     (bsc#1097108).


Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Server for SAP 12-SP1:

      zypper in -t patch SUSE-SLE-SAP-12-SP1-2018-1597=1

   - SUSE Linux Enterprise Server 12-SP1-LTSS:

      zypper in -t patch SUSE-SLE-SERVER-12-SP1-2018-1597=1



Package List:

   - SUSE Linux Enterprise Server for SAP 12-SP1 (x86_64):

      kgraft-patch-3_12_74-60_64_69-default-6-2.1
      kgraft-patch-3_12_74-60_64_69-xen-6-2.1

   - SUSE Linux Enterprise Server 12-SP1-LTSS (x86_64):

      kgraft-patch-3_12_74-60_64_69-default-6-2.1
      kgraft-patch-3_12_74-60_64_69-xen-6-2.1


References:

   https://www.suse.com/security/cve/CVE-2018-10853.html
   https://www.suse.com/security/cve/CVE-2018-3646.html
   https://bugzilla.suse.com/1097108
   https://bugzilla.suse.com/1099306

_______________________________________________

=============================================================================
   SUSE Security Update: Security update for the Linux Kernel (Live Patch 29 for SLE 12 SP1)
______________________________________________________________________________

Announcement ID:    SUSE-SU-2018:2358-1
Rating:             important
References:         #1097108 #1099306 
Cross-References:   CVE-2018-10853 CVE-2018-3646
Affected Products:
                    SUSE Linux Enterprise Server for SAP 12-SP1
                    SUSE Linux Enterprise Server 12-SP1-LTSS
______________________________________________________________________________

   An update that fixes two vulnerabilities is now available.

Description:

   This update for the Linux Kernel 3.12.74-60_64_96 fixes several issues.

   The following security issues were fixed:

   - CVE-2018-3646: Local attackers in virtualized guest systems could use
     speculative code patterns on hyperthreaded processors to read data
     present in the L1 Datacache used by other hyperthreads on the same CPU
     core, potentially leaking sensitive data, even from other virtual
     machines or the host system (bsc#1099306).
   - CVE-2018-10853: A flaw was found in kvm. In which certain instructions
     such as sgdt/sidt call segmented_write_std didn't propagate access
     correctly. As such, during userspace induced exception, the guest can
     incorrectly assume that the exception happened in the kernel and panic.
     (bsc#1097108).


Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Server for SAP 12-SP1:

      zypper in -t patch SUSE-SLE-SAP-12-SP1-2018-1592=1

   - SUSE Linux Enterprise Server 12-SP1-LTSS:

      zypper in -t patch SUSE-SLE-SERVER-12-SP1-2018-1592=1



Package List:

   - SUSE Linux Enterprise Server for SAP 12-SP1 (x86_64):

      kgraft-patch-3_12_74-60_64_96-default-3-2.1
      kgraft-patch-3_12_74-60_64_96-xen-3-2.1

   - SUSE Linux Enterprise Server 12-SP1-LTSS (x86_64):

      kgraft-patch-3_12_74-60_64_96-default-3-2.1
      kgraft-patch-3_12_74-60_64_96-xen-3-2.1


References:

   https://www.suse.com/security/cve/CVE-2018-10853.html
   https://www.suse.com/security/cve/CVE-2018-3646.html
   https://bugzilla.suse.com/1097108
   https://bugzilla.suse.com/1099306

_______________________________________________

=============================================================================
   SUSE Security Update: Security update for the Linux Kernel (Live Patch 30 for SLE 12)
______________________________________________________________________________

Announcement ID:    SUSE-SU-2018:2356-1
Rating:             important
References:         #1097108 #1099306 
Cross-References:   CVE-2018-10853 CVE-2018-3646
Affected Products:
                    SUSE Linux Enterprise Server 12-LTSS
______________________________________________________________________________

   An update that fixes two vulnerabilities is now available.

Description:

   This update for the Linux Kernel 3.12.61-52_111 fixes several issues.

   The following security issues were fixed:

   - CVE-2018-3646: Local attackers in virtualized guest systems could use
     speculative code patterns on hyperthreaded processors to read data
     present in the L1 Datacache used by other hyperthreads on the same CPU
     core, potentially leaking sensitive data, even from other virtual
     machines or the host system (bsc#1099306).
   - CVE-2018-10853: A flaw was found in kvm. In which certain instructions
     such as sgdt/sidt call segmented_write_std didn't propagate access
     correctly. As such, during userspace induced exception, the guest can
     incorrectly assume that the exception happened in the kernel and panic.
     (bsc#1097108).


Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Server 12-LTSS:

      zypper in -t patch SUSE-SLE-SERVER-12-2018-1582=1



Package List:

   - SUSE Linux Enterprise Server 12-LTSS (x86_64):

      kgraft-patch-3_12_61-52_111-default-7-2.1
      kgraft-patch-3_12_61-52_111-xen-7-2.1


References:

   https://www.suse.com/security/cve/CVE-2018-10853.html
   https://www.suse.com/security/cve/CVE-2018-3646.html
   https://bugzilla.suse.com/1097108
   https://bugzilla.suse.com/1099306

_______________________________________________

=============================================================================
   SUSE Security Update: Security update for the Linux Kernel (Live Patch 20 for SLE 12 SP1)
______________________________________________________________________________

Announcement ID:    SUSE-SU-2018:2355-1
Rating:             important
References:         #1096564 #1097108 #1099306 
Cross-References:   CVE-2017-11600 CVE-2018-10853 CVE-2018-3646
                   
Affected Products:
                    SUSE Linux Enterprise Server for SAP 12-SP1
                    SUSE Linux Enterprise Server 12-SP1-LTSS
______________________________________________________________________________

   An update that fixes three vulnerabilities is now available.

Description:

   This update for the Linux Kernel 3.12.74-60_64_57 fixes several issues.

   The following security issues were fixed:

   - CVE-2018-3646: Local attackers in virtualized guest systems could use
     speculative code patterns on hyperthreaded processors to read data
     present in the L1 Datacache used by other hyperthreads on the same CPU
     core, potentially leaking sensitive data, even from other virtual
     machines or the host system (bsc#1099306).
   - CVE-2017-11600: net/xfrm/xfrm_policy.c did not ensure that the dir value
     of xfrm_userpolicy_id is XFRM_POLICY_MAX or less, which allowed local
     users to cause a denial of service (out-of-bounds access) or possibly
     have unspecified other impact via an XFRM_MSG_MIGRATE xfrm Netlink
     message (bsc#1096564)
   - CVE-2018-10853: A flaw was found in kvm. In which certain instructions
     such as sgdt/sidt call segmented_write_std didn't propagate access
     correctly. As such, during userspace induced exception, the guest can
     incorrectly assume that the exception happened in the kernel and panic.
     (bsc#1097108).


Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Server for SAP 12-SP1:

      zypper in -t patch SUSE-SLE-SAP-12-SP1-2018-1601=1

   - SUSE Linux Enterprise Server 12-SP1-LTSS:

      zypper in -t patch SUSE-SLE-SERVER-12-SP1-2018-1601=1



Package List:

   - SUSE Linux Enterprise Server for SAP 12-SP1 (x86_64):

      kgraft-patch-3_12_74-60_64_57-default-11-2.1
      kgraft-patch-3_12_74-60_64_57-xen-11-2.1

   - SUSE Linux Enterprise Server 12-SP1-LTSS (x86_64):

      kgraft-patch-3_12_74-60_64_57-default-11-2.1
      kgraft-patch-3_12_74-60_64_57-xen-11-2.1


References:

   https://www.suse.com/security/cve/CVE-2017-11600.html
   https://www.suse.com/security/cve/CVE-2018-10853.html
   https://www.suse.com/security/cve/CVE-2018-3646.html
   https://bugzilla.suse.com/1096564
   https://bugzilla.suse.com/1097108
   https://bugzilla.suse.com/1099306

_______________________________________________

=============================================================================
   SUSE Security Update: Security update for the Linux Kernel (Live Patch 31 for SLE 12)
______________________________________________________________________________

Announcement ID:    SUSE-SU-2018:2354-1
Rating:             important
References:         #1097108 #1099306 
Cross-References:   CVE-2018-10853 CVE-2018-3646
Affected Products:
                    SUSE Linux Enterprise Server 12-LTSS
______________________________________________________________________________

   An update that fixes two vulnerabilities is now available.

Description:

   This update for the Linux Kernel 3.12.61-52_119 fixes several issues.

   The following security issues were fixed:

   - CVE-2018-3646: Local attackers in virtualized guest systems could use
     speculative code patterns on hyperthreaded processors to read data
     present in the L1 Datacache used by other hyperthreads on the same CPU
     core, potentially leaking sensitive data, even from other virtual
     machines or the host system (bsc#1099306).
   - CVE-2018-10853: A flaw was found in kvm. In which certain instructions
     such as sgdt/sidt call segmented_write_std didn't propagate access
     correctly. As such, during userspace induced exception, the guest can
     incorrectly assume that the exception happened in the kernel and panic.
     (bsc#1097108).


Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Server 12-LTSS:

      zypper in -t patch SUSE-SLE-SERVER-12-2018-1581=1



Package List:

   - SUSE Linux Enterprise Server 12-LTSS (x86_64):

      kgraft-patch-3_12_61-52_119-default-7-2.1
      kgraft-patch-3_12_61-52_119-xen-7-2.1


References:

   https://www.suse.com/security/cve/CVE-2018-10853.html
   https://www.suse.com/security/cve/CVE-2018-3646.html
   https://bugzilla.suse.com/1097108
   https://bugzilla.suse.com/1099306

_______________________________________________

=============================================================================
   SUSE Security Update: Security update for the Linux Kernel (Live Patch 22 for SLE 12 SP1)
______________________________________________________________________________

Announcement ID:    SUSE-SU-2018:2353-1
Rating:             important
References:         #1096564 #1097108 #1099306 
Cross-References:   CVE-2017-11600 CVE-2018-10853 CVE-2018-3646
                   
Affected Products:
                    SUSE Linux Enterprise Server for SAP 12-SP1
                    SUSE Linux Enterprise Server 12-SP1-LTSS
______________________________________________________________________________

   An update that fixes three vulnerabilities is now available.

Description:

   This update for the Linux Kernel 3.12.74-60_64_63 fixes several issues.

   The following security issues were fixed:

   - CVE-2018-3646: Local attackers in virtualized guest systems could use
     speculative code patterns on hyperthreaded processors to read data
     present in the L1 Datacache used by other hyperthreads on the same CPU
     core, potentially leaking sensitive data, even from other virtual
     machines or the host system (bsc#1099306).
   - CVE-2017-11600: net/xfrm/xfrm_policy.c did not ensure that the dir value
     of xfrm_userpolicy_id is XFRM_POLICY_MAX or less, which allowed local
     users to cause a denial of service (out-of-bounds access) or possibly
     have unspecified other impact via an XFRM_MSG_MIGRATE xfrm Netlink
     message (bsc#1096564)
   - CVE-2018-10853: A flaw was found in kvm. In which certain instructions
     such as sgdt/sidt call segmented_write_std didn't propagate access
     correctly. As such, during userspace induced exception, the guest can
     incorrectly assume that the exception happened in the kernel and panic.
     (bsc#1097108).


Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Server for SAP 12-SP1:

      zypper in -t patch SUSE-SLE-SAP-12-SP1-2018-1599=1

   - SUSE Linux Enterprise Server 12-SP1-LTSS:

      zypper in -t patch SUSE-SLE-SERVER-12-SP1-2018-1599=1



Package List:

   - SUSE Linux Enterprise Server for SAP 12-SP1 (x86_64):

      kgraft-patch-3_12_74-60_64_63-default-8-2.1
      kgraft-patch-3_12_74-60_64_63-xen-8-2.1

   - SUSE Linux Enterprise Server 12-SP1-LTSS (x86_64):

      kgraft-patch-3_12_74-60_64_63-default-8-2.1
      kgraft-patch-3_12_74-60_64_63-xen-8-2.1


References:

   https://www.suse.com/security/cve/CVE-2017-11600.html
   https://www.suse.com/security/cve/CVE-2018-10853.html
   https://www.suse.com/security/cve/CVE-2018-3646.html
   https://bugzilla.suse.com/1096564
   https://bugzilla.suse.com/1097108
   https://bugzilla.suse.com/1099306

_______________________________________________

=============================================================================
   SUSE Security Update: Security update for the Linux Kernel (Live Patch 32 for SLE 12)
______________________________________________________________________________

Announcement ID:    SUSE-SU-2018:2349-1
Rating:             important
References:         #1097108 #1099306 
Cross-References:   CVE-2018-10853 CVE-2018-3646
Affected Products:
                    SUSE Linux Enterprise Server 12-LTSS
______________________________________________________________________________

   An update that fixes two vulnerabilities is now available.

Description:

   This update for the Linux Kernel 3.12.61-52_122 fixes several issues.

   The following security issues were fixed:

   - CVE-2018-3646: Local attackers in virtualized guest systems could use
     speculative code patterns on hyperthreaded processors to read data
     present in the L1 Datacache used by other hyperthreads on the same CPU
     core, potentially leaking sensitive data, even from other virtual
     machines or the host system (bsc#1099306).
   - CVE-2018-10853: A flaw was found in kvm. In which certain instructions
     such as sgdt/sidt call segmented_write_std didn't propagate access
     correctly. As such, during userspace induced exception, the guest can
     incorrectly assume that the exception happened in the kernel and panic.
     (bsc#1097108).


Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Server 12-LTSS:

      zypper in -t patch SUSE-SLE-SERVER-12-2018-1584=1



Package List:

   - SUSE Linux Enterprise Server 12-LTSS (x86_64):

      kgraft-patch-3_12_61-52_122-default-7-2.1
      kgraft-patch-3_12_61-52_122-xen-7-2.1


References:

   https://www.suse.com/security/cve/CVE-2018-10853.html
   https://www.suse.com/security/cve/CVE-2018-3646.html
   https://bugzilla.suse.com/1097108
   https://bugzilla.suse.com/1099306

_______________________________________________

=============================================================================
   SUSE Security Update: Security update for the Linux Kernel (Live Patch 26 for SLE 12)
______________________________________________________________________________

Announcement ID:    SUSE-SU-2018:2352-1
Rating:             important
References:         #1096564 #1097108 #1099306 
Cross-References:   CVE-2017-11600 CVE-2018-10853 CVE-2018-3646
                   
Affected Products:
                    SUSE Linux Enterprise Server 12-LTSS
______________________________________________________________________________

   An update that fixes three vulnerabilities is now available.

Description:

   This update for the Linux Kernel 3.12.61-52_89 fixes several issues.

   The following security issues were fixed:

   - CVE-2018-3646: Local attackers in virtualized guest systems could use
     speculative code patterns on hyperthreaded processors to read data
     present in the L1 Datacache used by other hyperthreads on the same CPU
     core, potentially leaking sensitive data, even from other virtual
     machines or the host system (bsc#1099306).
   - CVE-2017-11600: net/xfrm/xfrm_policy.c did not ensure that the dir value
     of xfrm_userpolicy_id is XFRM_POLICY_MAX or less, which allowed local
     users to cause a denial of service (out-of-bounds access) or possibly
     have unspecified other impact via an XFRM_MSG_MIGRATE xfrm Netlink
     message (bsc#1096564)
   - CVE-2018-10853: A flaw was found in kvm. In which certain instructions
     such as sgdt/sidt call segmented_write_std didn't propagate access
     correctly. As such, during userspace induced exception, the guest can
     incorrectly assume that the exception happened in the kernel and panic.
     (bsc#1097108).


Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Server 12-LTSS:

      zypper in -t patch SUSE-SLE-SERVER-12-2018-1588=1



Package List:

   - SUSE Linux Enterprise Server 12-LTSS (x86_64):

      kgraft-patch-3_12_61-52_89-default-11-2.1
      kgraft-patch-3_12_61-52_89-xen-11-2.1


References:

   https://www.suse.com/security/cve/CVE-2017-11600.html
   https://www.suse.com/security/cve/CVE-2018-10853.html
   https://www.suse.com/security/cve/CVE-2018-3646.html
   https://bugzilla.suse.com/1096564
   https://bugzilla.suse.com/1097108
   https://bugzilla.suse.com/1099306

_______________________________________________

=============================================================================
   SUSE Security Update: Security update for the Linux Kernel (Live Patch 28 for SLE 12)
______________________________________________________________________________

Announcement ID:    SUSE-SU-2018:2351-1
Rating:             important
References:         #1096564 #1097108 #1099306 
Cross-References:   CVE-2017-11600 CVE-2018-10853 CVE-2018-3646
                   
Affected Products:
                    SUSE Linux Enterprise Server 12-LTSS
______________________________________________________________________________

   An update that fixes three vulnerabilities is now available.

Description:

   This update for the Linux Kernel 3.12.61-52_101 fixes several issues.

   The following security issues were fixed:

   - CVE-2018-3646: Local attackers in virtualized guest systems could use
     speculative code patterns on hyperthreaded processors to read data
     present in the L1 Datacache used by other hyperthreads on the same CPU
     core, potentially leaking sensitive data, even from other virtual
     machines or the host system (bsc#1099306).
   - CVE-2017-11600: net/xfrm/xfrm_policy.c did not ensure that the dir value
     of xfrm_userpolicy_id is XFRM_POLICY_MAX or less, which allowed local
     users to cause a denial of service (out-of-bounds access) or possibly
     have unspecified other impact via an XFRM_MSG_MIGRATE xfrm Netlink
     message (bsc#1096564)
   - CVE-2018-10853: A flaw was found in kvm. In which certain instructions
     such as sgdt/sidt call segmented_write_std didn't propagate access
     correctly. As such, during userspace induced exception, the guest can
     incorrectly assume that the exception happened in the kernel and panic.
     (bsc#1097108).


Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Server 12-LTSS:

      zypper in -t patch SUSE-SLE-SERVER-12-2018-1590=1



Package List:

   - SUSE Linux Enterprise Server 12-LTSS (x86_64):

      kgraft-patch-3_12_61-52_101-default-8-2.1
      kgraft-patch-3_12_61-52_101-xen-8-2.1


References:

   https://www.suse.com/security/cve/CVE-2017-11600.html
   https://www.suse.com/security/cve/CVE-2018-10853.html
   https://www.suse.com/security/cve/CVE-2018-3646.html
   https://bugzilla.suse.com/1096564
   https://bugzilla.suse.com/1097108
   https://bugzilla.suse.com/1099306

_______________________________________________

=============================================================================
   SUSE Security Update: Security update for the Linux Kernel (Live Patch 21 for SLE 12 SP1)
______________________________________________________________________________

Announcement ID:    SUSE-SU-2018:2350-1
Rating:             important
References:         #1096564 #1097108 #1099306 
Cross-References:   CVE-2017-11600 CVE-2018-10853 CVE-2018-3646
                   
Affected Products:
                    SUSE Linux Enterprise Server for SAP 12-SP1
                    SUSE Linux Enterprise Server 12-SP1-LTSS
______________________________________________________________________________

   An update that fixes three vulnerabilities is now available.

Description:

   This update for the Linux Kernel 3.12.74-60_64_60 fixes several issues.

   The following security issues were fixed:

   - CVE-2018-3646: Local attackers in virtualized guest systems could use
     speculative code patterns on hyperthreaded processors to read data
     present in the L1 Datacache used by other hyperthreads on the same CPU
     core, potentially leaking sensitive data, even from other virtual
     machines or the host system (bsc#1099306).
   - CVE-2017-11600: net/xfrm/xfrm_policy.c did not ensure that the dir value
     of xfrm_userpolicy_id is XFRM_POLICY_MAX or less, which allowed local
     users to cause a denial of service (out-of-bounds access) or possibly
     have unspecified other impact via an XFRM_MSG_MIGRATE xfrm Netlink
     message (bsc#1096564)
   - CVE-2018-10853: A flaw was found in kvm. In which certain instructions
     such as sgdt/sidt call segmented_write_std didn't propagate access
     correctly. As such, during userspace induced exception, the guest can
     incorrectly assume that the exception happened in the kernel and panic.
     (bsc#1097108).


Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Server for SAP 12-SP1:

      zypper in -t patch SUSE-SLE-SAP-12-SP1-2018-1600=1

   - SUSE Linux Enterprise Server 12-SP1-LTSS:

      zypper in -t patch SUSE-SLE-SERVER-12-SP1-2018-1600=1



Package List:

   - SUSE Linux Enterprise Server for SAP 12-SP1 (x86_64):

      kgraft-patch-3_12_74-60_64_60-default-10-2.1
      kgraft-patch-3_12_74-60_64_60-xen-10-2.1

   - SUSE Linux Enterprise Server 12-SP1-LTSS (x86_64):

      kgraft-patch-3_12_74-60_64_60-default-10-2.1
      kgraft-patch-3_12_74-60_64_60-xen-10-2.1


References:

   https://www.suse.com/security/cve/CVE-2017-11600.html
   https://www.suse.com/security/cve/CVE-2018-10853.html
   https://www.suse.com/security/cve/CVE-2018-3646.html
   https://bugzilla.suse.com/1096564
   https://bugzilla.suse.com/1097108
   https://bugzilla.suse.com/1099306

_______________________________________________

=============================================================================
   SUSE Security Update: Security update for the Linux Kernel (Live Patch 27 for SLE 12 SP1)
______________________________________________________________________________

Announcement ID:    SUSE-SU-2018:2348-1
Rating:             important
References:         #1097108 #1099306 
Cross-References:   CVE-2018-10853 CVE-2018-3646
Affected Products:
                    SUSE Linux Enterprise Server for SAP 12-SP1
                    SUSE Linux Enterprise Server 12-SP1-LTSS
______________________________________________________________________________

   An update that fixes two vulnerabilities is now available.

Description:

   This update for the Linux Kernel 3.12.74-60_64_88 fixes several issues.

   The following security issues were fixed:

   - CVE-2018-3646: Local attackers in virtualized guest systems could use
     speculative code patterns on hyperthreaded processors to read data
     present in the L1 Datacache used by other hyperthreads on the same CPU
     core, potentially leaking sensitive data, even from other virtual
     machines or the host system (bsc#1099306).
   - CVE-2018-10853: A flaw was found in kvm. In which certain instructions
     such as sgdt/sidt call segmented_write_std didn't propagate access
     correctly. As such, during userspace induced exception, the guest can
     incorrectly assume that the exception happened in the kernel and panic.
     (bsc#1097108).


Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Server for SAP 12-SP1:

      zypper in -t patch SUSE-SLE-SAP-12-SP1-2018-1594=1

   - SUSE Linux Enterprise Server 12-SP1-LTSS:

      zypper in -t patch SUSE-SLE-SERVER-12-SP1-2018-1594=1



Package List:

   - SUSE Linux Enterprise Server for SAP 12-SP1 (x86_64):

      kgraft-patch-3_12_74-60_64_88-default-4-2.1
      kgraft-patch-3_12_74-60_64_88-xen-4-2.1

   - SUSE Linux Enterprise Server 12-SP1-LTSS (x86_64):

      kgraft-patch-3_12_74-60_64_88-default-4-2.1
      kgraft-patch-3_12_74-60_64_88-xen-4-2.1


References:

   https://www.suse.com/security/cve/CVE-2018-10853.html
   https://www.suse.com/security/cve/CVE-2018-3646.html
   https://bugzilla.suse.com/1097108
   https://bugzilla.suse.com/1099306

_______________________________________________

=============================================================================
   SUSE Security Update: Security update for the Linux Kernel (Live Patch 29 for SLE 12)
______________________________________________________________________________

Announcement ID:    SUSE-SU-2018:2347-1
Rating:             important
References:         #1096564 #1097108 #1099306 
Cross-References:   CVE-2017-11600 CVE-2018-10853 CVE-2018-3646
                   
Affected Products:
                    SUSE Linux Enterprise Server 12-LTSS
______________________________________________________________________________

   An update that fixes three vulnerabilities is now available.

Description:

   This update for the Linux Kernel 3.12.61-52_106 fixes several issues.

   The following security issues were fixed:

   - CVE-2018-3646: Local attackers in virtualized guest systems could use
     speculative code patterns on hyperthreaded processors to read data
     present in the L1 Datacache used by other hyperthreads on the same CPU
     core, potentially leaking sensitive data, even from other virtual
     machines or the host system (bsc#1099306).
   - CVE-2017-11600: net/xfrm/xfrm_policy.c did not ensure that the dir value
     of xfrm_userpolicy_id is XFRM_POLICY_MAX or less, which allowed local
     users to cause a denial of service (out-of-bounds access) or possibly
     have unspecified other impact via an XFRM_MSG_MIGRATE xfrm Netlink
     message (bsc#1096564)
   - CVE-2018-10853: A flaw was found in kvm. In which certain instructions
     such as sgdt/sidt call segmented_write_std didn't propagate access
     correctly. As such, during userspace induced exception, the guest can
     incorrectly assume that the exception happened in the kernel and panic.
     (bsc#1097108).


Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Server 12-LTSS:

      zypper in -t patch SUSE-SLE-SERVER-12-2018-1591=1



Package List:

   - SUSE Linux Enterprise Server 12-LTSS (x86_64):

      kgraft-patch-3_12_61-52_106-default-8-2.1
      kgraft-patch-3_12_61-52_106-xen-8-2.1


References:

   https://www.suse.com/security/cve/CVE-2017-11600.html
   https://www.suse.com/security/cve/CVE-2018-10853.html
   https://www.suse.com/security/cve/CVE-2018-3646.html
   https://bugzilla.suse.com/1096564
   https://bugzilla.suse.com/1097108
   https://bugzilla.suse.com/1099306

_______________________________________________

=============================================================================

   SUSE Security Update: Security update for the Linux Kernel (Live Patch 27 for SLE 12)
______________________________________________________________________________

Announcement ID:    SUSE-SU-2018:2346-1
Rating:             important
References:         #1096564 #1097108 #1099306 
Cross-References:   CVE-2017-11600 CVE-2018-10853 CVE-2018-3646
                   
Affected Products:
                    SUSE Linux Enterprise Server 12-LTSS
______________________________________________________________________________

   An update that fixes three vulnerabilities is now available.

Description:

   This update for the Linux Kernel 3.12.61-52_92 fixes several issues.

   The following security issues were fixed:

   - CVE-2018-3646: Local attackers in virtualized guest systems could use
     speculative code patterns on hyperthreaded processors to read data
     present in the L1 Datacache used by other hyperthreads on the same CPU
     core, potentially leaking sensitive data, even from other virtual
     machines or the host system (bsc#1099306).
   - CVE-2017-11600: net/xfrm/xfrm_policy.c did not ensure that the dir value
     of xfrm_userpolicy_id is XFRM_POLICY_MAX or less, which allowed local
     users to cause a denial of service (out-of-bounds access) or possibly
     have unspecified other impact via an XFRM_MSG_MIGRATE xfrm Netlink
     message (bsc#1096564)
   - CVE-2018-10853: A flaw was found in kvm. In which certain instructions
     such as sgdt/sidt call segmented_write_std didn't propagate access
     correctly. As such, during userspace induced exception, the guest can
     incorrectly assume that the exception happened in the kernel and panic.
     (bsc#1097108).


Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Server 12-LTSS:

      zypper in -t patch SUSE-SLE-SERVER-12-2018-1589=1



Package List:

   - SUSE Linux Enterprise Server 12-LTSS (x86_64):

      kgraft-patch-3_12_61-52_92-default-10-2.1
      kgraft-patch-3_12_61-52_92-xen-10-2.1


References:

   https://www.suse.com/security/cve/CVE-2017-11600.html
   https://www.suse.com/security/cve/CVE-2018-10853.html
   https://www.suse.com/security/cve/CVE-2018-3646.html
   https://bugzilla.suse.com/1096564
   https://bugzilla.suse.com/1097108
   https://bugzilla.suse.com/1099306

_______________________________________________

===============================================================================

   SUSE Security Update: Security update for the Linux Kernel (Live Patch 34 for SLE 12)
______________________________________________________________________________

Announcement ID:    SUSE-SU-2018:2345-1
Rating:             important
References:         #1097108 #1099306 
Cross-References:   CVE-2018-10853 CVE-2018-3646
Affected Products:
                    SUSE Linux Enterprise Server 12-LTSS
______________________________________________________________________________

   An update that fixes two vulnerabilities is now available.

Description:

   This update for the Linux Kernel 3.12.61-52_128 fixes several issues.

   The following security issues were fixed:

   - CVE-2018-3646: Local attackers in virtualized guest systems could use
     speculative code patterns on hyperthreaded processors to read data
     present in the L1 Datacache used by other hyperthreads on the same CPU
     core, potentially leaking sensitive data, even from other virtual
     machines or the host system (bsc#1099306).
   - CVE-2018-10853: A flaw was found in kvm. In which certain instructions
     such as sgdt/sidt call segmented_write_std didn't propagate access
     correctly. As such, during userspace induced exception, the guest can
     incorrectly assume that the exception happened in the kernel and panic.
     (bsc#1097108).


Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Server 12-LTSS:

      zypper in -t patch SUSE-SLE-SERVER-12-2018-1586=1



Package List:

   - SUSE Linux Enterprise Server 12-LTSS (x86_64):

      kgraft-patch-3_12_61-52_128-default-4-2.1
      kgraft-patch-3_12_61-52_128-xen-4-2.1


References:

   https://www.suse.com/security/cve/CVE-2018-10853.html
   https://www.suse.com/security/cve/CVE-2018-3646.html
   https://bugzilla.suse.com/1097108
   https://bugzilla.suse.com/1099306

_______________________________________________

==============================================================================
   SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID:    SUSE-SU-2018:2344-1
Rating:             important
References:         #1064232 #1076110 #1083635 #1085042 #1086652 
                    #1087081 #1089343 #1090123 #1091171 #1094248 
                    #1096130 #1096480 #1096978 #1097140 #1097551 
                    #1098016 #1098425 #1098435 #1099924 #1100089 
                    #1100416 #1100418 #1100491 #1101557 #1102340 
                    #1102851 #1103097 #1103119 #1103580 
Cross-References:   CVE-2017-18344 CVE-2018-13053 CVE-2018-13405
                    CVE-2018-13406 CVE-2018-14734 CVE-2018-3620
                    CVE-2018-3646 CVE-2018-5390 CVE-2018-5391
                    CVE-2018-5814 CVE-2018-9385
Affected Products:
                    SUSE OpenStack Cloud 7
                    SUSE Linux Enterprise Server for SAP 12-SP2
                    SUSE Linux Enterprise Server 12-SP2-LTSS
                    SUSE Linux Enterprise High Availability 12-SP2
                    SUSE Enterprise Storage 4
                    OpenStack Cloud Magnum Orchestration 7
______________________________________________________________________________

   An update that solves 11 vulnerabilities and has 18 fixes
   is now available.

Description:



   The SUSE Linux Enterprise 12 SP2 LTSS kernel was updated to receive
   various security and bugfixes.

   The following security bugs were fixed:

   - CVE-2018-3620: Local attackers on baremetal systems could use
     speculative code patterns on hyperthreaded processors to read data
     present in the L1 Datacache used by other hyperthreads on the same CPU
     core, potentially leaking sensitive data. (bnc#1087081).
   - CVE-2018-3646: Local attackers in virtualized guest systems could use
     speculative code patterns on hyperthreaded processors to read data
     present in the L1 Datacache used by other hyperthreads on the same CPU
     core, potentially leaking sensitive data, even from other virtual
     machines or the host system. (bnc#1089343).
   - CVE-2018-5390 aka "SegmentSmack": The Linux Kernel can be forced to make
     very expensive calls to tcp_collapse_ofo_queue() and
     tcp_prune_ofo_queue() for every incoming packet which can lead to a
     denial of service (bnc#1102340).
   - CVE-2018-5391 aka "FragmentSmack": A flaw in the IP packet reassembly
     could be used by remote attackers to consume lots of CPU time
     (bnc#1103097).
   - CVE-2018-14734: drivers/infiniband/core/ucma.c allowed
     ucma_leave_multicast to access a certain data structure after a cleanup
     step in ucma_process_join, which allowed attackers to cause a denial of
     service (use-after-free) (bnc#1103119).
   - CVE-2017-18344: The timer_create syscall implementation in
     kernel/time/posix-timers.c didn't properly validate the
     sigevent->sigev_notify field, which leads to out-of-bounds access in the
     show_timer function (called when /proc/$PID/timers is read). This
     allowed userspace applications to read arbitrary kernel memory (on a
     kernel built with CONFIG_POSIX_TIMERS and CONFIG_CHECKPOINT_RESTORE)
     (bnc#1102851 bnc#1103580).
   - CVE-2018-9385: When printing the "driver_override" option from with-in
     the amba driver, a very long line could expose one additional
     uninitialized byte (bnc#1100491).
   - CVE-2018-13053: The alarm_timer_nsleep function in
     kernel/time/alarmtimer.c had an integer overflow via a large relative
     timeout because ktime_add_safe is not used (bnc#1099924).
   - CVE-2018-13405: The inode_init_owner function in fs/inode.c allowed
     local users to create files with an unintended group ownership, in a
     scenario where a directory is SGID to a certain group and is writable by
     a user who is not a member of that group. Here, the non-member can
     trigger creation of a plain file whose group ownership is that group.
     The intended behavior was that the non-member can trigger creation of a
     directory (but not a plain file) whose group ownership is that group.
     The non-member can escalate privileges by making the plain file
     executable and SGID (bnc#1100416).
   - CVE-2018-13406: An integer overflow in the uvesafb_setcmap function in
     drivers/video/fbdev/uvesafb.c could result in local attackers being able
     to crash the kernel or potentially elevate privileges because
     kmalloc_array is not used (bnc#1098016 1100418).
   - CVE-2018-5814: Multiple race condition errors when handling probe,
     disconnect, and rebind operations could be exploited to trigger a
     use-after-free condition or a NULL pointer dereference by sending
     multiple USB over IP packets (bnc#1096480).

   The following non-security bugs were fixed:

   - Add support for 5,25,50, and 100G to 802.3ad bonding driver (bsc#1096978)
   - bcache: add backing_request_endio() for bi_end_io (bsc#1064232).
   - bcache: add CACHE_SET_IO_DISABLE to struct cache_set flags (bsc#1064232).
   - bcache: add io_disable to struct cached_dev (bsc#1064232).
   - bcache: add journal statistic (bsc#1076110).
   - bcache: Add __printf annotation to __bch_check_keys() (bsc#1064232).
   - bcache: add stop_when_cache_set_failed option to backing device
     (bsc#1064232).
   - bcache: add wait_for_kthread_stop() in bch_allocator_thread()
     (bsc#1064232).
   - bcache: Annotate switch fall-through (bsc#1064232).
   - bcache: closures: move control bits one bit right (bsc#1076110).
   - bcache: correct flash only vols (check all uuids) (bsc#1064232).
   - bcache: count backing device I/O error for writeback I/O (bsc#1064232).
   - bcache: do not attach backing with duplicate UUID (bsc#1076110).
   - bcache: Fix a compiler warning in bcache_device_init() (bsc#1064232).
   - bcache: fix cached_dev->count usage for bch_cache_set_error()
     (bsc#1064232).
   - bcache: fix crashes in duplicate cache device register (bsc#1076110).
   - bcache: fix error return value in memory shrink (bsc#1064232).
   - bcache: fix for allocator and register thread race (bsc#1076110).
   - bcache: fix for data collapse after re-attaching an attached device
     (bsc#1076110).
   - bcache: fix high CPU occupancy during journal (bsc#1076110).
   - bcache: Fix, improve efficiency of closure_sync() (bsc#1076110).
   - bcache: fix inaccurate io state for detached bcache devices
     (bsc#1064232).
   - bcache: fix incorrect sysfs output value of strip size (bsc#1064232).
   - bcache: Fix indentation (bsc#1064232).
   - bcache: fix kcrashes with fio in RAID5 backend dev (bsc#1076110).
   - bcache: Fix kernel-doc warnings (bsc#1064232).
   - bcache: fix misleading error message in bch_count_io_errors()
     (bsc#1064232).
   - bcache: fix using of loop variable in memory shrink (bsc#1064232).
   - bcache: fix writeback target calc on large devices (bsc#1076110).
   - bcache: fix wrong return value in bch_debug_init() (bsc#1076110).
   - bcache: mark closure_sync() __sched (bsc#1076110).
   - bcache: move closure debug file into debug directory (bsc#1064232).
   - bcache: properly set task state in bch_writeback_thread() (bsc#1064232).
   - bcache: quit dc->writeback_thread when BCACHE_DEV_DETACHING is set
     (bsc#1064232).
   - bcache: reduce cache_set devices iteration by devices_max_used
     (bsc#1064232).
   - bcache: Reduce the number of sparse complaints about lock imbalances
     (bsc#1064232).
   - bcache: Remove an unused variable (bsc#1064232).
   - bcache: ret IOERR when read meets metadata error (bsc#1076110).
   - bcache: return 0 from bch_debug_init() if CONFIG_DEBUG_FS=n
     (bsc#1064232).
   - bcache: return attach error when no cache set exist (bsc#1076110).
   - bcache: segregate flash only volume write streams (bsc#1076110).
   - bcache: set CACHE_SET_IO_DISABLE in bch_cached_dev_error() (bsc#1064232).
   - bcache: set dc->io_disable to true in conditional_stop_bcache_device()
     (bsc#1064232).
   - bcache: set error_limit correctly (bsc#1064232).
   - bcache: set writeback_rate_update_seconds in range [1, 60] seconds
     (bsc#1064232).
   - bcache: stop bcache device when backing device is offline (bsc#1064232).
   - bcache: stop dc->writeback_rate_update properly (bsc#1064232).
   - bcache: stop writeback thread after detaching (bsc#1076110).
   - bcache: store disk name in struct cache and struct cached_dev
     (bsc#1064232).
   - bcache: Suppress more warnings about set-but-not-used variables
     (bsc#1064232).
   - bcache: use pr_info() to inform duplicated CACHE_SET_IO_DISABLE set
     (bsc#1064232).
   - bcache: Use PTR_ERR_OR_ZERO() (bsc#1076110).
   - bpf: properly enforce index mask to prevent out-of-bounds speculation
     (bsc#1098425).
   - cifs: Check for timeout on Negotiate stage (bsc#1091171).
   - cifs: fix bad/NULL ptr dereferencing in SMB2_sess_setup() (bsc#1090123).
   - cpu/hotplug: Add sysfs state interface (bsc#1089343).
   - cpu/hotplug: Provide knobs to control SMT (bsc#1089343).
   - cpu/hotplug: Split do_cpu_down() (bsc#1089343).
   - ext4: fix unsupported feature message formatting (bsc#1098435).
   - Hang/soft lockup in d_invalidate with simultaneous calls (bsc#1094248,
     bsc@1097140).
   - ixgbe: fix possible race in reset subtask (bsc#1101557).
   - ixgbe: Refactor queue disable logic to take completion time into account
     (bsc#1101557).
   - ixgbe: Reorder Tx/Rx shutdown to reduce time needed to stop device
     (bsc#1101557).
   - ixgbe: use atomic bitwise operations when handling reset requests
     (bsc#1101557).
   - kabi/severities: add PASS to drivers/md/bcache/*, no one uses bcache
     kernel module.
   - procfs: add tunable for fd/fdinfo dentry retention (bsc#1086652).
   - sched/sysctl: Check user input value of sysctl_sched_time_avg
     (bsc#1100089).
   - signals: avoid unnecessary taking of sighand->siglock (bsc#1096130).
   - x86/CPU/AMD: Do not check CPUID max ext level before parsing SMP info
     (bsc#1089343).
   - x86/cpu/AMD: Evaluate smp_num_siblings early (bsc#1089343).
   - x86/CPU/AMD: Move TOPOEXT reenablement before reading smp_num_siblings
     (bsc#1089343). Update config files.
   - x86/cpu/AMD: Remove the pointless detect_ht() call (bsc#1089343).
   - x86/cpu/common: Provide detect_ht_early() (bsc#1089343).
   - x86/cpu/intel: Evaluate smp_num_siblings early (bsc#1089343).
   - x86/cpu: Remove the pointless CPU printout (bsc#1089343).
   - x86/cpu/topology: Provide detect_extended_topology_early() (bsc#1089343).
   - x86/mm: Simplify p[g4um]d_page() macros (1087081).
   - x86/pti: do not report XenPV as vulnerable (bsc#1097551).
   - x86/smpboot: Do not use smp_num_siblings in __max_logical_packages
     calculation (bsc#1089343).
   - x86/smp: Provide topology_is_primary_thread() (bsc#1089343).
   - x86/topology: Add topology_max_smt_threads() (bsc#1089343).
   - x86/topology: Provide topology_smt_supported() (bsc#1089343).
   - xen/grant-table: log the lack of grants (bnc#1085042).


Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE OpenStack Cloud 7:

      zypper in -t patch SUSE-OpenStack-Cloud-7-2018-1603=1

   - SUSE Linux Enterprise Server for SAP 12-SP2:

      zypper in -t patch SUSE-SLE-SAP-12-SP2-2018-1603=1

   - SUSE Linux Enterprise Server 12-SP2-LTSS:

      zypper in -t patch SUSE-SLE-SERVER-12-SP2-2018-1603=1

   - SUSE Linux Enterprise High Availability 12-SP2:

      zypper in -t patch SUSE-SLE-HA-12-SP2-2018-1603=1

   - SUSE Enterprise Storage 4:

      zypper in -t patch SUSE-Storage-4-2018-1603=1

   - OpenStack Cloud Magnum Orchestration 7:

      zypper in -t patch SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2018-1603=1



Package List:

   - SUSE OpenStack Cloud 7 (s390x x86_64):

      kernel-default-4.4.121-92.92.1
      kernel-default-base-4.4.121-92.92.1
      kernel-default-base-debuginfo-4.4.121-92.92.1
      kernel-default-debuginfo-4.4.121-92.92.1
      kernel-default-debugsource-4.4.121-92.92.1
      kernel-default-devel-4.4.121-92.92.1
      kernel-syms-4.4.121-92.92.1

   - SUSE OpenStack Cloud 7 (noarch):

      kernel-devel-4.4.121-92.92.1
      kernel-macros-4.4.121-92.92.1
      kernel-source-4.4.121-92.92.1

   - SUSE OpenStack Cloud 7 (x86_64):

      kgraft-patch-4_4_121-92_92-default-1-3.7.1
      lttng-modules-2.7.1-9.4.1
      lttng-modules-debugsource-2.7.1-9.4.1
      lttng-modules-kmp-default-2.7.1_k4.4.121_92.92-9.4.1
      lttng-modules-kmp-default-debuginfo-2.7.1_k4.4.121_92.92-9.4.1

   - SUSE OpenStack Cloud 7 (s390x):

      kernel-default-man-4.4.121-92.92.1

   - SUSE Linux Enterprise Server for SAP 12-SP2 (ppc64le x86_64):

      kernel-default-4.4.121-92.92.1
      kernel-default-base-4.4.121-92.92.1
      kernel-default-base-debuginfo-4.4.121-92.92.1
      kernel-default-debuginfo-4.4.121-92.92.1
      kernel-default-debugsource-4.4.121-92.92.1
      kernel-default-devel-4.4.121-92.92.1
      kernel-syms-4.4.121-92.92.1

   - SUSE Linux Enterprise Server for SAP 12-SP2 (noarch):

      kernel-devel-4.4.121-92.92.1
      kernel-macros-4.4.121-92.92.1
      kernel-source-4.4.121-92.92.1

   - SUSE Linux Enterprise Server for SAP 12-SP2 (x86_64):

      kgraft-patch-4_4_121-92_92-default-1-3.7.1
      lttng-modules-2.7.1-9.4.1
      lttng-modules-debugsource-2.7.1-9.4.1
      lttng-modules-kmp-default-2.7.1_k4.4.121_92.92-9.4.1
      lttng-modules-kmp-default-debuginfo-2.7.1_k4.4.121_92.92-9.4.1

   - SUSE Linux Enterprise Server 12-SP2-LTSS (ppc64le s390x x86_64):

      kernel-default-4.4.121-92.92.1
      kernel-default-base-4.4.121-92.92.1
      kernel-default-base-debuginfo-4.4.121-92.92.1
      kernel-default-debuginfo-4.4.121-92.92.1
      kernel-default-debugsource-4.4.121-92.92.1
      kernel-default-devel-4.4.121-92.92.1
      kernel-syms-4.4.121-92.92.1

   - SUSE Linux Enterprise Server 12-SP2-LTSS (x86_64):

      kgraft-patch-4_4_121-92_92-default-1-3.7.1
      lttng-modules-2.7.1-9.4.1
      lttng-modules-debugsource-2.7.1-9.4.1
      lttng-modules-kmp-default-2.7.1_k4.4.121_92.92-9.4.1
      lttng-modules-kmp-default-debuginfo-2.7.1_k4.4.121_92.92-9.4.1

   - SUSE Linux Enterprise Server 12-SP2-LTSS (noarch):

      kernel-devel-4.4.121-92.92.1
      kernel-macros-4.4.121-92.92.1
      kernel-source-4.4.121-92.92.1

   - SUSE Linux Enterprise Server 12-SP2-LTSS (s390x):

      kernel-default-man-4.4.121-92.92.1

   - SUSE Linux Enterprise High Availability 12-SP2 (ppc64le s390x x86_64):

      cluster-md-kmp-default-4.4.121-92.92.1
      cluster-md-kmp-default-debuginfo-4.4.121-92.92.1
      cluster-network-kmp-default-4.4.121-92.92.1
      cluster-network-kmp-default-debuginfo-4.4.121-92.92.1
      dlm-kmp-default-4.4.121-92.92.1
      dlm-kmp-default-debuginfo-4.4.121-92.92.1
      gfs2-kmp-default-4.4.121-92.92.1
      gfs2-kmp-default-debuginfo-4.4.121-92.92.1
      kernel-default-debuginfo-4.4.121-92.92.1
      kernel-default-debugsource-4.4.121-92.92.1
      ocfs2-kmp-default-4.4.121-92.92.1
      ocfs2-kmp-default-debuginfo-4.4.121-92.92.1

   - SUSE Enterprise Storage 4 (noarch):

      kernel-devel-4.4.121-92.92.1
      kernel-macros-4.4.121-92.92.1
      kernel-source-4.4.121-92.92.1

   - SUSE Enterprise Storage 4 (x86_64):

      kernel-default-4.4.121-92.92.1
      kernel-default-base-4.4.121-92.92.1
      kernel-default-base-debuginfo-4.4.121-92.92.1
      kernel-default-debuginfo-4.4.121-92.92.1
      kernel-default-debugsource-4.4.121-92.92.1
      kernel-default-devel-4.4.121-92.92.1
      kernel-syms-4.4.121-92.92.1
      kgraft-patch-4_4_121-92_92-default-1-3.7.1
      lttng-modules-2.7.1-9.4.1
      lttng-modules-debugsource-2.7.1-9.4.1
      lttng-modules-kmp-default-2.7.1_k4.4.121_92.92-9.4.1
      lttng-modules-kmp-default-debuginfo-2.7.1_k4.4.121_92.92-9.4.1

   - OpenStack Cloud Magnum Orchestration 7 (x86_64):

      kernel-default-4.4.121-92.92.1
      kernel-default-debuginfo-4.4.121-92.92.1
      kernel-default-debugsource-4.4.121-92.92.1


References:

   https://www.suse.com/security/cve/CVE-2017-18344.html
   https://www.suse.com/security/cve/CVE-2018-13053.html
   https://www.suse.com/security/cve/CVE-2018-13405.html
   https://www.suse.com/security/cve/CVE-2018-13406.html
   https://www.suse.com/security/cve/CVE-2018-14734.html
   https://www.suse.com/security/cve/CVE-2018-3620.html
   https://www.suse.com/security/cve/CVE-2018-3646.html
   https://www.suse.com/security/cve/CVE-2018-5390.html
   https://www.suse.com/security/cve/CVE-2018-5391.html
   https://www.suse.com/security/cve/CVE-2018-5814.html
   https://www.suse.com/security/cve/CVE-2018-9385.html
   https://bugzilla.suse.com/1064232
   https://bugzilla.suse.com/1076110
   https://bugzilla.suse.com/1083635
   https://bugzilla.suse.com/1085042
   https://bugzilla.suse.com/1086652
   https://bugzilla.suse.com/1087081
   https://bugzilla.suse.com/1089343
   https://bugzilla.suse.com/1090123
   https://bugzilla.suse.com/1091171
   https://bugzilla.suse.com/1094248
   https://bugzilla.suse.com/1096130
   https://bugzilla.suse.com/1096480
   https://bugzilla.suse.com/1096978
   https://bugzilla.suse.com/1097140
   https://bugzilla.suse.com/1097551
   https://bugzilla.suse.com/1098016
   https://bugzilla.suse.com/1098425
   https://bugzilla.suse.com/1098435
   https://bugzilla.suse.com/1099924
   https://bugzilla.suse.com/1100089
   https://bugzilla.suse.com/1100416
   https://bugzilla.suse.com/1100418
   https://bugzilla.suse.com/1100491
   https://bugzilla.suse.com/1101557
   https://bugzilla.suse.com/1102340
   https://bugzilla.suse.com/1102851
   https://bugzilla.suse.com/1103097
   https://bugzilla.suse.com/1103119
   https://bugzilla.suse.com/1103580

_______________________________________________

=================================================================================

   SUSE Security Update: Security update for the Linux Kernel (Live Patch 35 for SLE 12)
______________________________________________________________________________

Announcement ID:    SUSE-SU-2018:2342-1
Rating:             important
References:         #1097108 #1099306 
Cross-References:   CVE-2018-10853 CVE-2018-3646
Affected Products:
                    SUSE Linux Enterprise Server 12-LTSS
______________________________________________________________________________

   An update that fixes two vulnerabilities is now available.

Description:

   This update for the Linux Kernel 3.12.61-52_133 fixes several issues.

   The following security issues were fixed:

   - CVE-2018-3646: Local attackers in virtualized guest systems could use
     speculative code patterns on hyperthreaded processors to read data
     present in the L1 Datacache used by other hyperthreads on the same CPU
     core, potentially leaking sensitive data, even from other virtual
     machines or the host system (bsc#1099306).
   - CVE-2018-10853: A flaw was found in kvm. In which certain instructions
     such as sgdt/sidt call segmented_write_std didn't propagate access
     correctly. As such, during userspace induced exception, the guest can
     incorrectly assume that the exception happened in the kernel and panic.
     (bsc#1097108).


Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Server 12-LTSS:

      zypper in -t patch SUSE-SLE-SERVER-12-2018-1585=1



Package List:

   - SUSE Linux Enterprise Server 12-LTSS (x86_64):

      kgraft-patch-3_12_61-52_133-default-3-2.1
      kgraft-patch-3_12_61-52_133-xen-3-2.1


References:

   https://www.suse.com/security/cve/CVE-2018-10853.html
   https://www.suse.com/security/cve/CVE-2018-3646.html
   https://bugzilla.suse.com/1097108
   https://bugzilla.suse.com/1099306

_______________________________________________

==============================================================================

   SUSE Security Update: Security update for the Linux Kernel (Live Patch 33 for SLE 12)
______________________________________________________________________________

Announcement ID:    SUSE-SU-2018:2341-1
Rating:             important
References:         #1097108 #1099306 
Cross-References:   CVE-2018-10853 CVE-2018-3646
Affected Products:
                    SUSE Linux Enterprise Server 12-LTSS
______________________________________________________________________________

   An update that fixes two vulnerabilities is now available.

Description:

   This update for the Linux Kernel 3.12.61-52_125 fixes several issues.

   The following security issues were fixed:

   - CVE-2018-3646: Local attackers in virtualized guest systems could use
     speculative code patterns on hyperthreaded processors to read data
     present in the L1 Datacache used by other hyperthreads on the same CPU
     core, potentially leaking sensitive data, even from other virtual
     machines or the host system (bsc#1099306).
   - CVE-2018-10853: A flaw was found in kvm. In which certain instructions
     such as sgdt/sidt call segmented_write_std didn't propagate access
     correctly. As such, during userspace induced exception, the guest can
     incorrectly assume that the exception happened in the kernel and panic.
     (bsc#1097108).


Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Server 12-LTSS:

      zypper in -t patch SUSE-SLE-SERVER-12-2018-1583=1



Package List:

   - SUSE Linux Enterprise Server 12-LTSS (x86_64):

      kgraft-patch-3_12_61-52_125-default-6-2.1
      kgraft-patch-3_12_61-52_125-xen-6-2.1


References:

   https://www.suse.com/security/cve/CVE-2018-10853.html
   https://www.suse.com/security/cve/CVE-2018-3646.html
   https://bugzilla.suse.com/1097108
   https://bugzilla.suse.com/1099306

_______________________________________________

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBW3YrzmaOgq3Tt24GAQjyaBAAg6y1e6ff6WvKC5GUBuux9G/zLzStG67N
6edG3EABq5qoqKqZjeVOrtgb6WXTIcC1Gfwkm7lBsq4onMHznwxx/KRXHaoOhHYa
R1hHHTV/grKpPmPLf74wd0u1ndAs2mXTRyznPrjtZnF8il+KBcIFRtC57yvGZrms
2T0HLbv07EWKurD9EeS6s+6ngdLAWMGm2wexiOvZSqBeyQXUzCL0wTblcXT3/9AD
fLMEKcikjJKXqtoHKFxry5qjduyy1au4jCdg08U0OxaVfMuV++FkfqWO6ld8gY6k
imhFASIWeBGtH6QggH/XWLUPhc8FTCnAxHT7+fqkVSvSEK0SUnUGcD4/6IlmSkF5
v5XqiEMu7K/NZhom71acaKnUvX52snS49sCZKlgCnQnlBxaR1++/wVJt0tWW6x+b
0jgecKl26XiiBF1ccsu1QTh7b/RMeQ9j+5oPrrwKQLqhTMUDuR37aqoexWx2hlcx
zAbptdy9yBzYMXu1Ub+BYwFkWPTA+p+5407yyM9UimhseR/8yu5mv7LNArDnNzCi
6pASTBbPRkrJQ55/1gYlGpuiaPtL7JgBZQ8T1En/oTvSQYv7nM1vdbI3GfDN/Wp7
phMnNxQ81kdSYHWPm3ZwJ8ErrJa21iWc67vO5uJDgtMxPKH1ESkTjc64kggSHhyp
aUGraP79aZk=
=uKxo
-----END PGP SIGNATURE-----