SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:3004-1
Rating: important
References: #1012382 #1044189 #1063026 #1066223 #1082863
#1082979 #1084427 #1084536 #1087209 #1088087
#1090535 #1091815 #1094244 #1094555 #1094562
#1095344 #1095753 #1096547 #1099810 #1102495
#1102715 #1102870 #1102875 #1102877 #1102879
#1102882 #1102896 #1103156 #1103269 #1106095
#1106434 #1106512 #1106594 #1106934 #1107924
#1108096 #1108170 #1108240 #1108399 #1108803
#1108823 #1109333 #1109336 #1109337 #1109441
#1110297 #1110337
Cross-References: CVE-2018-14613 CVE-2018-14617 CVE-2018-16276
CVE-2018-16597 CVE-2018-17182 CVE-2018-7480
CVE-2018-7757
Affected Products:
SUSE Linux Enterprise Live Patching 12-SP3
______________________________________________________________________________
An update that solves 7 vulnerabilities and has 40 fixes is
now available.
Description:
The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.156 to receive
various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-16597: Incorrect access checking in overlayfs mounts could have
been used by local attackers to modify or truncate files in the
underlying filesystem (bnc#1106512).
- CVE-2018-14613: Prevent invalid pointer dereference in io_ctl_map_page()
when mounting and operating a crafted btrfs image, caused by a lack of
block group item validation in check_leaf_item (bsc#1102896)
- CVE-2018-14617: Prevent NULL pointer dereference and panic in
hfsplus_lookup() when opening a file (that is purportedly a hard link)
in an hfs+ filesystem that has malformed catalog data, and is mounted
read-only without a metadata directory (bsc#1102870)
- CVE-2018-16276: Incorrect bounds checking in the yurex USB driver in
yurex_read allowed local attackers to use user access read/writes to
crash the kernel or potentially escalate privileges (bsc#1106095)
- CVE-2018-7757: Memory leak in the sas_smp_get_phy_events function in
drivers/scsi/libsas/sas_expander.c allowed local users to cause a denial
of service (memory consumption) via many read accesses to files in the
/sys/class/sas_phy directory, as demonstrated by the
/sys/class/sas_phy/phy-1:0:12/invalid_dword_count file (bnc#1084536)
- CVE-2018-7480: The blkcg_init_queue function allowed local users to
cause a denial of service (double free) or possibly have unspecified
other impact by triggering a creation failure (bsc#1082863).
- CVE-2018-17182: The vmacache_flush_all function in mm/vmacache.c
mishandled sequence number overflows. An attacker can trigger a
use-after-free (and possibly gain privileges) via certain thread
creation, map, unmap, invalidation, and dereference operations
(bnc#1108399).
The following non-security bugs were fixed:
- asm/sections: add helpers to check for section data (bsc#1063026).
- ASoC: wm8994: Fix missing break in switch (bnc#1012382).
- block: bvec_nr_vecs() returns value for wrong slab (bsc#1082979).
- bpf: fix overflow in prog accounting (bsc#1012382).
- btrfs: Add checker for EXTENT_CSUM (bsc#1102882, bsc#1102896,
bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: Add sanity check for EXTENT_DATA when reading out leaf
(bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: Check if item pointer overlaps with the item itself (bsc#1102882,
bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: Check that each block group has corresponding chunk at mount time
(bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: Introduce mount time chunk <-> dev extent mapping check
(bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: Move leaf and node validation checker to tree-checker.c
(bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: relocation: Only remove reloc rb_trees if reloc control has been
initialized (bnc#1012382).
- btrfs: replace: Reset on-disk dev stats value after replace
(bnc#1012382).
- btrfs: scrub: Do not use inode page cache in
scrub_handle_errored_block() (bsc#1108096).
- btrfs: tree-checker: Add checker for dir item (bsc#1102882, bsc#1102896,
bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: Detect invalid and empty essential trees
(bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: Enhance btrfs_check_node output (bsc#1102882,
bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: Enhance output for btrfs_check_leaf (bsc#1102882,
bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: Enhance output for check_csum_item (bsc#1102882,
bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: Enhance output for check_extent_data_item
(bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: Fix false panic for sanity test (bsc#1102882,
bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: Replace root parameter with fs_info (bsc#1102882,
bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: use %zu format string for size_t (bsc#1102882,
bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: use %zu format string for size_t (bsc#1102882,
bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: Verify block_group_item (bsc#1102882, bsc#1102896,
bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: use correct compare function of dirty_metadata_bytes
(bnc#1012382).
- btrfs: Verify that every chunk has corresponding block group at mount
time (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- cifs: check if SMB2 PDU size has been padded and suppress the warning
(bnc#1012382).
- crypto: clarify licensing of OpenSSL asm code ().
- crypto: vmx - Remove overly verbose printk from AES XTS init (git-fixes).
- debugobjects: Make stack check warning more informative (bnc#1012382).
- dm kcopyd: avoid softlockup in run_complete_job (bnc#1012382).
- dm-mpath: do not try to access NULL rq (bsc#1110337).
- EDAC: Fix memleak in module init error path (bsc#1109441).
- EDAC, i7core: Fix memleaks and use-after-free on probe and remove
(1109441).
- fat: validate ->i_start before using (bnc#1012382).
- Fixes: Commit cdbf92675fad ("mm: numa: avoid waiting on freed migrated
pages") (bnc#1012382).
- Follow-up fix for
patches.arch/01-jump_label-reduce-the-size-of-struct-static_key-kabi.patch
(bsc#1108803).
- fork: do not copy inconsistent signal handler state to child
(bnc#1012382).
- fs/dcache.c: fix kmemcheck splat at take_dentry_name_snapshot()
(bnc#1012382).
- genirq: Delay incrementing interrupt count if it's disabled/pending
(bnc#1012382).
- grow_cache: we still have a code which uses both __GFP_ZERO and
constructors. The code seems to be correct and the warning does more
harm than good so revert for the the meantime until we catch offenders.
(bnc#1110297)
- hfsplus: do not return 0 when fill_super() failed (bnc#1012382).
- hfs: prevent crash on exit from failed search (bnc#1012382).
- ib_srp: Remove WARN_ON in srp_terminate_io() (bsc#1094562).
- ipvs: fix race between ip_vs_conn_new() and ip_vs_del_dest()
(bnc#1012382).
- irqchip/bcm7038-l1: Hide cpu offline callback when building for !SMP
(bnc#1012382).
- irqchip/gic-v3: Add missing barrier to 32bit version of gic_read_iar()
(bnc#1012382).
- kabi protect hnae_ae_ops (bsc#1107924).
- kbuild: make missing $DEPMOD a Warning instead of an Error (bnc#1012382).
- l2tp: cast l2tp traffic counter to unsigned (bsc#1099810).
- mei: me: allow runtime pm for platform with D0i3 (bnc#1012382).
- mfd: sm501: Set coherent_dma_mask when creating subdevices (bnc#1012382).
- mm/fadvise.c: fix signed overflow UBSAN complaint (bnc#1012382).
- net/9p: fix error path of p9_virtio_probe (bnc#1012382).
- net: bcmgenet: use MAC link status for fixed phy (bnc#1012382).
- net: ena: Eliminate duplicate barriers on weakly-ordered archs
(bsc#1108240).
- net: ena: fix device destruction to gracefully free resources
(bsc#1108240).
- net: ena: fix driver when PAGE_SIZE == 64kB (bsc#1108240).
- net: ena: fix incorrect usage of memory barriers (bsc#1108240).
- net: ena: fix missing calls to READ_ONCE (bsc#1108240).
- net: ena: fix missing lock during device destruction (bsc#1108240).
- net: ena: fix potential double ena_destroy_device() (bsc#1108240).
- net: ena: fix surprise unplug NULL dereference kernel crash
(bsc#1108240).
- net: hns: add netif_carrier_off before change speed and duplex
(bsc#1107924).
- net: hns: add the code for cleaning pkt in chip (bsc#1107924).
- nvme_fc: add 'nvme_discovery' sysfs attribute to fc transport
device
(bsc#1044189).
- nvmet: fixup crash on NULL device path (bsc#1082979).
- ovl: modify ovl_permission() to do checks on two inodes (bsc#1106512)
- ovl: proper cleanup of workdir (bnc#1012382).
- ovl: rename is_merge to is_lowest (bnc#1012382).
- PCI: mvebu: Fix I/O space end address calculation (bnc#1012382).
- platform/x86: asus-nb-wmi: Add keymap entry for lid flip action on UX360
(bnc#1012382).
- powerpc/64: Do load of PACAKBASE in LOAD_HANDLER (bsc#1094244).
- powerpc/book3s: Fix MCE console messages for unrecoverable MCE
(bsc#1094244).
- powerpc/fadump: cleanup crash memory ranges support (bsc#1103269).
- powerpc/fadump: re-register firmware-assisted dump if already registered
(bsc#1108170, bsc#1108823).
- powerpc: Fix size calculation using resource_size() (bnc#1012382).
- powerpc/mce: Move 64-bit machine check code into mce.c (bsc#1094244).
- powerpc/perf/hv-24x7: Fix off-by-one error in request_buffer check
(git-fixes).
- powerpc/powernv/ioda2: Reduce upper limit for DMA window size
(bsc#1066223).
- powerpc/powernv: Rename machine_check_pSeries_early() to powernv
(bsc#1094244).
- powerpc/pseries: Avoid using the size greater than RTAS_ERROR_LOG_MAX
(bnc#1012382).
- powerpc/pseries: Disable CPU hotplug across migrations (bsc#1066223).
- powerpc/pseries: Remove prrn_work workqueue (bsc#1102495, bsc#1109337).
- powerpc/pseries: Remove unneeded uses of dlpar work queue (bsc#1102495,
bsc#1109337).
- powerpc/tm: Fix userspace r13 corruption (bsc#1109333).
- RDMA/rw: Fix rdma_rw_ctx_signature_init() kernel-doc header
(bsc#1082979).
- reiserfs: change j_timestamp type to time64_t (bnc#1012382).
- Revert "ARM: imx_v6_v7_defconfig: Select ULPI support"
(bnc#1012382).
- s390/dasd: fix hanging offline processing due to canceled worker
(bnc#1012382).
- s390/lib: use expoline for all bcr instructions (LTC#171029 bnc#1012382
bnc#1106934).
- sch_hhf: fix null pointer dereference on init failure (bnc#1012382).
- sch_htb: fix crash on init failure (bnc#1012382).
- sch_multiq: fix double free on init failure (bnc#1012382).
- sch_netem: avoid null pointer deref on init failure (bnc#1012382).
- sch_tbf: fix two null pointer dereferences on init failure (bnc#1012382).
- scripts: modpost: check memory allocation results (bnc#1012382).
- scsi: aic94xx: fix an error code in aic94xx_init() (bnc#1012382).
- scsi: ipr: System hung while dlpar adding primary ipr adapter back
(bsc#1109336).
- scsi: qla2xxx: Add changes for devloss timeout in driver (bsc#1084427).
- scsi: qla2xxx: Add FC-NVMe abort processing (bsc#1084427).
- scsi: qla2xxx: Add longer window for chip reset (bsc#1094555).
- scsi: qla2xxx: Avoid double completion of abort command (bsc#1094555).
- scsi: qla2xxx: Cleanup code to improve FC-NVMe error handling
(bsc#1084427).
- scsi: qla2xxx: Cleanup for N2N code (bsc#1094555).
- scsi: qla2xxx: correctly shift host byte (bsc#1094555).
- scsi: qla2xxx: Correct setting of SAM_STAT_CHECK_CONDITION (bsc#1094555).
- scsi: qla2xxx: Delete session for nport id change (bsc#1094555).
- scsi: qla2xxx: Fix Async GPN_FT for FCP and FC-NVMe scan (bsc#1084427).
- scsi: qla2xxx: Fix crash on qla2x00_mailbox_command (bsc#1094555).
- scsi: qla2xxx: Fix double free bug after firmware timeout (bsc#1094555).
- scsi: qla2xxx: Fix driver unload by shutting down chip (bsc#1094555).
- scsi: qla2xxx: fix error message on <qla2400 (bsc#1094555).
- scsi: qla2xxx: Fix FC-NVMe IO abort during driver reset (bsc#1084427).
- scsi: qla2xxx: Fix function argument descriptions (bsc#1094555).
- scsi: qla2xxx: Fix Inquiry command being dropped in Target mode
(bsc#1094555).
- scsi: qla2xxx: Fix issue reported by static checker for
qla2x00_els_dcmd2_sp_done() (bsc#1094555).
- scsi: qla2xxx: Fix login retry count (bsc#1094555).
- scsi: qla2xxx: Fix Management Server NPort handle reservation logic
(bsc#1094555).
- scsi: qla2xxx: Fix memory leak for allocating abort IOCB (bsc#1094555).
- scsi: qla2xxx: Fix n2n_ae flag to prevent dev_loss on PDB change
(bsc#1084427).
- scsi: qla2xxx: Fix N2N link re-connect (bsc#1094555).
- scsi: qla2xxx: Fix NPIV deletion by calling wait_for_sess_deletion
(bsc#1094555).
- scsi: qla2xxx: Fix race between switch cmd completion and timeout
(bsc#1094555).
- scsi: qla2xxx: Fix race condition between iocb timeout and
initialisation (bsc#1094555).
- scsi: qla2xxx: Fix redundant fc_rport registration (bsc#1094555).
- scsi: qla2xxx: Fix retry for PRLI RJT with reason of BUSY (bsc#1084427).
- scsi: qla2xxx: Fix Rport and session state getting out of sync
(bsc#1094555).
- scsi: qla2xxx: Fix sending ADISC command for login (bsc#1094555).
- scsi: qla2xxx: Fix session state stuck in Get Port DB (bsc#1094555).
- scsi: qla2xxx: Fix stalled relogin (bsc#1094555).
- scsi: qla2xxx: Fix TMF and Multi-Queue config (bsc#1094555).
- scsi: qla2xxx: Fix unintended Logout (bsc#1094555).
- scsi: qla2xxx: Fix unintialized List head crash (bsc#1094555).
- scsi: qla2xxx: Flush mailbox commands on chip reset (bsc#1094555).
- scsi: qla2xxx: fx00 copypaste typo (bsc#1094555).
- scsi: qla2xxx: Migrate NVME N2N handling into state machine
(bsc#1094555).
- scsi: qla2xxx: Move GPSC and GFPNID out of session management
(bsc#1094555).
- scsi: qla2xxx: Prevent relogin loop by removing stale code (bsc#1094555).
- scsi: qla2xxx: Prevent sysfs access when chip is down (bsc#1094555).
- scsi: qla2xxx: Reduce redundant ADISC command for RSCNs (bsc#1094555).
- scsi: qla2xxx: remove irq save in qla2x00_poll() (bsc#1094555).
- scsi: qla2xxx: Remove nvme_done_list (bsc#1084427).
- scsi: qla2xxx: Remove stale debug value for login_retry flag
(bsc#1094555).
- scsi: qla2xxx: Remove unneeded message and minor cleanup for FC-NVMe
(bsc#1084427).
- scsi: qla2xxx: Restore ZIO threshold setting (bsc#1084427).
- scsi: qla2xxx: Return busy if rport going away (bsc#1084427).
- scsi: qla2xxx: Save frame payload size from ICB (bsc#1094555).
- scsi: qla2xxx: Set IIDMA and fcport state before
qla_nvme_register_remote() (bsc#1084427).
- scsi: qla2xxx: Silent erroneous message (bsc#1094555).
- scsi: qla2xxx: Update driver version to 10.00.00.06-k (bsc#1084427).
- scsi: qla2xxx: Update driver version to 10.00.00.07-k (bsc#1094555).
- scsi: qla2xxx: Update driver version to 10.00.00.08-k (bsc#1094555).
- scsi: qla2xxx: Use dma_pool_zalloc() (bsc#1094555).
- scsi: qla2xxx: Use predefined get_datalen_for_atio() inline function
(bsc#1094555).
- selftests/powerpc: Kill child processes on SIGINT (bnc#1012382).
- smb3: fix reset of bytes read and written stats (bnc#1012382).
- SMB3: Number of requests sent should be displayed for SMB3 not just CIFS
(bnc#1012382).
- staging: android: ion: fix ION_IOC_{MAP,SHARE} use-after-free
(bnc#1012382).
- staging: comedi: ni_mio_common: fix subdevice flags for PFI subdevice
(bnc#1012382).
- tcp: do not restart timewait timer on rst reception (bnc#1012382).
- Update
patches.suse/dm-Always-copy-cmd_flags-when-cloning-a-request.patch
(bsc#1088087, bsc#1103156).
- usbip: vhci_sysfs: fix potential Spectre v1 (bsc#1096547).
- vti6: remove !skb->ignore_df check from vti6_xmit() (bnc#1012382).
- watchdog: w83627hf_wdt: Add quirk for Inves system (bsc#1106434).
- x86/entry/64: Remove %ebx handling from error_entry/exit (bnc#1102715).
- x86/pae: use 64 bit atomic xchg function in native_ptep_get_and_clear
(bnc#1012382).
- x86/speculation/l1tf: Fix up pte->pfn conversion for PAE (bnc#1012382).
- xen: avoid crash in disable_hotplug_cpu (bsc#1106594).
- xfs: add a new xfs_iext_lookup_extent_before helper (bsc#1095344).
- xfs: add asserts for the mmap lock in xfs_{insert,collapse}_file_space
(bsc#1095344).
- xfs: add a xfs_bmap_fork_to_state helper (bsc#1095344).
- xfs: add a xfs_iext_update_extent helper (bsc#1095344).
- xfs: add comments documenting the rebalance algorithm (bsc#1095344).
- xfs: add some comments to xfs_iext_insert/xfs_iext_insert_node
(bsc#1095344).
- xfs: add xfs_trim_extent (bsc#1095344).
- xfs: allow unaligned extent records in xfs_bmbt_disk_set_all
(bsc#1095344).
- xfs: borrow indirect blocks from freed extent when available
(bsc#1095344).
- xfs: cleanup xfs_bmap_last_before (bsc#1095344).
- xfs: do not create overlapping extents in xfs_bmap_add_extent_delay_real
(bsc#1095344).
- xfs: do not rely on extent indices in xfs_bmap_collapse_extents
(bsc#1095344).
- xfs: do not rely on extent indices in xfs_bmap_insert_extents
(bsc#1095344).
- xfs: do not set XFS_BTCUR_BPRV_WASDEL in xfs_bunmapi (bsc#1095344).
- xfs: during btree split, save new block key and ptr for future insertion
(bsc#1095344).
- xfs: factor out a helper to initialize a local format inode fork
(bsc#1095344).
- xfs: fix memory leak in xfs_iext_free_last_leaf (bsc#1095344).
- xfs: fix number of records handling in xfs_iext_split_leaf (bsc#1095344).
- xfs: fix transaction allocation deadlock in IO path (bsc#1090535).
- xfs: handle indlen shortage on delalloc extent merge (bsc#1095344).
- xfs: handle zero entries case in xfs_iext_rebalance_leaf (bsc#1095344).
- xfs: improve kmem_realloc (bsc#1095344).
- xfs: inline xfs_shift_file_space into callers (bsc#1095344).
- xfs: introduce the xfs_iext_cursor abstraction (bsc#1095344).
- xfs: iterate over extents in xfs_bmap_extents_to_btree (bsc#1095344).
- xfs: iterate over extents in xfs_iextents_copy (bsc#1095344).
- xfs: make better use of the 'state' variable in
xfs_bmap_del_extent_real
(bsc#1095344).
- xfs: merge xfs_bmap_read_extents into xfs_iread_extents (bsc#1095344).
- xfs: move pre/post-bmap tracing into xfs_iext_update_extent
(bsc#1095344).
- xfs: move some code around inside xfs_bmap_shift_extents (bsc#1095344).
- xfs: move some more code into xfs_bmap_del_extent_real (bsc#1095344).
- xfs: move xfs_bmbt_irec and xfs_exntst_t to xfs_types.h (bsc#1095344).
- xfs: move xfs_iext_insert tracepoint to report useful information
(bsc#1095344).
- xfs: new inode extent list lookup helpers (bsc#1095344).
- xfs: only run torn log write detection on dirty logs (bsc#1095753).
- xfs: pass an on-disk extent to xfs_bmbt_validate_extent (bsc#1095344).
- xfs: pass a struct xfs_bmbt_irec to xfs_bmbt_lookup_eq (bsc#1095344).
- xfs: pass a struct xfs_bmbt_irec to xfs_bmbt_update (bsc#1095344).
- xfs: pass struct xfs_bmbt_irec to xfs_bmbt_validate_extent (bsc#1095344).
- xfs: provide helper for counting extents from if_bytes (bsc#1095344).
- xfs: refactor delalloc accounting in xfs_bmap_add_extent_delay_real
(bsc#1095344).
- xfs: refactor delalloc indlen reservation split into helper
(bsc#1095344).
- xfs: refactor dir2 leaf readahead shadow buffer cleverness (bsc#1095344).
- xfs: refactor in-core log state update to helper (bsc#1095753).
- xfs: refactor unmount record detection into helper (bsc#1095753).
- xfs: refactor xfs_bmap_add_extent_delay_real (bsc#1095344).
- xfs: refactor xfs_bmap_add_extent_hole_delay (bsc#1095344).
- xfs: refactor xfs_bmap_add_extent_hole_real (bsc#1095344).
- xfs: refactor xfs_bmap_add_extent_unwritten_real (bsc#1095344).
- xfs: refactor xfs_bunmapi_cow (bsc#1095344).
- xfs: refactor xfs_del_extent_real (bsc#1095344).
- xfs: remove a duplicate assignment in xfs_bmap_add_extent_delay_real
(bsc#1095344).
- xfs: remove all xfs_bmbt_set_* helpers except for xfs_bmbt_set_all
(bsc#1095344).
- xfs: remove a superflous assignment in xfs_iext_remove_node
(bsc#1095344).
- xfs: remove if_rdev (bsc#1095344).
- xfs: remove prev argument to xfs_bmapi_reserve_delalloc (bsc#1095344).
- xfs: remove support for inlining data/extents into the inode fork
(bsc#1095344).
- xfs: remove the never fully implemented UUID fork format (bsc#1095344).
- xfs: remove the nr_extents argument to xfs_iext_insert (bsc#1095344).
- xfs: remove the nr_extents argument to xfs_iext_remove (bsc#1095344).
- xfs: remove XFS_BMAP_MAX_SHIFT_EXTENTS (bsc#1095344).
- xfs: remove XFS_BMAP_TRACE_EXLIST (bsc#1095344).
- xfs: remove xfs_bmbt_get_state (bsc#1095344).
- xfs: remove xfs_bmse_shift_one (bsc#1095344).
- xfs: rename bno to end in __xfs_bunmapi (bsc#1095344).
- xfs: replace xfs_bmbt_lookup_ge with xfs_bmbt_lookup_first (bsc#1095344).
- xfs: replace xfs_qm_get_rtblks with a direct call to
xfs_bmap_count_leaves (bsc#1095344).
- xfs: rewrite getbmap using the xfs_iext_* helpers (bsc#1095344).
- xfs: rewrite xfs_bmap_count_leaves using xfs_iext_get_extent
(bsc#1095344).
- xfs: rewrite xfs_bmap_first_unused to make better use of
xfs_iext_get_extent (bsc#1095344).
- xfs: separate log head record discovery from verification (bsc#1095753).
- xfs: simplify the xfs_getbmap interface (bsc#1095344).
- xfs: simplify validation of the unwritten extent bit (bsc#1095344).
- xfs: split indlen reservations fairly when under reserved (bsc#1095344).
- xfs: split xfs_bmap_shift_extents (bsc#1095344).
- xfs: switch xfs_bmap_local_to_extents to use xfs_iext_insert
(bsc#1095344).
- xfs: treat idx as a cursor in xfs_bmap_add_extent_delay_real
(bsc#1095344).
- xfs: treat idx as a cursor in xfs_bmap_add_extent_hole_delay
(bsc#1095344).
- xfs: treat idx as a cursor in xfs_bmap_add_extent_hole_real
(bsc#1095344).
- xfs: treat idx as a cursor in xfs_bmap_add_extent_unwritten_real
(bsc#1095344).
- xfs: treat idx as a cursor in xfs_bmap_collapse_extents (bsc#1095344).
- xfs: treat idx as a cursor in xfs_bmap_del_extent_* (bsc#1095344).
- xfs: update freeblocks counter after extent deletion (bsc#1095344).
- xfs: update got in xfs_bmap_shift_update_extent (bsc#1095344).
- xfs: use a b+tree for the in-core extent list (bsc#1095344).
- xfs: use correct state defines in xfs_bmap_del_extent_{cow,delay}
(bsc#1095344).
- xfs: use new extent lookup helpers in xfs_bmapi_read (bsc#1095344).
- xfs: use new extent lookup helpers in xfs_bmapi_write (bsc#1095344).
- xfs: use new extent lookup helpers in __xfs_bunmapi (bsc#1095344).
- xfs: use the state defines in xfs_bmap_del_extent_real (bsc#1095344).
- xfs: use xfs_bmap_del_extent_delay for the data fork as well
(bsc#1095344).
- xfs: use xfs_iext_*_extent helpers in xfs_bmap_shift_extents
(bsc#1095344).
- xfs: use xfs_iext_*_extent helpers in xfs_bmap_split_extent_at
(bsc#1095344).
- xfs: use xfs_iext_get_extent instead of open coding it (bsc#1095344).
- xfs: use xfs_iext_get_extent in xfs_bmap_first_unused (bsc#1095344).
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation
methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Live Patching 12-SP3:
zypper in -t patch SUSE-SLE-Live-Patching-12-SP3-2018-2135=1
Package List:
- SUSE Linux Enterprise Live Patching 12-SP3 (ppc64le x86_64):
kgraft-patch-4_4_156-94_57-default-1-4.3.5
kgraft-patch-4_4_156-94_57-default-debuginfo-1-4.3.5
References:
https://www.suse.com/security/cve/CVE-2018-14613.html
https://www.suse.com/security/cve/CVE-2018-14617.html
https://www.suse.com/security/cve/CVE-2018-16276.html
https://www.suse.com/security/cve/CVE-2018-16597.html
https://www.suse.com/security/cve/CVE-2018-17182.html
https://www.suse.com/security/cve/CVE-2018-7480.html
https://www.suse.com/security/cve/CVE-2018-7757.html
https://bugzilla.suse.com/1012382
https://bugzilla.suse.com/1044189
https://bugzilla.suse.com/1063026
https://bugzilla.suse.com/1066223
https://bugzilla.suse.com/1082863
https://bugzilla.suse.com/1082979
https://bugzilla.suse.com/1084427
https://bugzilla.suse.com/1084536
https://bugzilla.suse.com/1087209
https://bugzilla.suse.com/1088087
https://bugzilla.suse.com/1090535
https://bugzilla.suse.com/1091815
https://bugzilla.suse.com/1094244
https://bugzilla.suse.com/1094555
https://bugzilla.suse.com/1094562
https://bugzilla.suse.com/1095344
https://bugzilla.suse.com/1095753
https://bugzilla.suse.com/1096547
https://bugzilla.suse.com/1099810
https://bugzilla.suse.com/1102495
https://bugzilla.suse.com/1102715
https://bugzilla.suse.com/1102870
https://bugzilla.suse.com/1102875
https://bugzilla.suse.com/1102877
https://bugzilla.suse.com/1102879
https://bugzilla.suse.com/1102882
https://bugzilla.suse.com/1102896
https://bugzilla.suse.com/1103156
https://bugzilla.suse.com/1103269
https://bugzilla.suse.com/1106095
https://bugzilla.suse.com/1106434
https://bugzilla.suse.com/1106512
https://bugzilla.suse.com/1106594
https://bugzilla.suse.com/1106934
https://bugzilla.suse.com/1107924
https://bugzilla.suse.com/1108096
https://bugzilla.suse.com/1108170
https://bugzilla.suse.com/1108240
https://bugzilla.suse.com/1108399
https://bugzilla.suse.com/1108803
https://bugzilla.suse.com/1108823
https://bugzilla.suse.com/1109333
https://bugzilla.suse.com/1109336
https://bugzilla.suse.com/1109337
https://bugzilla.suse.com/1109441
https://bugzilla.suse.com/1110297
https://bugzilla.suse.com/1110337
_______________________________________________
sle-security-updates mailing list
sle-security-updates@lists.suse.com
http://lists.suse.com/mailman/listinfo/sle-security-updates
|
