Security update for the Linux Kernel (Live Patch 11 for SLE 12 SP2)
Details
This update for the Linux Kernel 4.4.74-92_32 fixes several issues.
The following security issues were fixed:
CVE-2017-1000405: Problematic use of pmdmkdirty() in the touchpmd() function allowed users to overwrite read-only huge pages (e.g. the zero huge page and sealed shmem files) (bsc#1070307).
CVE-2017-16939: The XFRM dump policy implementation in net/xfrm/xfrmuser.c kernel allowed local users to gain privileges or cause a denial of service (use-after-free) via a crafted SORCVBUF setsockopt system call in conjunction with XFRMMSGGETPOLICY Netlink messages (bsc#1069708).
This non-security issue was fixed:
bsc#1062847: Enable proper shut down if NIC teaming is enabled