The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.114 to receive various security and bugfixes.
The following security bugs were fixed:
CVE-2017-5715: Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis (bnc#1068032).
The previous fix using CPU Microcode has been complemented by building the Linux Kernel with return trampolines aka 'retpolines'.
CVE-2017-15129: A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel in the function getnetnsbyid() in net/core/netnamespace.c did not check for the net::count value after it has found a peer network in netnsids idr, which could lead to double free and memory corruption. This vulnerability could allow an unprivileged local user to induce kernel memory corruption on the system, leading to a crash. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although it is thought to be unlikely (bnc#1074839).
The following non-security bugs were fixed:
{ "binaries": [ { "kernel-macros": "4.4.114-94.11.2", "kernel-devel": "4.4.114-94.11.2", "kernel-default": "4.4.114-94.11.3", "kernel-source": "4.4.114-94.11.2", "kernel-default-extra": "4.4.114-94.11.3", "kernel-syms": "4.4.114-94.11.2", "kernel-default-devel": "4.4.114-94.11.3" } ] }
{ "binaries": [ { "kernel-macros": "4.4.114-94.11.2", "kernel-devel": "4.4.114-94.11.2", "kernel-default": "4.4.114-94.11.3", "kernel-source": "4.4.114-94.11.2", "kernel-default-extra": "4.4.114-94.11.3", "kernel-syms": "4.4.114-94.11.2", "kernel-default-devel": "4.4.114-94.11.3" } ] }
{ "binaries": [ { "kernel-macros": "4.4.114-94.11.2", "kernel-devel": "4.4.114-94.11.2", "kernel-default": "4.4.114-94.11.3", "kernel-source": "4.4.114-94.11.2", "kernel-default-extra": "4.4.114-94.11.3", "kernel-syms": "4.4.114-94.11.2", "kernel-default-devel": "4.4.114-94.11.3" } ] }
{ "binaries": [ { "kernel-macros": "4.4.114-94.11.2", "kernel-devel": "4.4.114-94.11.2", "kernel-default-base": "4.4.114-94.11.3", "kernel-default-man": "4.4.114-94.11.3", "kernel-default": "4.4.114-94.11.3", "kernel-source": "4.4.114-94.11.2", "kernel-syms": "4.4.114-94.11.2", "kernel-default-devel": "4.4.114-94.11.3" } ] }
{ "binaries": [ { "kernel-macros": "4.4.114-94.11.2", "kernel-devel": "4.4.114-94.11.2", "kernel-default-base": "4.4.114-94.11.3", "kernel-default-man": "4.4.114-94.11.3", "kernel-default": "4.4.114-94.11.3", "kernel-source": "4.4.114-94.11.2", "kernel-syms": "4.4.114-94.11.2", "kernel-default-devel": "4.4.114-94.11.3" } ] }
{ "binaries": [ { "kernel-macros": "4.4.114-94.11.2", "kernel-devel": "4.4.114-94.11.2", "kernel-default-base": "4.4.114-94.11.3", "kernel-default-man": "4.4.114-94.11.3", "kernel-default": "4.4.114-94.11.3", "kernel-source": "4.4.114-94.11.2", "kernel-syms": "4.4.114-94.11.2", "kernel-default-devel": "4.4.114-94.11.3" } ] }
{ "binaries": [ { "kernel-macros": "4.4.114-94.11.2", "kernel-devel": "4.4.114-94.11.2", "kernel-default-base": "4.4.114-94.11.3", "kernel-default-man": "4.4.114-94.11.3", "kernel-default": "4.4.114-94.11.3", "kernel-source": "4.4.114-94.11.2", "kernel-syms": "4.4.114-94.11.2", "kernel-default-devel": "4.4.114-94.11.3" } ] }
{ "binaries": [ { "kernel-macros": "4.4.114-94.11.2", "kernel-devel": "4.4.114-94.11.2", "kernel-default-base": "4.4.114-94.11.3", "kernel-default-man": "4.4.114-94.11.3", "kernel-default": "4.4.114-94.11.3", "kernel-source": "4.4.114-94.11.2", "kernel-syms": "4.4.114-94.11.2", "kernel-default-devel": "4.4.114-94.11.3" } ] }
{ "binaries": [ { "kernel-macros": "4.4.114-94.11.2", "kernel-devel": "4.4.114-94.11.2", "kernel-default-base": "4.4.114-94.11.3", "kernel-default-man": "4.4.114-94.11.3", "kernel-default": "4.4.114-94.11.3", "kernel-source": "4.4.114-94.11.2", "kernel-syms": "4.4.114-94.11.2", "kernel-default-devel": "4.4.114-94.11.3" } ] }