The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
CVE-2018-18445: A faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory accesses because adjustscalarminmaxvals in kernel/bpf/verifier.c mishandled 32-bit right shifts (bnc#1112372).
CVE-2018-18386: drivers/tty/n_tty.c allowed local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ (bnc#1094825).
CVE-2017-18224: fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode, which allowed local users to cause a denial of service (BUG) by modifying a certain e_cpos field (bnc#1084831).
CVE-2017-16533: The usbhid_parse function in drivers/hid/usbhid/hid-core.c allowed local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device (bnc#1066674).
The following non-security bugs were fixed:
acpi / processor: Fix the return value of acpiprocessorids_walk() (bsc#1051510).
acpica: Reference Counts: increase max to 0x4000 for large servers (bsc#1108241).
Revert 'mwifiex: handle race during mwifiexusbdisconnect' (bsc#1051510).
Revert 'pinctrl: sunxi: Do not enforce bias disable (for now)' (bsc#1051510).
Revert 'slab: _GFPZERO is incompatible with a constructor' (bnc#1108828) This reverts commit de0a67303736262e306a3eb23aa38824b28c2764 because we still seem to have false possitives in the tree.
Revert 'ubifs: xattr: Do not operate on deleted inodes' (bsc#1051510).
Squashfs: Compute expected length from inode size rather than block length (bsc#1051510).
usb: Add quirk to support DJI CineSSD (bsc#1051510).
usb: add quirk for WORLDE Controller KS49 or Prodipe MIDI 49C USB controller (bsc#1051510).
usb: fix error handling in usbdriverclaim_interface() (bsc#1051510).
usb: handle NULL config in usbfindalt_setting() (bsc#1051510).
usb: remove LPM management from usbdriverclaim_interface() (bsc#1051510).
usb: serial: simple: add Motorola Tetra MTP6550 id (bsc#1051510).
usb: yurex: Check for truncation in yurex_read() (bsc#1051510).
usb: yurex: Fix buffer over-read in yurex_write() (bsc#1051510).
Use upstream version of pci-hyperv patch (35a88a1)
acpi, nfit: Add function to look up nvdimm device and provide SMBIOS handle (bsc#1099125).
aio: fix iodestroy(2) vs. lookupioctx() race (git-fixes).
apparmor: Check buffer bounds when mapping permissions mask (git-fixes).
apparmor: Fix failure to audit context info in buildchangehat (bsc#1051510).
apparmor: Fully initialize aa_perms struct when answering userspace query (bsc#1051510).
apparmor: fix mediation of prlimit (bsc#1051510).
apparmor: fix memory leak when deduping profile load (bsc#1051510).
apparmor: fix ptrace read check (bsc#1051510).
asix: Check for supported Wake-on-LAN modes (bsc#1051510).
ath10k: fix kernel panic issue during pci probe (bsc#1051510).
ath10k: fix scan crash due to incorrect length calculation (bsc#1051510).
ath10k: fix use-after-free in ath10kwmicmdsendnowait (bsc#1051510).
ath10k: protect ath10khttrxringfree with rx_ring.lock (bsc#1051510).
audit: fix use-after-free in auditaddwatch (bsc#1051510).
batman-adv: Avoid probe ELP information leak (bsc#1051510).
batman-adv: Fix multicast TT issues with bogus ROAM flags (bsc#1051510).
batman-adv: Fix segfault when writing to sysfs elp_interval (bsc#1051510).
batman-adv: Fix segfault when writing to throughput_override (bsc#1051510).