Security update for the Linux Kernel

SUSE Security Update: Security update for the Linux Kernel

---

Announcement ID:	SUSE-SU-2018:3003-1
Rating:	important
References:	#1012382 #1044189 #1063026 #1066223 #1082863 #1082979 #1084427 #1084536 #1087209 #1088087 #1090535 #1091815 #1094244 #1094555 #1094562 #1095344 #1095753 #1096547 #1099810 #1102495 #1102715 #1102870 #1102875 #1102877 #1102879 #1102882 #1102896 #1103156 #1103269 #1106095 #1106434 #1106512 #1106594 #1106934 #1107924 #1108096 #1108170 #1108240 #1108399 #1108803 #1108823 #1109333 #1109336 #1109337 #1109441 #1110297 #1110337
Cross-References:	CVE-2018-14613 CVE-2018-14617 CVE-2018-16276 CVE-2018-16597 CVE-2018-17182 CVE-2018-7480 CVE-2018-7757
Affected Products:	SUSE Linux Enterprise Workstation Extension 12-SP3 SUSE Linux Enterprise Software Development Kit 12-SP3 SUSE Linux Enterprise Server 12-SP3 SUSE Linux Enterprise High Availability 12-SP3 SUSE Linux Enterprise Desktop 12-SP3 SUSE CaaS Platform ALL SUSE CaaS Platform 3.0

---

An update that solves 7 vulnerabilities and has 40 fixes is now available.

Description:

The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.156 to receive various security and bugfixes.
The following security bugs were fixed:

• CVE-2018-16597: Incorrect access checking in overlayfs mounts could have been used by local attackers to modify or truncate files in the underlying filesystem (bnc#1106512).
• CVE-2018-14613: Prevent invalid pointer dereference in io_ctl_map_page() when mounting and operating a crafted btrfs image, caused by a lack of block group item validation in check_leaf_item (bsc#1102896)
• CVE-2018-14617: Prevent NULL pointer dereference and panic in hfsplus_lookup() when opening a file (that is purportedly a hard link) in an hfs+ filesystem that has malformed catalog data, and is mounted read-only without a metadata directory (bsc#1102870)
• CVE-2018-16276: Incorrect bounds checking in the yurex USB driver in yurex_read allowed local attackers to use user access read/writes to crash the kernel or potentially escalate privileges (bsc#1106095)
• CVE-2018-7757: Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c allowed local users to cause a denial of service (memory consumption) via many read accesses to files in the /sys/class/sas_phy directory, as demonstrated by the /sys/class/sas_phy/phy-1:0:12/invalid_dword_count file (bnc#1084536)
• CVE-2018-7480: The blkcg_init_queue function allowed local users to cause a denial of service (double free) or possibly have unspecified other impact by triggering a creation failure (bsc#1082863).
• CVE-2018-17182: The vmacache_flush_all function in mm/vmacache.c mishandled sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations (bnc#1108399).

The following non-security bugs were fixed:

• asm/sections: add helpers to check for section data (bsc#1063026).
• ASoC: wm8994: Fix missing break in switch (bnc#1012382).
• block: bvec_nr_vecs() returns value for wrong slab (bsc#1082979).
• bpf: fix overflow in prog accounting (bsc#1012382).
• btrfs: Add checker for EXTENT_CSUM (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
• btrfs: Add sanity check for EXTENT_DATA when reading out leaf (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
• btrfs: Check if item pointer overlaps with the item itself (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
• btrfs: Check that each block group has corresponding chunk at mount time (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
• btrfs: Introduce mount time chunk dev extent mapping check (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
• btrfs: Move leaf and node validation checker to tree-checker.c (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
• btrfs: relocation: Only remove reloc rb_trees if reloc control has been initialized (bnc#1012382).
• btrfs: replace: Reset on-disk dev stats value after replace (bnc#1012382).
• btrfs: scrub: Do not use inode page cache in scrub_handle_errored_block() (bsc#1108096).
• btrfs: tree-checker: Add checker for dir item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
• btrfs: tree-checker: Detect invalid and empty essential trees (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
• btrfs: tree-checker: Enhance btrfs_check_node output (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
• btrfs: tree-checker: Enhance output for btrfs_check_leaf (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
• btrfs: tree-checker: Enhance output for check_csum_item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
• btrfs: tree-checker: Enhance output for check_extent_data_item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
• btrfs: tree-checker: Fix false panic for sanity test (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
• btrfs: tree-checker: Replace root parameter with fs_info (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
• btrfs: tree-checker: use %zu format string for size_t (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
• btrfs: tree-checker: use %zu format string for size_t (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
• btrfs: tree-checker: Verify block_group_item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
• btrfs: use correct compare function of dirty_metadata_bytes (bnc#1012382).
• btrfs: Verify that every chunk has corresponding block group at mount time (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
• cifs: check if SMB2 PDU size has been padded and suppress the warning (bnc#1012382).
• crypto: clarify licensing of OpenSSL asm code ().
• crypto: vmx - Remove overly verbose printk from AES XTS init (git-fixes).
• debugobjects: Make stack check warning more informative (bnc#1012382).
• dm kcopyd: avoid softlockup in run_complete_job (bnc#1012382).
• dm-mpath: do not try to access NULL rq (bsc#1110337).
• EDAC: Fix memleak in module init error path (bsc#1109441).
• EDAC, i7core: Fix memleaks and use-after-free on probe and remove (1109441).
• fat: validate ->i_start before using (bnc#1012382).
• Fixes: Commit cdbf92675fad ("mm: numa: avoid waiting on freed migrated pages") (bnc#1012382).
• Follow-up fix for

patches.arch/01-jump_label-reduce-the-size-of-struct-static_key-kabi.patch (bsc#1108803).

fork: do not copy inconsistent signal handler state to child (bnc#1012382).

fs/dcache.c: fix kmemcheck splat at take_dentry_name_snapshot() (bnc#1012382).

genirq: Delay incrementing interrupt count if it's disabled/pending (bnc#1012382).

grow_cache: we still have a code which uses both __GFP_ZERO and constructors. The code seems to be correct and the warning does more harm than good so revert for the the meantime until we catch offenders. (bnc#1110297)

hfsplus: do not return 0 when fill_super() failed (bnc#1012382).

hfs: prevent crash on exit from failed search (bnc#1012382).

ib_srp: Remove WARN_ON in srp_terminate_io() (bsc#1094562).

ipvs: fix race between ip_vs_conn_new() and ip_vs_del_dest() (bnc#1012382).

irqchip/bcm7038-l1: Hide cpu offline callback when building for !SMP (bnc#1012382).

irqchip/gic-v3: Add missing barrier to 32bit version of gic_read_iar() (bnc#1012382).

kabi protect hnae_ae_ops (bsc#1107924).

kbuild: make missing $DEPMOD a Warning instead of an Error (bnc#1012382).

l2tp: cast l2tp traffic counter to unsigned (bsc#1099810).

mei: me: allow runtime pm for platform with D0i3 (bnc#1012382).

mfd: sm501: Set coherent_dma_mask when creating subdevices (bnc#1012382).

mm/fadvise.c: fix signed overflow UBSAN complaint (bnc#1012382).

net/9p: fix error path of p9_virtio_probe (bnc#1012382).

net: bcmgenet: use MAC link status for fixed phy (bnc#1012382).

net: ena: Eliminate duplicate barriers on weakly-ordered archs (bsc#1108240).

net: ena: fix device destruction to gracefully free resources (bsc#1108240).

net: ena: fix driver when PAGE_SIZE == 64kB (bsc#1108240).

net: ena: fix incorrect usage of memory barriers (bsc#1108240).

net: ena: fix missing calls to READ_ONCE (bsc#1108240).

net: ena: fix missing lock during device destruction (bsc#1108240).

net: ena: fix potential double ena_destroy_device() (bsc#1108240).

net: ena: fix surprise unplug NULL dereference kernel crash (bsc#1108240).

net: hns: add netif_carrier_off before change speed and duplex (bsc#1107924).

net: hns: add the code for cleaning pkt in chip (bsc#1107924).

nvme_fc: add 'nvme_discovery' sysfs attribute to fc transport device (bsc#1044189).

nvmet: fixup crash on NULL device path (bsc#1082979).

ovl: modify ovl_permission() to do checks on two inodes (bsc#1106512)

ovl: proper cleanup of workdir (bnc#1012382).

ovl: rename is_merge to is_lowest (bnc#1012382).

PCI: mvebu: Fix I/O space end address calculation (bnc#1012382).

platform/x86: asus-nb-wmi: Add keymap entry for lid flip action on UX360 (bnc#1012382).

powerpc/64: Do load of PACAKBASE in LOAD_HANDLER (bsc#1094244).

powerpc/book3s: Fix MCE console messages for unrecoverable MCE (bsc#1094244).

powerpc/fadump: cleanup crash memory ranges support (bsc#1103269).

powerpc/fadump: re-register firmware-assisted dump if already registered (bsc#1108170, bsc#1108823).

powerpc: Fix size calculation using resource_size() (bnc#1012382).

powerpc/mce: Move 64-bit machine check code into mce.c (bsc#1094244).

powerpc/perf/hv-24x7: Fix off-by-one error in request_buffer check (git-fixes).

powerpc/powernv/ioda2: Reduce upper limit for DMA window size (bsc#1066223).

powerpc/powernv: Rename machine_check_pSeries_early() to powernv (bsc#1094244).

powerpc/pseries: Avoid using the size greater than RTAS_ERROR_LOG_MAX (bnc#1012382).

powerpc/pseries: Disable CPU hotplug across migrations (bsc#1066223).

powerpc/pseries: Remove prrn_work workqueue (bsc#1102495, bsc#1109337).

powerpc/pseries: Remove unneeded uses of dlpar work queue (bsc#1102495, bsc#1109337).

powerpc/tm: Fix userspace r13 corruption (bsc#1109333).

RDMA/rw: Fix rdma_rw_ctx_signature_init() kernel-doc header (bsc#1082979).

reiserfs: change j_timestamp type to time64_t (bnc#1012382).

Revert "ARM: imx_v6_v7_defconfig: Select ULPI support" (bnc#1012382).

s390/dasd: fix hanging offline processing due to canceled worker (bnc#1012382).

s390/lib: use expoline for all bcr instructions (LTC#171029 bnc#1012382 bnc#1106934).

sch_hhf: fix null pointer dereference on init failure (bnc#1012382).

sch_htb: fix crash on init failure (bnc#1012382).

sch_multiq: fix double free on init failure (bnc#1012382).

sch_netem: avoid null pointer deref on init failure (bnc#1012382).

sch_tbf: fix two null pointer dereferences on init failure (bnc#1012382).

scripts: modpost: check memory allocation results (bnc#1012382).

scsi: aic94xx: fix an error code in aic94xx_init() (bnc#1012382).

scsi: ipr: System hung while dlpar adding primary ipr adapter back (bsc#1109336).

scsi: qla2xxx: Add changes for devloss timeout in driver (bsc#1084427).

scsi: qla2xxx: Add FC-NVMe abort processing (bsc#1084427).

scsi: qla2xxx: Add longer window for chip reset (bsc#1094555).

scsi: qla2xxx: Avoid double completion of abort command (bsc#1094555).

scsi: qla2xxx: Cleanup code to improve FC-NVMe error handling (bsc#1084427).

scsi: qla2xxx: Cleanup for N2N code (bsc#1094555).

scsi: qla2xxx: correctly shift host byte (bsc#1094555).

scsi: qla2xxx: Correct setting of SAM_STAT_CHECK_CONDITION (bsc#1094555).

scsi: qla2xxx: Delete session for nport id change (bsc#1094555).

scsi: qla2xxx: Fix Async GPN_FT for FCP and FC-NVMe scan (bsc#1084427).

scsi: qla2xxx: Fix crash on qla2x00_mailbox_command (bsc#1094555).

scsi: qla2xxx: Fix double free bug after firmware timeout (bsc#1094555).

scsi: qla2xxx: Fix driver unload by shutting down chip (bsc#1094555).

scsi: qla2xxx: fix error message on

scsi: qla2xxx: Fix FC-NVMe IO abort during driver reset (bsc#1084427).

scsi: qla2xxx: Fix function argument descriptions (bsc#1094555).

scsi: qla2xxx: Fix Inquiry command being dropped in Target mode (bsc#1094555).

scsi: qla2xxx: Fix issue reported by static checker for qla2x00_els_dcmd2_sp_done() (bsc#1094555).

scsi: qla2xxx: Fix login retry count (bsc#1094555).

scsi: qla2xxx: Fix Management Server NPort handle reservation logic (bsc#1094555).

scsi: qla2xxx: Fix memory leak for allocating abort IOCB (bsc#1094555).

scsi: qla2xxx: Fix n2n_ae flag to prevent dev_loss on PDB change (bsc#1084427).

scsi: qla2xxx: Fix N2N link re-connect (bsc#1094555).

scsi: qla2xxx: Fix NPIV deletion by calling wait_for_sess_deletion (bsc#1094555).

scsi: qla2xxx: Fix race between switch cmd completion and timeout (bsc#1094555).

scsi: qla2xxx: Fix race condition between iocb timeout and initialisation (bsc#1094555).

scsi: qla2xxx: Fix redundant fc_rport registration (bsc#1094555).

scsi: qla2xxx: Fix retry for PRLI RJT with reason of BUSY (bsc#1084427).

scsi: qla2xxx: Fix Rport and session state getting out of sync (bsc#1094555).

scsi: qla2xxx: Fix sending ADISC command for login (bsc#1094555).

scsi: qla2xxx: Fix session state stuck in Get Port DB (bsc#1094555).

scsi: qla2xxx: Fix stalled relogin (bsc#1094555).

scsi: qla2xxx: Fix TMF and Multi-Queue config (bsc#1094555).

scsi: qla2xxx: Fix unintended Logout (bsc#1094555).

scsi: qla2xxx: Fix unintialized List head crash (bsc#1094555).

scsi: qla2xxx: Flush mailbox commands on chip reset (bsc#1094555).

scsi: qla2xxx: fx00 copypaste typo (bsc#1094555).

scsi: qla2xxx: Migrate NVME N2N handling into state machine (bsc#1094555).

scsi: qla2xxx: Move GPSC and GFPNID out of session management (bsc#1094555).

scsi: qla2xxx: Prevent relogin loop by removing stale code (bsc#1094555).

scsi: qla2xxx: Prevent sysfs access when chip is down (bsc#1094555).

scsi: qla2xxx: Reduce redundant ADISC command for RSCNs (bsc#1094555).

scsi: qla2xxx: remove irq save in qla2x00_poll() (bsc#1094555).

scsi: qla2xxx: Remove nvme_done_list (bsc#1084427).

scsi: qla2xxx: Remove stale debug value for login_retry flag (bsc#1094555).

scsi: qla2xxx: Remove unneeded message and minor cleanup for FC-NVMe (bsc#1084427).

scsi: qla2xxx: Restore ZIO threshold setting (bsc#1084427).

scsi: qla2xxx: Return busy if rport going away (bsc#1084427).

scsi: qla2xxx: Save frame payload size from ICB (bsc#1094555).

scsi: qla2xxx: Set IIDMA and fcport state before qla_nvme_register_remote() (bsc#1084427).

scsi: qla2xxx: Silent erroneous message (bsc#1094555).

scsi: qla2xxx: Update driver version to 10.00.00.06-k (bsc#1084427).

scsi: qla2xxx: Update driver version to 10.00.00.07-k (bsc#1094555).

scsi: qla2xxx: Update driver version to 10.00.00.08-k (bsc#1094555).

scsi: qla2xxx: Use dma_pool_zalloc() (bsc#1094555).

scsi: qla2xxx: Use predefined get_datalen_for_atio() inline function (bsc#1094555).

selftests/powerpc: Kill child processes on SIGINT (bnc#1012382).

smb3: fix reset of bytes read and written stats (bnc#1012382).

SMB3: Number of requests sent should be displayed for SMB3 not just CIFS (bnc#1012382).

staging: android: ion: fix ION_IOC_{MAP,SHARE} use-after-free (bnc#1012382).

staging: comedi: ni_mio_common: fix subdevice flags for PFI subdevice (bnc#1012382).

tcp: do not restart timewait timer on rst reception (bnc#1012382).

Update patches.suse/dm-Always-copy-cmd_flags-when-cloning-a-request.patch (bsc#1088087, bsc#1103156).

usbip: vhci_sysfs: fix potential Spectre v1 (bsc#1096547).

vti6: remove !skb->ignore_df check from vti6_xmit() (bnc#1012382).

watchdog: w83627hf_wdt: Add quirk for Inves system (bsc#1106434).

x86/entry/64: Remove %ebx handling from error_entry/exit (bnc#1102715).

x86/pae: use 64 bit atomic xchg function in native_ptep_get_and_clear (bnc#1012382).

x86/speculation/l1tf: Fix up pte->pfn conversion for PAE (bnc#1012382).

xen: avoid crash in disable_hotplug_cpu (bsc#1106594).

xfs: add a new xfs_iext_lookup_extent_before helper (bsc#1095344).

xfs: add asserts for the mmap lock in xfs_{insert,collapse}_file_space (bsc#1095344).

xfs: add a xfs_bmap_fork_to_state helper (bsc#1095344).

xfs: add a xfs_iext_update_extent helper (bsc#1095344).

xfs: add comments documenting the rebalance algorithm (bsc#1095344).

xfs: add some comments to xfs_iext_insert/xfs_iext_insert_node (bsc#1095344).

xfs: add xfs_trim_extent (bsc#1095344).

xfs: allow unaligned extent records in xfs_bmbt_disk_set_all (bsc#1095344).

xfs: borrow indirect blocks from freed extent when available (bsc#1095344).

xfs: cleanup xfs_bmap_last_before (bsc#1095344).

xfs: do not create overlapping extents in xfs_bmap_add_extent_delay_real (bsc#1095344).

xfs: do not rely on extent indices in xfs_bmap_collapse_extents (bsc#1095344).

xfs: do not rely on extent indices in xfs_bmap_insert_extents (bsc#1095344).

xfs: do not set XFS_BTCUR_BPRV_WASDEL in xfs_bunmapi (bsc#1095344).

xfs: during btree split, save new block key and ptr for future insertion (bsc#1095344).

xfs: factor out a helper to initialize a local format inode fork (bsc#1095344).

xfs: fix memory leak in xfs_iext_free_last_leaf (bsc#1095344).

xfs: fix number of records handling in xfs_iext_split_leaf (bsc#1095344).

xfs: fix transaction allocation deadlock in IO path (bsc#1090535).

xfs: handle indlen shortage on delalloc extent merge (bsc#1095344).

xfs: handle zero entries case in xfs_iext_rebalance_leaf (bsc#1095344).

xfs: improve kmem_realloc (bsc#1095344).

xfs: inline xfs_shift_file_space into callers (bsc#1095344).

xfs: introduce the xfs_iext_cursor abstraction (bsc#1095344).

xfs: iterate over extents in xfs_bmap_extents_to_btree (bsc#1095344).

xfs: iterate over extents in xfs_iextents_copy (bsc#1095344).

xfs: make better use of the 'state' variable in xfs_bmap_del_extent_real (bsc#1095344).

xfs: merge xfs_bmap_read_extents into xfs_iread_extents (bsc#1095344).

xfs: move pre/post-bmap tracing into xfs_iext_update_extent (bsc#1095344).

xfs: move some code around inside xfs_bmap_shift_extents (bsc#1095344).

xfs: move some more code into xfs_bmap_del_extent_real (bsc#1095344).

xfs: move xfs_bmbt_irec and xfs_exntst_t to xfs_types.h (bsc#1095344).

xfs: move xfs_iext_insert tracepoint to report useful information (bsc#1095344).

xfs: new inode extent list lookup helpers (bsc#1095344).

xfs: only run torn log write detection on dirty logs (bsc#1095753).

xfs: pass an on-disk extent to xfs_bmbt_validate_extent (bsc#1095344).

xfs: pass a struct xfs_bmbt_irec to xfs_bmbt_lookup_eq (bsc#1095344).

xfs: pass a struct xfs_bmbt_irec to xfs_bmbt_update (bsc#1095344).

xfs: pass struct xfs_bmbt_irec to xfs_bmbt_validate_extent (bsc#1095344).

xfs: provide helper for counting extents from if_bytes (bsc#1095344).

xfs: refactor delalloc accounting in xfs_bmap_add_extent_delay_real (bsc#1095344).

xfs: refactor delalloc indlen reservation split into helper (bsc#1095344).

xfs: refactor dir2 leaf readahead shadow buffer cleverness (bsc#1095344).

xfs: refactor in-core log state update to helper (bsc#1095753).

xfs: refactor unmount record detection into helper (bsc#1095753).

xfs: refactor xfs_bmap_add_extent_delay_real (bsc#1095344).

xfs: refactor xfs_bmap_add_extent_hole_delay (bsc#1095344).

xfs: refactor xfs_bmap_add_extent_hole_real (bsc#1095344).

xfs: refactor xfs_bmap_add_extent_unwritten_real (bsc#1095344).

xfs: refactor xfs_bunmapi_cow (bsc#1095344).

xfs: refactor xfs_del_extent_real (bsc#1095344).

xfs: remove a duplicate assignment in xfs_bmap_add_extent_delay_real (bsc#1095344).

xfs: remove all xfs_bmbt_set_* helpers except for xfs_bmbt_set_all (bsc#1095344).

xfs: remove a superflous assignment in xfs_iext_remove_node (bsc#1095344).

xfs: remove if_rdev (bsc#1095344).

xfs: remove prev argument to xfs_bmapi_reserve_delalloc (bsc#1095344).

xfs: remove support for inlining data/extents into the inode fork (bsc#1095344).

xfs: remove the never fully implemented UUID fork format (bsc#1095344).

xfs: remove the nr_extents argument to xfs_iext_insert (bsc#1095344).

xfs: remove the nr_extents argument to xfs_iext_remove (bsc#1095344).

xfs: remove XFS_BMAP_MAX_SHIFT_EXTENTS (bsc#1095344).

xfs: remove XFS_BMAP_TRACE_EXLIST (bsc#1095344).

xfs: remove xfs_bmbt_get_state (bsc#1095344).

xfs: remove xfs_bmse_shift_one (bsc#1095344).

xfs: rename bno to end in __xfs_bunmapi (bsc#1095344).

xfs: replace xfs_bmbt_lookup_ge with xfs_bmbt_lookup_first (bsc#1095344).

xfs: replace xfs_qm_get_rtblks with a direct call to xfs_bmap_count_leaves (bsc#1095344).

xfs: rewrite getbmap using the xfs_iext_* helpers (bsc#1095344).

xfs: rewrite xfs_bmap_count_leaves using xfs_iext_get_extent (bsc#1095344).

xfs: rewrite xfs_bmap_first_unused to make better use of xfs_iext_get_extent (bsc#1095344).

xfs: separate log head record discovery from verification (bsc#1095753).

xfs: simplify the xfs_getbmap interface (bsc#1095344).

xfs: simplify validation of the unwritten extent bit (bsc#1095344).

xfs: split indlen reservations fairly when under reserved (bsc#1095344).

xfs: split xfs_bmap_shift_extents (bsc#1095344).

xfs: switch xfs_bmap_local_to_extents to use xfs_iext_insert (bsc#1095344).

xfs: treat idx as a cursor in xfs_bmap_add_extent_delay_real (bsc#1095344).

xfs: treat idx as a cursor in xfs_bmap_add_extent_hole_delay (bsc#1095344).

xfs: treat idx as a cursor in xfs_bmap_add_extent_hole_real (bsc#1095344).

xfs: treat idx as a cursor in xfs_bmap_add_extent_unwritten_real (bsc#1095344).

xfs: treat idx as a cursor in xfs_bmap_collapse_extents (bsc#1095344).

xfs: treat idx as a cursor in xfs_bmap_del_extent_* (bsc#1095344).

xfs: update freeblocks counter after extent deletion (bsc#1095344).

xfs: update got in xfs_bmap_shift_update_extent (bsc#1095344).

xfs: use a b+tree for the in-core extent list (bsc#1095344).

xfs: use correct state defines in xfs_bmap_del_extent_{cow,delay} (bsc#1095344).

xfs: use new extent lookup helpers in xfs_bmapi_read (bsc#1095344).

xfs: use new extent lookup helpers in xfs_bmapi_write (bsc#1095344).

xfs: use new extent lookup helpers in __xfs_bunmapi (bsc#1095344).

xfs: use the state defines in xfs_bmap_del_extent_real (bsc#1095344).

xfs: use xfs_bmap_del_extent_delay for the data fork as well (bsc#1095344).

xfs: use xfs_iext_*_extent helpers in xfs_bmap_shift_extents (bsc#1095344).

xfs: use xfs_iext_*_extent helpers in xfs_bmap_split_extent_at (bsc#1095344).

xfs: use xfs_iext_get_extent instead of open coding it (bsc#1095344).

xfs: use xfs_iext_get_extent in xfs_bmap_first_unused (bsc#1095344).

Special Instructions and Notes:

Please reboot the system after installing this update.

Patch Instructions:

To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

• SUSE Linux Enterprise Workstation Extension 12-SP3:
  zypper in -t patch SUSE-SLE-WE-12-SP3-2018-2135=1
• SUSE Linux Enterprise Software Development Kit 12-SP3:
  zypper in -t patch SUSE-SLE-SDK-12-SP3-2018-2135=1
• SUSE Linux Enterprise Server 12-SP3:
  zypper in -t patch SUSE-SLE-SERVER-12-SP3-2018-2135=1
• SUSE Linux Enterprise High Availability 12-SP3:
  zypper in -t patch SUSE-SLE-HA-12-SP3-2018-2135=1
• SUSE Linux Enterprise Desktop 12-SP3:
  zypper in -t patch SUSE-SLE-DESKTOP-12-SP3-2018-2135=1
• SUSE CaaS Platform ALL:
  To install this update, use the SUSE CaaS Platform Velum dashboard. It will inform you if it detects new updates and let you then trigger updating of the complete cluster in a controlled way.
• SUSE CaaS Platform 3.0:
  To install this update, use the SUSE CaaS Platform Velum dashboard. It will inform you if it detects new updates and let you then trigger updating of the complete cluster in a controlled way.

Package List:

• SUSE Linux Enterprise Workstation Extension 12-SP3 (x86_64):
  • kernel-default-debuginfo-4.4.156-94.57.1
  • kernel-default-debugsource-4.4.156-94.57.1
  • kernel-default-extra-4.4.156-94.57.1
  • kernel-default-extra-debuginfo-4.4.156-94.57.1
• SUSE Linux Enterprise Software Development Kit 12-SP3 (aarch64 ppc64le s390x x86_64):
  • kernel-obs-build-4.4.156-94.57.1
  • kernel-obs-build-debugsource-4.4.156-94.57.1
• SUSE Linux Enterprise Software Development Kit 12-SP3 (noarch):
  • kernel-docs-4.4.156-94.57.1
• SUSE Linux Enterprise Server 12-SP3 (aarch64 ppc64le s390x x86_64):
  • kernel-default-4.4.156-94.57.1
  • kernel-default-base-4.4.156-94.57.1
  • kernel-default-base-debuginfo-4.4.156-94.57.1
  • kernel-default-debuginfo-4.4.156-94.57.1
  • kernel-default-debugsource-4.4.156-94.57.1
  • kernel-default-devel-4.4.156-94.57.1
  • kernel-syms-4.4.156-94.57.1
• SUSE Linux Enterprise Server 12-SP3 (noarch):
  • kernel-devel-4.4.156-94.57.1
  • kernel-macros-4.4.156-94.57.1
  • kernel-source-4.4.156-94.57.1
• SUSE Linux Enterprise Server 12-SP3 (s390x):
  • kernel-default-man-4.4.156-94.57.1
• SUSE Linux Enterprise High Availability 12-SP3 (ppc64le s390x x86_64):
  • cluster-md-kmp-default-4.4.156-94.57.1
  • cluster-md-kmp-default-debuginfo-4.4.156-94.57.1
  • dlm-kmp-default-4.4.156-94.57.1
  • dlm-kmp-default-debuginfo-4.4.156-94.57.1
  • gfs2-kmp-default-4.4.156-94.57.1
  • gfs2-kmp-default-debuginfo-4.4.156-94.57.1
  • kernel-default-debuginfo-4.4.156-94.57.1
  • kernel-default-debugsource-4.4.156-94.57.1
  • ocfs2-kmp-default-4.4.156-94.57.1
  • ocfs2-kmp-default-debuginfo-4.4.156-94.57.1
• SUSE Linux Enterprise Desktop 12-SP3 (noarch):
  • kernel-devel-4.4.156-94.57.1
  • kernel-macros-4.4.156-94.57.1
  • kernel-source-4.4.156-94.57.1
• SUSE Linux Enterprise Desktop 12-SP3 (x86_64):
  • kernel-default-4.4.156-94.57.1
  • kernel-default-debuginfo-4.4.156-94.57.1
  • kernel-default-debugsource-4.4.156-94.57.1
  • kernel-default-devel-4.4.156-94.57.1
  • kernel-default-extra-4.4.156-94.57.1
  • kernel-default-extra-debuginfo-4.4.156-94.57.1
  • kernel-syms-4.4.156-94.57.1
• SUSE CaaS Platform ALL (x86_64):
  • kernel-default-4.4.156-94.57.1
  • kernel-default-debuginfo-4.4.156-94.57.1
  • kernel-default-debugsource-4.4.156-94.57.1
• SUSE CaaS Platform 3.0 (x86_64):
  • kernel-default-4.4.156-94.57.1
  • kernel-default-debuginfo-4.4.156-94.57.1
  • kernel-default-debugsource-4.4.156-94.57.1

References:

• https://www.suse.com/security/cve/CVE-2018-14613.html
• https://www.suse.com/security/cve/CVE-2018-14617.html
• https://www.suse.com/security/cve/CVE-2018-16276.html
• https://www.suse.com/security/cve/CVE-2018-16597.html
• https://www.suse.com/security/cve/CVE-2018-17182.html
• https://www.suse.com/security/cve/CVE-2018-7480.html
• https://www.suse.com/security/cve/CVE-2018-7757.html
• https://bugzilla.suse.com/1012382
• https://bugzilla.suse.com/1044189
• https://bugzilla.suse.com/1063026
• https://bugzilla.suse.com/1066223
• https://bugzilla.suse.com/1082863
• https://bugzilla.suse.com/1082979
• https://bugzilla.suse.com/1084427
• https://bugzilla.suse.com/1084536
• https://bugzilla.suse.com/1087209
• https://bugzilla.suse.com/1088087
• https://bugzilla.suse.com/1090535
• https://bugzilla.suse.com/1091815
• https://bugzilla.suse.com/1094244
• https://bugzilla.suse.com/1094555
• https://bugzilla.suse.com/1094562
• https://bugzilla.suse.com/1095344
• https://bugzilla.suse.com/1095753
• https://bugzilla.suse.com/1096547
• https://bugzilla.suse.com/1099810
• https://bugzilla.suse.com/1102495
• https://bugzilla.suse.com/1102715
• https://bugzilla.suse.com/1102870
• https://bugzilla.suse.com/1102875
• https://bugzilla.suse.com/1102877
• https://bugzilla.suse.com/1102879
• https://bugzilla.suse.com/1102882
• https://bugzilla.suse.com/1102896
• https://bugzilla.suse.com/1103156
• https://bugzilla.suse.com/1103269
• https://bugzilla.suse.com/1106095
• https://bugzilla.suse.com/1106434
• https://bugzilla.suse.com/1106512
• https://bugzilla.suse.com/1106594
• https://bugzilla.suse.com/1106934
• https://bugzilla.suse.com/1107924
• https://bugzilla.suse.com/1108096
• https://bugzilla.suse.com/1108170
• https://bugzilla.suse.com/1108240
• https://bugzilla.suse.com/1108399
• https://bugzilla.suse.com/1108803
• https://bugzilla.suse.com/1108823
• https://bugzilla.suse.com/1109333
• https://bugzilla.suse.com/1109336
• https://bugzilla.suse.com/1109337
• https://bugzilla.suse.com/1109441
• https://bugzilla.suse.com/1110297
• https://bugzilla.suse.com/1110337