The SUSE Linux Enterprise 12 SP2 LTSS kernel was updated receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-5848: In the function wmi_set_ie, the length validation code did not handle unsigned integer overflow properly. As a result, a large value of the "ie_len" argument could have caused a buffer overflow - CVE-2018-1000204: Prevent infoleak caused by incorrect handling of the SG_IO ioctl . - CVE-2017-18249: The add_free_nid function did not properly track an allocated nid, which allowed local users to cause a denial of service or possibly have unspecified other impact via concurrent threads - CVE-2018-3665: Prevent disclosure of FPU registers between processes. These registers might contain encryption keys when doing SSE accelerated AES enc/decryption - CVE-2017-18241: Prevent a NULL pointer dereference by using a noflush_merge option that triggers a NULL value for a flush_cmd_control data structure - CVE-2017-13305: Prevent information disclosure vulnerability in encrypted-keys . - CVE-2018-1093: The ext4_valid_block_bitmap function allowed attackers to cause a denial of service via a crafted ext4 image because balloc.c and ialloc.c did not validate bitmap block numbers . - CVE-2018-1094: The ext4_fill_super function did not always initialize the crc32c checksum driver, which allowed attackers to cause a denial of service via a crafted ext4 image . - CVE-2018-1092: The ext4_iget function mishandled the case of a root directory with a zero i_links_count, which allowed attackers to cause a denial of service via a crafted ext4 image . - CVE-2018-1130: NULL pointer dereference in dccp_write_xmit function that allowed a local user to cause a denial of service by a number of certain crafted system calls . - CVE-2018-1065: The netfilter subsystem mishandled the case of a rule blob that contains a jump but lacks a user-defined chain, which allowed local users to cause a denial of service by leveraging the CAP_NET_RAW or CAP_NET_ADMIN capability . - CVE-2018-5803: Prevent error in the quot;_sctp_make_chunkquot; function when handling SCTP packets length that could have been exploited to cause a kernel crash . - CVE-2018-7492: Prevent NULL pointer dereference in the net/rds/rdma.c __rds_rdma_map function that allowed local attackers to cause a system panic and a denial-of-service, related to RDS_GET_MR and RDS_GET_MR_FOR_DEST . - CVE-2018-1000199: Prevent vulnerability in modify_user_hw_breakpoint that could have caused a crash and possibly memory corruption . The following non-security bugs were fixed: - ALSA: timer: Fix pause event notification . - Fix excessive newline in /proc/*/status . - Fix the patch content - KVM: x86: Sync back MSR_IA32_SPEC_CTRL to VCPU data structure . - Revert quot;bs-upload-kernel: do not set %opensuse_bsquot; This reverts commit e89e2b8cbef05df6c874ba70af3cb4c57f82a821. - ipv6: add mtu lock check in __ip6_rt_update_pmtu . - ipv6: omit traffic class when calculating flow hash . - kgraft/bnx2fc: Do not block kGraft in bnx2fc_l2_rcv kthread . - mm, page_alloc: do not break __GFP_THISNODE by zonelist reset . - x86/boot: Fix early command-line parsing when partial word matches . - x86/bugs: IBRS: make runtime disabling fully dynamic . - x86/bugs: Respect retpoline command line option . - x86/bugs: correctly force-disable IBRS on !SKL systems . - x86/bugs: spec_ctrl must be cleared from cpu_caps_set when being disabled . - x86/kaiser: export symbol kaiser_set_shadow_pgd - xfs: convert XFS_AGFL_SIZE to a helper function . - xfs: detect agfl count corruption and reset agfl . - xfs: do not log/recover swapext extent owner changes for deleted inodes .