The openSUSE Leap 42.2 kernel was updated to receive various security and
bugfixes.
The following security bugs were fixed:
- CVE-2017-1000111: Fixed a race condition in net-packet code that could
be exploited to cause out-of-bounds memory access (bsc#1052365).
- CVE-2017-1000112: Fixed a race condition in net-packet code that could
have been exploited by unprivileged users to gain root access.
(bsc#1052311).
- CVE-2017-8831: The saa7164_bus_get function in
drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel allowed
local users to cause a denial of service (out-of-bounds array access) or
possibly have unspecified other impact by changing a certain
sequence-number value, aka a "double fetch" vulnerability (bnc#1037994).
The following non-security bugs were fixed:
- IB/hfi1: Wait for QSFP modules to initialize (bsc#1019151).
- bcache: force trigger gc (bsc#1038078).
- bcache: only recovery I/O error for writethrough mode (bsc#1043652).
- block: do not allow updates through sysfs until registration completes
(bsc#1047027).
- ibmvnic: Check for transport event on driver resume (bsc#1051556,
bsc#1052709).
- ibmvnic: Initialize SCRQ’s during login renegotiation (bsc#1052223).
- ibmvnic: Report rx buffer return codes as netdev_dbg (bsc#1052794).
- iommu/amd: Fix schedule-while-atomic BUG in initialization code
(bsc1052533).
- libnvdimm, pmem: fix a NULL pointer BUG in nd_pmem_notify (bsc#1023175).
- libnvdimm: fix badblock range handling of ARS range (bsc#1023175).
- qeth: fix L3 next-hop im xmit qeth hdr (bnc#1052773, LTC#157374).
- scsi_devinfo: fixup string compare (bsc#1037404).
- scsi_dh_alua: suppress errors from unsupported devices (bsc#1038792).
- vfs: fix missing inode_get_dev sites (bsc#1052049).
- x86/dmi: Switch dmi_remap() from ioremap() to ioremap_cache()
(bsc#1051399).