This update for the Linux Kernel 4.4.74-92_29 fixes several issues.
The following security issues were fixed:
- CVE-2017-1000405: Problematic use of pmd_mkdirty() in the touch_pmd()
function allowed users to overwrite read-only huge pages (e.g. the zero
huge page and sealed shmem files) (bsc#1070307).
- CVE-2017-16939: The XFRM dump policy implementation in
net/xfrm/xfrm_user.c kernel allowed local users to gain privileges or
cause a denial of service (use-after-free) via a crafted SO_RCVBUF
setsockopt system call in conjunction with XFRM_MSG_GETPOLICY Netlink
messages (bsc#1069708).
This non-security issue was fixed:
- bsc#1062847: Enable proper shut down if NIC teaming is enabled