{"affected":[{"ecosystem_specific":{"binaries":[{"kernel-default":"3.12.74-60.64.82.1","kernel-default-base":"3.12.74-60.64.82.1","kernel-default-devel":"3.12.74-60.64.82.1","kernel-devel":"3.12.74-60.64.82.1","kernel-macros":"3.12.74-60.64.82.1","kernel-source":"3.12.74-60.64.82.1","kernel-syms":"3.12.74-60.64.82.1","kernel-xen":"3.12.74-60.64.82.1","kernel-xen-base":"3.12.74-60.64.82.1","kernel-xen-devel":"3.12.74-60.64.82.1","kgraft-patch-3_12_74-60_64_82-default":"1-2.9.1","kgraft-patch-3_12_74-60_64_82-xen":"1-2.9.1"}]},"package":{"ecosystem":"SUSE:OpenStack Cloud 6","name":"kernel-default","purl":"pkg:rpm/suse/kernel-default&distro=SUSE%20OpenStack%20Cloud%206"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.12.74-60.64.82.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"kernel-default":"3.12.74-60.64.82.1","kernel-default-base":"3.12.74-60.64.82.1","kernel-default-devel":"3.12.74-60.64.82.1","kernel-devel":"3.12.74-60.64.82.1","kernel-macros":"3.12.74-60.64.82.1","kernel-source":"3.12.74-60.64.82.1","kernel-syms":"3.12.74-60.64.82.1","kernel-xen":"3.12.74-60.64.82.1","kernel-xen-base":"3.12.74-60.64.82.1","kernel-xen-devel":"3.12.74-60.64.82.1","kgraft-patch-3_12_74-60_64_82-default":"1-2.9.1","kgraft-patch-3_12_74-60_64_82-xen":"1-2.9.1"}]},"package":{"ecosystem":"SUSE:OpenStack Cloud 6","name":"kernel-source","purl":"pkg:rpm/suse/kernel-source&distro=SUSE%20OpenStack%20Cloud%206"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.12.74-60.64.82.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"kernel-default":"3.12.74-60.64.82.1","kernel-default-base":"3.12.74-60.64.82.1","kernel-default-devel":"3.12.74-60.64.82.1","kernel-devel":"3.12.74-60.64.82.1","kernel-macros":"3.12.74-60.64.82.1","kernel-source":"3.12.74-60.64.82.1","kernel-syms":"3.12.74-60.64.82.1","kernel-xen":"3.12.74-60.64.82.1","kernel-xen-base":"3.12.74-60.64.82.1","kernel-xen-devel":"3.12.74-60.64.82.1","kgraft-patch-3_12_74-60_64_82-default":"1-2.9.1","kgraft-patch-3_12_74-60_64_82-xen":"1-2.9.1"}]},"package":{"ecosystem":"SUSE:OpenStack Cloud 6","name":"kernel-syms","purl":"pkg:rpm/suse/kernel-syms&distro=SUSE%20OpenStack%20Cloud%206"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.12.74-60.64.82.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"kernel-default":"3.12.74-60.64.82.1","kernel-default-base":"3.12.74-60.64.82.1","kernel-default-devel":"3.12.74-60.64.82.1","kernel-devel":"3.12.74-60.64.82.1","kernel-macros":"3.12.74-60.64.82.1","kernel-source":"3.12.74-60.64.82.1","kernel-syms":"3.12.74-60.64.82.1","kernel-xen":"3.12.74-60.64.82.1","kernel-xen-base":"3.12.74-60.64.82.1","kernel-xen-devel":"3.12.74-60.64.82.1","kgraft-patch-3_12_74-60_64_82-default":"1-2.9.1","kgraft-patch-3_12_74-60_64_82-xen":"1-2.9.1"}]},"package":{"ecosystem":"SUSE:OpenStack Cloud 6","name":"kernel-xen","purl":"pkg:rpm/suse/kernel-xen&distro=SUSE%20OpenStack%20Cloud%206"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.12.74-60.64.82.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"kernel-default":"3.12.74-60.64.82.1","kernel-default-base":"3.12.74-60.64.82.1","kernel-default-devel":"3.12.74-60.64.82.1","kernel-devel":"3.12.74-60.64.82.1","kernel-macros":"3.12.74-60.64.82.1","kernel-source":"3.12.74-60.64.82.1","kernel-syms":"3.12.74-60.64.82.1","kernel-xen":"3.12.74-60.64.82.1","kernel-xen-base":"3.12.74-60.64.82.1","kernel-xen-devel":"3.12.74-60.64.82.1","kgraft-patch-3_12_74-60_64_82-default":"1-2.9.1","kgraft-patch-3_12_74-60_64_82-xen":"1-2.9.1"}]},"package":{"ecosystem":"SUSE:OpenStack Cloud 6","name":"kgraft-patch-SLE12-SP1_Update_25","purl":"pkg:rpm/suse/kgraft-patch-SLE12-SP1_Update_25&distro=SUSE%20OpenStack%20Cloud%206"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1-2.9.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"kernel-ec2":"3.12.74-60.64.82.1","kernel-ec2-devel":"3.12.74-60.64.82.1","kernel-ec2-extra":"3.12.74-60.64.82.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Public Cloud 12","name":"kernel-ec2","purl":"pkg:rpm/suse/kernel-ec2&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2012"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.12.74-60.64.82.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"kernel-default":"3.12.74-60.64.82.1","kernel-default-base":"3.12.74-60.64.82.1","kernel-default-devel":"3.12.74-60.64.82.1","kernel-devel":"3.12.74-60.64.82.1","kernel-macros":"3.12.74-60.64.82.1","kernel-source":"3.12.74-60.64.82.1","kernel-syms":"3.12.74-60.64.82.1","kernel-xen":"3.12.74-60.64.82.1","kernel-xen-base":"3.12.74-60.64.82.1","kernel-xen-devel":"3.12.74-60.64.82.1","kgraft-patch-3_12_74-60_64_82-default":"1-2.9.1","kgraft-patch-3_12_74-60_64_82-xen":"1-2.9.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP1","name":"kernel-default","purl":"pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.12.74-60.64.82.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"kernel-default":"3.12.74-60.64.82.1","kernel-default-base":"3.12.74-60.64.82.1","kernel-default-devel":"3.12.74-60.64.82.1","kernel-devel":"3.12.74-60.64.82.1","kernel-macros":"3.12.74-60.64.82.1","kernel-source":"3.12.74-60.64.82.1","kernel-syms":"3.12.74-60.64.82.1","kernel-xen":"3.12.74-60.64.82.1","kernel-xen-base":"3.12.74-60.64.82.1","kernel-xen-devel":"3.12.74-60.64.82.1","kgraft-patch-3_12_74-60_64_82-default":"1-2.9.1","kgraft-patch-3_12_74-60_64_82-xen":"1-2.9.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP1","name":"kernel-source","purl":"pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.12.74-60.64.82.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"kernel-default":"3.12.74-60.64.82.1","kernel-default-base":"3.12.74-60.64.82.1","kernel-default-devel":"3.12.74-60.64.82.1","kernel-devel":"3.12.74-60.64.82.1","kernel-macros":"3.12.74-60.64.82.1","kernel-source":"3.12.74-60.64.82.1","kernel-syms":"3.12.74-60.64.82.1","kernel-xen":"3.12.74-60.64.82.1","kernel-xen-base":"3.12.74-60.64.82.1","kernel-xen-devel":"3.12.74-60.64.82.1","kgraft-patch-3_12_74-60_64_82-default":"1-2.9.1","kgraft-patch-3_12_74-60_64_82-xen":"1-2.9.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP1","name":"kernel-syms","purl":"pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.12.74-60.64.82.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"kernel-default":"3.12.74-60.64.82.1","kernel-default-base":"3.12.74-60.64.82.1","kernel-default-devel":"3.12.74-60.64.82.1","kernel-devel":"3.12.74-60.64.82.1","kernel-macros":"3.12.74-60.64.82.1","kernel-source":"3.12.74-60.64.82.1","kernel-syms":"3.12.74-60.64.82.1","kernel-xen":"3.12.74-60.64.82.1","kernel-xen-base":"3.12.74-60.64.82.1","kernel-xen-devel":"3.12.74-60.64.82.1","kgraft-patch-3_12_74-60_64_82-default":"1-2.9.1","kgraft-patch-3_12_74-60_64_82-xen":"1-2.9.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP1","name":"kernel-xen","purl":"pkg:rpm/suse/kernel-xen&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.12.74-60.64.82.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"kernel-default":"3.12.74-60.64.82.1","kernel-default-base":"3.12.74-60.64.82.1","kernel-default-devel":"3.12.74-60.64.82.1","kernel-devel":"3.12.74-60.64.82.1","kernel-macros":"3.12.74-60.64.82.1","kernel-source":"3.12.74-60.64.82.1","kernel-syms":"3.12.74-60.64.82.1","kernel-xen":"3.12.74-60.64.82.1","kernel-xen-base":"3.12.74-60.64.82.1","kernel-xen-devel":"3.12.74-60.64.82.1","kgraft-patch-3_12_74-60_64_82-default":"1-2.9.1","kgraft-patch-3_12_74-60_64_82-xen":"1-2.9.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP1","name":"kgraft-patch-SLE12-SP1_Update_25","purl":"pkg:rpm/suse/kgraft-patch-SLE12-SP1_Update_25&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1-2.9.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"kernel-default":"3.12.74-60.64.82.1","kernel-default-base":"3.12.74-60.64.82.1","kernel-default-devel":"3.12.74-60.64.82.1","kernel-default-man":"3.12.74-60.64.82.1","kernel-devel":"3.12.74-60.64.82.1","kernel-macros":"3.12.74-60.64.82.1","kernel-source":"3.12.74-60.64.82.1","kernel-syms":"3.12.74-60.64.82.1","kernel-xen":"3.12.74-60.64.82.1","kernel-xen-base":"3.12.74-60.64.82.1","kernel-xen-devel":"3.12.74-60.64.82.1","kgraft-patch-3_12_74-60_64_82-default":"1-2.9.1","kgraft-patch-3_12_74-60_64_82-xen":"1-2.9.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12 SP1-LTSS","name":"kernel-default","purl":"pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.12.74-60.64.82.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"kernel-default":"3.12.74-60.64.82.1","kernel-default-base":"3.12.74-60.64.82.1","kernel-default-devel":"3.12.74-60.64.82.1","kernel-default-man":"3.12.74-60.64.82.1","kernel-devel":"3.12.74-60.64.82.1","kernel-macros":"3.12.74-60.64.82.1","kernel-source":"3.12.74-60.64.82.1","kernel-syms":"3.12.74-60.64.82.1","kernel-xen":"3.12.74-60.64.82.1","kernel-xen-base":"3.12.74-60.64.82.1","kernel-xen-devel":"3.12.74-60.64.82.1","kgraft-patch-3_12_74-60_64_82-default":"1-2.9.1","kgraft-patch-3_12_74-60_64_82-xen":"1-2.9.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12 SP1-LTSS","name":"kernel-source","purl":"pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.12.74-60.64.82.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"kernel-default":"3.12.74-60.64.82.1","kernel-default-base":"3.12.74-60.64.82.1","kernel-default-devel":"3.12.74-60.64.82.1","kernel-default-man":"3.12.74-60.64.82.1","kernel-devel":"3.12.74-60.64.82.1","kernel-macros":"3.12.74-60.64.82.1","kernel-source":"3.12.74-60.64.82.1","kernel-syms":"3.12.74-60.64.82.1","kernel-xen":"3.12.74-60.64.82.1","kernel-xen-base":"3.12.74-60.64.82.1","kernel-xen-devel":"3.12.74-60.64.82.1","kgraft-patch-3_12_74-60_64_82-default":"1-2.9.1","kgraft-patch-3_12_74-60_64_82-xen":"1-2.9.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12 SP1-LTSS","name":"kernel-syms","purl":"pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.12.74-60.64.82.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"kernel-default":"3.12.74-60.64.82.1","kernel-default-base":"3.12.74-60.64.82.1","kernel-default-devel":"3.12.74-60.64.82.1","kernel-default-man":"3.12.74-60.64.82.1","kernel-devel":"3.12.74-60.64.82.1","kernel-macros":"3.12.74-60.64.82.1","kernel-source":"3.12.74-60.64.82.1","kernel-syms":"3.12.74-60.64.82.1","kernel-xen":"3.12.74-60.64.82.1","kernel-xen-base":"3.12.74-60.64.82.1","kernel-xen-devel":"3.12.74-60.64.82.1","kgraft-patch-3_12_74-60_64_82-default":"1-2.9.1","kgraft-patch-3_12_74-60_64_82-xen":"1-2.9.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12 SP1-LTSS","name":"kernel-xen","purl":"pkg:rpm/suse/kernel-xen&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.12.74-60.64.82.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"kernel-default":"3.12.74-60.64.82.1","kernel-default-base":"3.12.74-60.64.82.1","kernel-default-devel":"3.12.74-60.64.82.1","kernel-default-man":"3.12.74-60.64.82.1","kernel-devel":"3.12.74-60.64.82.1","kernel-macros":"3.12.74-60.64.82.1","kernel-source":"3.12.74-60.64.82.1","kernel-syms":"3.12.74-60.64.82.1","kernel-xen":"3.12.74-60.64.82.1","kernel-xen-base":"3.12.74-60.64.82.1","kernel-xen-devel":"3.12.74-60.64.82.1","kgraft-patch-3_12_74-60_64_82-default":"1-2.9.1","kgraft-patch-3_12_74-60_64_82-xen":"1-2.9.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12 SP1-LTSS","name":"kgraft-patch-SLE12-SP1_Update_25","purl":"pkg:rpm/suse/kgraft-patch-SLE12-SP1_Update_25&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1-2.9.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"\nThe SUSE Linux Enterprise 12 SP1 LTSS kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2017-5715: Systems with microprocessors utilizing speculative\n  execution and indirect branch prediction may allow unauthorized disclosure\n  of information to an attacker with local user access via a side-channel\n  analysis (bnc#1068032).\n\n  The previous fix using CPU Microcode has been complemented by building\n  the Linux Kernel with return trampolines aka 'retpolines'.\n\n- CVE-2017-18079: drivers/input/serio/i8042.c allowed attackers to cause a\n  denial of service (NULL pointer dereference and system crash) or possibly have\n  unspecified other impact because the port->exists value can change after it\n  is validated (bnc#1077922).\n- CVE-2015-1142857: Prevent guests from sending ethernet flow control pause\n  frames via the PF (bnc#1077355).\n- CVE-2017-17741: KVM allowed attackers to obtain potentially sensitive\n  information from kernel memory, aka a write_mmio stack-based out-of-bounds read\n  (bnc#1073311).\n- CVE-2017-13215: Prevent elevation of privilege (bnc#1075908).\n- CVE-2018-1000004: Prevent race condition in the sound system, this could have\n  lead a deadlock and denial of service condition (bnc#1076017).\n- CVE-2017-17806: The HMAC implementation did not validate that the underlying\n  cryptographic hash algorithm is unkeyed, allowing a local attacker able to use\n  the AF_ALG-based hash interface (CONFIG_CRYPTO_USER_API_HASH) and the SHA-3\n  hash algorithm (CONFIG_CRYPTO_SHA3) to cause a kernel stack buffer overflow by\n  executing a crafted sequence of system calls that encounter a missing SHA-3\n  initialization (bnc#1073874).\n- CVE-2017-17805: The Salsa20 encryption algorithm did not correctly handle\n  zero-length inputs, allowing a local attacker able to use the AF_ALG-based\n  skcipher interface (CONFIG_CRYPTO_USER_API_SKCIPHER) to cause a denial of\n  service (uninitialized-memory free and kernel crash) or have unspecified other\n  impact by executing a crafted sequence of system calls that use the\n  blkcipher_walk API. Both the generic implementation (crypto/salsa20_generic.c)\n  and x86 implementation (arch/x86/crypto/salsa20_glue.c) of Salsa20 were\n  vulnerable (bnc#1073792).\n\nThe following non-security bugs were fixed:\n\n- NFS: only invalidate dentrys that are clearly invalid (bsc#1047118).\n- bcache.txt: standardize document format (bsc#1076110).\n- bcache: Abstract out stuff needed for sorting (bsc#1076110).\n- bcache: Add a cond_resched() call to gc (bsc#1076110).\n- bcache: Add a real GC_MARK_RECLAIMABLE (bsc#1076110).\n- bcache: Add bch_bkey_equal_header() (bsc#1076110).\n- bcache: Add bch_btree_keys_u64s_remaining() (bsc#1076110).\n- bcache: Add bch_keylist_init_single() (bsc#1047626).\n- bcache: Add btree_insert_node() (bnc#951638).\n- bcache: Add btree_map() functions (bsc#1047626).\n- bcache: Add btree_node_write_sync() (bsc#1076110).\n- bcache: Add explicit keylist arg to btree_insert() (bnc#951638).\n- bcache: Add make_btree_freeing_key() (bsc#1076110).\n- bcache: Add on error panic/unregister setting (bsc#1047626).\n- bcache: Add struct bset_sort_state (bsc#1076110).\n- bcache: Add struct btree_keys (bsc#1076110).\n- bcache: Allocate bounce buffers with GFP_NOWAIT (bsc#1076110).\n- bcache: Avoid deadlocking in garbage collection (bsc#1076110).\n- bcache: Avoid nested function definition (bsc#1076110).\n- bcache: Better alloc tracepoints (bsc#1076110).\n- bcache: Better full stripe scanning (bsc#1076110).\n- bcache: Bkey indexing renaming (bsc#1076110).\n- bcache: Break up struct search (bsc#1076110).\n- bcache: Btree verify code improvements (bsc#1076110).\n- bcache: Bypass torture test (bsc#1076110).\n- bcache: Change refill_dirty() to always scan entire disk if necessary (bsc#1076110).\n- bcache: Clean up cache_lookup_fn (bsc#1076110).\n- bcache: Clean up keylist code (bnc#951638).\n- bcache: Convert bch_btree_insert() to bch_btree_map_leaf_nodes() (bsc#1076110).\n- bcache: Convert bch_btree_read_async() to bch_btree_map_keys() (bsc#1076110).\n- bcache: Convert btree_insert_check_key() to btree_insert_node() (bnc#951638).\n- bcache: Convert btree_iter to struct btree_keys (bsc#1076110).\n- bcache: Convert bucket_wait to wait_queue_head_t (bnc#951638).\n- bcache: Convert debug code to btree_keys (bsc#1076110).\n- bcache: Convert gc to a kthread (bsc#1047626).\n- bcache: Convert sorting to btree_keys (bsc#1076110).\n- bcache: Convert try_wait to wait_queue_head_t (bnc#951638).\n- bcache: Convert writeback to a kthread (bsc#1076110).\n- bcache: Correct return value for sysfs attach errors (bsc#1076110).\n- bcache: Debug code improvements (bsc#1076110).\n- bcache: Delete some slower inline asm (bsc#1047626).\n- bcache: Do bkey_put() in btree_split() error path (bsc#1076110).\n- bcache: Do not bother with bucket refcount for btree node allocations (bsc#1076110).\n- bcache: Do not reinvent the wheel but use existing llist API (bsc#1076110).\n- bcache: Do not return -EINTR when insert finished (bsc#1076110).\n- bcache: Do not touch bucket gen for dirty ptrs (bsc#1076110).\n- bcache: Do not use op->insert_collision (bsc#1076110).\n- bcache: Drop some closure stuff (bsc#1076110).\n- bcache: Drop unneeded blk_sync_queue() calls (bsc#1047626).\n- bcache: Explicitly track btree node's parent (bnc#951638).\n- bcache: Fix a bug recovering from unclean shutdown (bsc#1047626).\n- bcache: Fix a bug when detaching (bsc#951638).\n- bcache: Fix a journal replay bug (bsc#1076110).\n- bcache: Fix a journalling performance bug (bnc#893777).\n- bcache: Fix a journalling reclaim after recovery bug (bsc#1047626).\n- bcache: Fix a lockdep splat (bnc#893777).\n- bcache: Fix a lockdep splat in an error path (bnc#951638).\n- bcache: Fix a null ptr deref in journal replay (bsc#1047626).\n- bcache: Fix a race when freeing btree nodes (bsc#1076110).\n- bcache: Fix a shutdown bug (bsc#951638).\n- bcache: Fix an infinite loop in journal replay (bsc#1047626).\n- bcache: Fix another bug recovering from unclean shutdown (bsc#1076110).\n- bcache: Fix another compiler warning on m68k (bsc#1076110).\n- bcache: Fix auxiliary search trees for key size greater than  cacheline size (bsc#1076110).\n- bcache: Fix bch_ptr_bad() (bsc#1047626).\n- bcache: Fix building error on MIPS (bsc#1076110).\n- bcache: Fix dirty_data accounting (bsc#1076110).\n- bcache: Fix discard granularity (bsc#1047626).\n- bcache: Fix flash_dev_cache_miss() for real this time (bsc#1076110).\n- bcache: Fix for can_attach_cache() (bsc#1047626).\n- bcache: Fix heap_peek() macro (bsc#1047626).\n- bcache: Fix leak of bdev reference (bsc#1076110).\n- bcache: Fix more early shutdown bugs (bsc#951638).\n- bcache: Fix moving_gc deadlocking with a foreground write (bsc#1076110).\n- bcache: Fix moving_pred() (bsc#1047626).\n- bcache: Fix sysfs splat on shutdown with flash only devs (bsc#951638).\n- bcache: Fix to remove the rcu_sched stalls (bsc#1047626).\n- bcache: Have btree_split() insert into parent directly (bsc#1076110).\n- bcache: Improve bucket_prio() calculation (bsc#1047626).\n- bcache: Improve priority_stats (bsc#1047626).\n- bcache: Incremental gc (bsc#1076110).\n- bcache: Insert multiple keys at a time (bnc#951638).\n- bcache: Kill bch_next_recurse_key() (bsc#1076110).\n- bcache: Kill btree_io_wq (bsc#1076110).\n- bcache: Kill bucket->gc_gen (bsc#1076110).\n- bcache: Kill dead cgroup code (bsc#1076110).\n- bcache: Kill op->cl (bsc#1076110).\n- bcache: Kill op->replace (bsc#1076110).\n- bcache: Kill sequential_merge option (bsc#1076110).\n- bcache: Kill unaligned bvec hack (bsc#1076110).\n- bcache: Kill unused freelist (bsc#1076110).\n- bcache: Make bch_keylist_realloc() take u64s, not nptrs (bsc#1076110).\n- bcache: Make gc wakeup sane, remove set_task_state() (bsc#1076110).\n- bcache: Minor btree cache fix (bsc#1047626).\n- bcache: Minor fixes from kbuild robot (bsc#1076110).\n- bcache: Move insert_fixup() to btree_keys_ops (bsc#1076110).\n- bcache: Move keylist out of btree_op (bsc#1047626).\n- bcache: Move sector allocator to alloc.c (bsc#1076110).\n- bcache: Move some stuff to btree.c (bsc#1076110).\n- bcache: Move spinlock into struct time_stats (bsc#1076110).\n- bcache: New writeback PD controller (bsc#1047626).\n- bcache: PRECEDING_KEY() (bsc#1047626).\n- bcache: Performance fix for when journal entry is full (bsc#1047626).\n- bcache: Prune struct btree_op (bsc#1076110).\n- bcache: Pull on disk data structures out into a separate header (bsc#1076110).\n- bcache: RESERVE_PRIO is too small by one when prio_buckets() is a power of two (bsc#1076110).\n- bcache: Really show state of work pending bit (bsc#1076110).\n- bcache: Refactor bset_tree sysfs stats (bsc#1076110).\n- bcache: Refactor journalling flow control (bnc#951638).\n- bcache: Refactor read request code a bit (bsc#1076110).\n- bcache: Refactor request_write() (bnc#951638).\n- bcache: Remove deprecated create_workqueue (bsc#1076110).\n- bcache: Remove redundant block_size assignment (bsc#1047626).\n- bcache: Remove redundant parameter for cache_alloc() (bsc#1047626).\n- bcache: Remove redundant set_capacity (bsc#1076110).\n- bcache: Remove unnecessary check in should_split() (bsc#1076110).\n- bcache: Remove/fix some header dependencies (bsc#1047626).\n- bcache: Rename/shuffle various code around (bsc#1076110).\n- bcache: Rework allocator reserves (bsc#1076110).\n- bcache: Rework btree cache reserve handling (bsc#1076110).\n- bcache: Split out sort_extent_cmp() (bsc#1076110).\n- bcache: Stripe size isn't necessarily a power of two (bnc#893949).\n- bcache: Trivial error handling fix (bsc#1047626).\n- bcache: Update continue_at() documentation (bsc#1076110).\n- bcache: Use a mempool for mergesort temporary space (bsc#1076110).\n- bcache: Use blkdev_issue_discard() (bnc#951638).\n- bcache: Use ida for bcache block dev minor (bsc#1047626).\n- bcache: Use uninterruptible sleep in writeback (bsc#1076110).\n- bcache: Zero less memory (bsc#1076110).\n- bcache: add a comment in journal bucket reading (bsc#1076110).\n- bcache: add mutex lock for bch_is_open (bnc#902893).\n- bcache: allows use of register in udev to avoid 'device_busy' error (bsc#1047626).\n- bcache: bcache_write tracepoint was crashing (bsc#1076110).\n- bcache: bch_(btree|extent)_ptr_invalid() (bsc#1076110).\n- bcache: bch_allocator_thread() is not freezable (bsc#1047626).\n- bcache: bch_gc_thread() is not freezable (bsc#1047626).\n- bcache: bch_writeback_thread() is not freezable (bsc#1076110).\n- bcache: btree locking rework (bsc#1076110).\n- bcache: bugfix - gc thread now gets woken when cache is full (bsc#1047626).\n- bcache: bugfix - moving_gc now moves only correct buckets (bsc#1047626).\n- bcache: bugfix for race between moving_gc and bucket_invalidate (bsc#1076110).\n- bcache: check ca->alloc_thread initialized before wake up it (bsc#1076110).\n- bcache: check return value of register_shrinker (bsc#1076110).\n- bcache: cleaned up error handling around register_cache() (bsc#1047626).\n- bcache: clear BCACHE_DEV_UNLINK_DONE flag when attaching a backing device (bsc#1047626).\n- bcache: correct cache_dirty_target in __update_writeback_rate() (bsc#1076110).\n- bcache: defensively handle format strings (bsc#1047626).\n- bcache: do not embed 'return' statements in closure macros (bsc#1076110).\n- bcache: do not subtract sectors_to_gc for bypassed IO (bsc#1076110).\n- bcache: do not write back data if reading it failed (bsc#1076110).\n- bcache: documentation formatting, edited for clarity, stripe alignment notes (bsc#1076110).\n- bcache: documentation updates and corrections (bsc#1076110).\n- bcache: explicitly destroy mutex while exiting (bsc#1076110).\n- bcache: fix BUG_ON due to integer overflow with GC_SECTORS_USED (bsc#1047626).\n- bcache: fix a comments typo in bch_alloc_sectors() (bsc#1076110).\n- bcache: fix a livelock when we cause a huge number of cache misses (bsc#1047626).\n- bcache: fix bch_hprint crash and improve output (bsc#1076110).\n- bcache: fix crash in bcache_btree_node_alloc_fail tracepoint (bsc#1047626).\n- bcache: fix crash on shutdown in passthrough mode (bsc#1076110).\n- bcache: fix for gc and write-back race (bsc#1076110).\n- bcache: fix for gc and writeback race (bsc#1047626).\n- bcache: fix for gc crashing when no sectors are used (bsc#1047626).\n- bcache: fix race of writeback thread starting before complete initialization (bsc#1076110).\n- bcache: fix sequential large write IO bypass (bsc#1076110).\n- bcache: fix sparse non static symbol warning (bsc#1076110).\n- bcache: fix typo in bch_bkey_equal_header (bsc#1076110).\n- bcache: fix uninterruptible sleep in writeback thread (bsc#1076110).\n- bcache: fix use-after-free in btree_gc_coalesce() (bsc#1076110).\n- bcache: fix wrong cache_misses statistics (bsc#1076110).\n- bcache: gc does not work when triggering by manual command (bsc#1076110).\n- bcache: implement PI controller for writeback rate (bsc#1076110).\n- bcache: increase the number of open buckets (bsc#1076110).\n- bcache: initialize dirty stripes in flash_dev_run() (bsc#1076110).\n- bcache: kill closure locking code (bsc#1076110).\n- bcache: kill closure locking usage (bnc#951638).\n- bcache: kill index() (bsc#1047626).\n- bcache: kthread do not set writeback task to INTERUPTIBLE (bsc#1076110).\n- bcache: only permit to recovery read error when cache device is clean (bsc#1076110).\n- bcache: partition support: add 16 minors per bcacheN device (bsc#1076110).\n- bcache: pr_err: more meaningful error message when nr_stripes is invalid (bsc#1076110).\n- bcache: prevent crash on changing writeback_running (bsc#1076110).\n- bcache: rearrange writeback main thread ratelimit (bsc#1076110).\n- bcache: recover data from backing when data is clean (bsc#1076110).\n- bcache: register_bcache(): call blkdev_put() when cache_alloc() fails (bsc#1047626).\n- bcache: remove nested function usage (bsc#1076110).\n- bcache: remove unused parameter (bsc#1076110).\n- bcache: rewrite multiple partitions support (bsc#1076110).\n- bcache: safeguard a dangerous addressing in closure_queue (bsc#1076110).\n- bcache: silence static checker warning (bsc#1076110).\n- bcache: smooth writeback rate control (bsc#1076110).\n- bcache: stop moving_gc marking buckets that can't be moved (bsc#1047626).\n- bcache: try to set b->parent properly (bsc#1076110).\n- bcache: update bch_bkey_try_merge (bsc#1076110).\n- bcache: update bio->bi_opf bypass/writeback REQ_ flag hints (bsc#1076110).\n- bcache: update bucket_in_use in real time (bsc#1076110).\n- bcache: update document info (bsc#1076110).\n- bcache: use kmalloc to allocate bio in bch_data_verify() (bsc#1076110).\n- bcache: use kvfree() in various places (bsc#1076110).\n- bcache: use llist_for_each_entry_safe() in __closure_wake_up() (bsc#1076110).\n- bcache: wait for buckets when allocating new btree root (bsc#1076110).\n- bcache: writeback rate clamping: make 32 bit safe (bsc#1076110).\n- bcache: writeback rate shouldn't artifically clamp (bsc#1076110).\n- block: bump BLK_DEF_MAX_SECTORS to 2560 (bsc#1073246)\n- fork: clear thread stack upon allocation (bsc#1077560). \n- gcov: disable for COMPILE_TEST (bnc#1012382).\n- kaiser: Set _PAGE_NX only if supported (bnc#1012382, bnc#1076278).\n- md: more open-coded offset_in_page() (bsc#1076110).\n- nfsd: do not share group_info among threads (bsc@1070623).\n- powerpc/64: Add macros for annotating the destination of rfid/hrfid (bsc#1068032, bsc#1077182).\n- powerpc/64: Convert fast_exception_return to use RFI_TO_USER/KERNEL (bsc#1068032, bsc#1077182).\n- powerpc/64: Convert the syscall exit path to use RFI_TO_USER/KERNEL (bsc#1068032, bsc#1077182).\n- powerpc/64s: Add EX_SIZE definition for paca exception save areas (bsc#1068032, bsc#1077182).\n- powerpc/64s: Add support for RFI flush of L1-D cache (bsc#1068032, bsc#1077182).\n- powerpc/64s: Allow control of RFI flush via debugfs (bsc#1068032, bsc#1077182).\n- powerpc/64s: Convert slb_miss_common to use RFI_TO_USER/KERNEL (bsc#1068032, bsc#1077182).\n- powerpc/64s: Simple RFI macro conversions (bsc#1068032, bsc#1077182).\n- powerpc/64s: Support disabling RFI flush with no_rfi_flush and nopti (bsc#1068032, bsc#1077182).\n- powerpc/64s: Wire up cpu_show_meltdown() (bsc#1068032).\n- powerpc/asm: Allow including ppc_asm.h in asm files (bsc#1068032, bsc#1077182).\n- powerpc/powernv: Check device-tree for RFI flush settings (bsc#1068032, bsc#1077182).\n- powerpc/pseries: Add H_GET_CPU_CHARACTERISTICS flags > wrapper (bsc#1068032, bsc#1077182).\n- powerpc/pseries: Query hypervisor for RFI flush settings (bsc#1068032, bsc#1077182).\n- powerpc/pseries: include linux/types.h in asm/hvcall.h (bsc#1068032, bsc#1077182).\n- powerpc/pseries: rfi-flush: Call setup_rfi_flush() after LPM migration (bsc#1068032, bsc#1077182).\n- powerpc/rfi-flush: Add DEBUG_RFI config option (bsc#1068032, bsc#1077182).\n- powerpc/rfi-flush: Move RFI flush fields out of the paca (unbreak kABI) (bsc#1068032, bsc#1077182).\n- powerpc/rfi-flush: Move the logic to avoid a redo into the sysfs code (bsc#1068032, bsc#1077182).\n- storvsc: do not assume SG list is continuous when doing bounce buffers (bsc#1075411).\n- sysfs/cpu: Add vulnerability folder (bnc#1012382).\n- sysfs: spectre_v2, handle spec_ctrl (bsc#1075994 bsc#1075091).\n- x86/cpu: Implement CPU vulnerabilites sysfs functions (bnc#1012382).\n- x86/cpufeatures: Add X86_BUG_CPU_INSECURE (bnc#1012382).\n- x86/cpufeatures: Add X86_BUG_SPECTRE_V[12] (bnc#1012382).\n- x86/cpufeatures: Make CPU bugs sticky (bnc#1012382).\n- x86/pti: Rename BUG_CPU_INSECURE to BUG_CPU_MELTDOWN (bnc#1012382).\n- x86/retpolines/spec_ctrl: disable IBRS on !SKL if retpolines are active (bsc#1068032).\n- x86/spectre_v2: fix ordering in IBRS initialization (bsc#1075994 bsc#1075091).\n- x86/spectre_v2: nospectre_v2 means nospec too (bsc#1075994 bsc#1075091).\n","id":"SUSE-SU-2018:0525-1","modified":"2018-02-22T17:05:19Z","published":"2018-02-22T17:05:19Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2018/suse-su-20180525-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1012382"},{"type":"REPORT","url":"https://bugzilla.suse.com/1047118"},{"type":"REPORT","url":"https://bugzilla.suse.com/1047626"},{"type":"REPORT","url":"https://bugzilla.suse.com/1068032"},{"type":"REPORT","url":"https://bugzilla.suse.com/1070623"},{"type":"REPORT","url":"https://bugzilla.suse.com/1073246"},{"type":"REPORT","url":"https://bugzilla.suse.com/1073311"},{"type":"REPORT","url":"https://bugzilla.suse.com/1073792"},{"type":"REPORT","url":"https://bugzilla.suse.com/1073874"},{"type":"REPORT","url":"https://bugzilla.suse.com/1074709"},{"type":"REPORT","url":"https://bugzilla.suse.com/1075091"},{"type":"REPORT","url":"https://bugzilla.suse.com/1075411"},{"type":"REPORT","url":"https://bugzilla.suse.com/1075908"},{"type":"REPORT","url":"https://bugzilla.suse.com/1075994"},{"type":"REPORT","url":"https://bugzilla.suse.com/1076017"},{"type":"REPORT","url":"https://bugzilla.suse.com/1076110"},{"type":"REPORT","url":"https://bugzilla.suse.com/1076154"},{"type":"REPORT","url":"https://bugzilla.suse.com/1076278"},{"type":"REPORT","url":"https://bugzilla.suse.com/1077182"},{"type":"REPORT","url":"https://bugzilla.suse.com/1077355"},{"type":"REPORT","url":"https://bugzilla.suse.com/1077560"},{"type":"REPORT","url":"https://bugzilla.suse.com/1077922"},{"type":"REPORT","url":"https://bugzilla.suse.com/1081317"},{"type":"REPORT","url":"https://bugzilla.suse.com/893777"},{"type":"REPORT","url":"https://bugzilla.suse.com/893949"},{"type":"REPORT","url":"https://bugzilla.suse.com/902893"},{"type":"REPORT","url":"https://bugzilla.suse.com/951638"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-1142857"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-13215"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-17741"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-17805"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-17806"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-18079"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-5715"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-1000004"}],"related":["CVE-2015-1142857","CVE-2017-13215","CVE-2017-17741","CVE-2017-17805","CVE-2017-17806","CVE-2017-18079","CVE-2017-5715","CVE-2018-1000004"],"summary":"Security update for the Linux Kernel","upstream":["CVE-2015-1142857","CVE-2017-13215","CVE-2017-17741","CVE-2017-17805","CVE-2017-17806","CVE-2017-18079","CVE-2017-5715","CVE-2018-1000004"]}