Security update for the Linux Kernel (Live Patch 26 for SLE 12 SP3)
Details
This update for the Linux Kernel 4.4.180-94_97 fixes one issue.
The following security issue was fixed:
CVE-2019-11487: The Linux kernel allowed page->refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/linux/pipefs_i.h, kernel/trace/trace.c, mm/gup.c, and mm/hugetlb.c. It can occur with FUSE requests (bsc#1133191).