Univention Corporate Server 4.3 erratum 448 (security)

This update the Linux kernel to version 4.9.144 addresses the following
issues:
* Race condition in fs/f2fs/node.c:add_free_nid() function allows local users
  to cause denial of service (CVE-2017-18249)
* cephx protocol is vulnerable to replay attack (CVE-2018-1128)
* cephx uses weak signatures (CVE-2018-1129)
* Buffer overflow in drivers/net/wireless/ath/wil6210/wmi.c:wmi_set_ie() may
  lead to memory corruption (CVE-2018-5848)
* Integer overflow in kernel/time/posix-timers.c (CVE-2018-12896)
* Integer overflow in the alarm_timer_nsleep function (CVE-2018-13053)
* Out-of-bounds memory access in fs/f2fs/super.c (CVE-2018-13096)
* Divide-by-zero in fs/f2fs/super.c (CVE-2018-13097)
* Divide-by-zero in fs/f2fs/super.c (CVE-2018-13100)
* Out-of-bounds access in write_extent_buffer() when mounting and operating a
  crafted btrfs image (CVE-2018-14610)
* Use-after-free in try_merge_free_space() when mounting crafted btrfs image
  (CVE-2018-14611)
* Invalid pointer dereference in btrfs_root_node() when mounting a crafted
  btrfs image (CVE-2018-14612)
* Invalid pointer dereference in io_ctl_map_page() when mounting and
  operating a crafted btrfs image (CVE-2018-14613)
* Out-of-bounds access in fs/f2fs/segment.c:__remove_dirty_segment() when
  mounting a crafted f2fs image (CVE-2018-14614)
* NULL pointer dereference in fs/crypto/crypto.c:fscrypt_do_page_crypto()
  when operating on a corrupted f2fs image (CVE-2018-14616)
* cleancache: Infoleak of deleted files after reuse of old inodes
  (CVE-2018-16862)
* Unprivileged users able to inspect kernel stacks of arbitrary tasks
  (CVE-2018-17972)
* TLB flush happens too late on mremap (CVE-2018-18281)
* Filesystem corruption due to an unchecked error condition during an xfs
  attribute change (CVE-2018-18690)
* Information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c
  (CVE-2018-18710)
* kvm: NULL pointer dereference in vcpu_scan_ioapic in arch/x86/kvm/x86.c
  (CVE-2018-19407)