Univention Corporate Server 4.3 erratum 494 (security)

This update of the Linux kernel to version 4.9.168 addresses the following
issues:
* Information Exposure through dmesg data from a "software IO TLB" printk
  call (CVE-2018-5953)
* use-after-free Read in vhost_transport_send_pkt (CVE-2018-14625)
* nfs: use-after-free in svc_process_common() (CVE-2018-16884)
* Use-after-free in sound/usb/card.c:usb_audio_probe() (CVE-2018-19824)
* oob memory read in hso_probe in drivers/net/usb/hso.c (CVE-2018-19985)
* usb: missing size check in the __usb_get_extra_descriptor() leading to DoS
  (CVE-2018-20169)
* Improper validation in bnx2x network card driver can allow for denial of
  service attacks via crafted packet (CVE-2018-1000026)
* Heap address information leak while using L2CAP_GET_CONF_OPT
  (CVE-2019-3459)
* Heap address information leak while using L2CAP_PARSE_CONF_RSP
  (CVE-2019-3460)
* Missing check in net/can/gw.c:can_can_gw_rcv() allows for crash by users
  with CAP_NET_ADMIN (CVE-2019-3701)
* infinite loop in drivers/hid/hid-debug.c:hid_debug_events_read()
  (CVE-2019-3819)
* KVM: potential use-after-free via kvm_ioctl_create_device() (CVE-2019-6974)
* KVM: nVMX: use-after-free of the hrtimer for emulation of the preemption
  timer (CVE-2019-7221)
* KVM: leak of uninitialized stack contents to guest (CVE-2019-7222)
* memory leak in the kernel_read_file function in fs/exec.c allows to cause a
  denial of service (CVE-2019-8980)
* lack of check for mmap minimum address in expand_downwards in mm/mmap.c
  leads to NULL pointer dereferences exploit on non-SMAP platforms
  (CVE-2019-9213)
* hwpoison implementation in mm/memory-failure.c leads to denial of service
  (CVE-2019-10124)