The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
CVE-2018-15572: The spectrev2select_mitigation function in arch/x86/kernel/cpu/bugs.c did not always fill RSB upon a context switch, which made it easier for attackers to conduct userspace-userspace spectreRSB attacks (bnc#1102517 bnc#1105296).
CVE-2018-10902: It was found that the raw midi kernel driver did not protect against concurrent access which leads to a double realloc (double free) in sndrawmidiinputparams() and sndrawmidioutputstatus() which are part of sndrawmidiioctl() handler in rawmidi.c file. A malicious local attacker could possibly use this for privilege escalation (bnc#1105322).
CVE-2018-9363: A buffer overflow in bluetooth HID report processing could be used by malicious bluetooth devices to crash the kernel or potentially execute code (bnc#1105292).
CVE-2018-10853: A KVM guest userspace to guest kernel write was fixed, which could be used by guest users to crash the guest kernel (bnc#1097104).
powerpc/pkeys: Save the pkey registers before fork (bsc#1097577).
powerpc/topology: Get topology for shared processors at boot (bsc#1104683). - Refresh patches.arch/mobility-numa-Ensure-numa-update-does-not-overlap.patch.
power: remove possible deadlock when unregistering power_supply (bsc#1051510).
power: supply: axp288charger: Fix initial constantcharge_current value (bsc#1051510).