The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
CVE-2020-12351: Fixed a type confusion while processing AMP packets aka 'BleedingTooth' aka 'BadKarma' (bsc#1177724).
CVE-2020-24490: Fixed a heap buffer overflow when processing extended advertising report events aka 'BleedingTooth' aka 'BadVibes' (bsc#1177726).
CVE-2020-12352: Fixed an information leak when processing certain AMP packets aka 'BleedingTooth' aka 'BadChoice' (bsc#1177725).
CVE-2020-25641: Fixed a zero-length biovec request issued by the block subsystem could have caused the kernel to enter an infinite loop, causing a denial of service (bsc#1177121).
CVE-2020-25643: Fixed a memory corruption and a read overflow which could have caused by improper input validation in the pppcpparse_cr function (bsc#1177206).
CVE-2020-25645: Fixed an issue which traffic between two Geneve endpoints may be unencrypted when IPsec is configured to encrypt traffic for the specific UDP port used by the GENEVE tunnel allowing anyone between the two endpoints to read the traffic unencrypted (bsc#1177511).
The following non-security bugs were fixed:
9p: Fix memory leak in v9fs_mount (git-fixes).
ACPI: EC: Reference count query handlers under lock (git-fixes).
crypto: qat - check cipher length for aead AES-CBC-HMAC-SHA (git-fixes).
cypto: mediatek - fix leaks in mtkdescring_alloc (git-fixes).
Disable CONFIGLIVEPATCHIPACLONES where not needed Explicitly disable CONFIGLIVEPATCHIPACLONES in configs where it is not needed to avoid confusion and unwanted values due to fragment config files.
dmaengine: mediatek: hsdmaprobe: fixed a memory leak when devmrequest_irq fails (git-fixes).
dmaengine: stm32-dma: use vchanterminatevdesc() in .terminate_all (git-fixes).
dmaengine: stm32-mdma: use vchanterminatevdesc() in .terminate_all (git-fixes).
dmaengine: tegra-apb: Prevent race conditions on channel's freeing (git-fixes).
mm/memcontrol.c: lost cssput in memcgexpandshrinkermaps() (bsc#1177694).
mm/migrate.c: also overwrite error when it is bigger than zero (git fixes (mm/move_pages), bsc#1177683).
mm: movepages: report the number of non-attempted pages (git fixes (mm/movepages), bsc#1177683).
mm: movepages: return valid node id in status if the page is already on the target node (git fixes (mm/movepages), bsc#1177683).
mm/pagealloc.c: call touchnmiwatchdog() on max order boundaries in deferred init (git fixes (mm/init), bsc#1177697).
mm, slab/slub: move and improve cachefromobj() (mm/slub bsc#1165692). mm, slab/slub: improve error reporting and overhead of cachefromobj() (mm/slub bsc#1165692).
mm, slub: extend checks guarded by slub_debug static key (mm/slub bsc#1165692).
mm, slub: extend slub_debug syntax for multiple blocks (mm/slub bsc#1165692).
mm, slub: introduce kmemcachedebug_flags() (mm/slub bsc#1165692).
mm, slub: introduce static key for slub_debug() (mm/slub bsc#1165692).
mm, slub: make reclaim_account attribute read-only (mm/slub bsc#1165692).
mm, slub: make remaining slub_debug related attributes read-only (mm/slub bsc#1165692).
mm, slub: make some slub_debug related attributes read-only (mm/slub bsc#1165692).
mm, slub: remove runtime allocation order changes (mm/slub bsc#1165692).
mm, slub: restore initial kmem_cache flags (mm/slub bsc#1165692).
Move upstreamed intel-vbtn patch into sorted section
mt76: add missing locking around ampdu action (git-fixes).
mt76: clear skb pointers from rx aggregation reorder buffer during cleanup (git-fixes).
mt76: do not use devm API for led classdev (git-fixes).
mt76: fix handling full tx queues in mt76dmatxqueueskb_raw (git-fixes).
mt76: fix LED link time failure (git-fixes).
mtd: cficmdset0002: do not free cfi->cfiq in error path of cfiamdstdsetup() (git-fixes).
mtd: rawnand: gpmi: Fix runtime PM imbalance on error (git-fixes).
mtd: rawnand: omap_elm: Fix runtime PM imbalance on error (git-fixes).