The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
CVE-2020-25285: A race condition between hugetlb sysctl handlers in mm/hugetlb.c could be used by local attackers to corrupt memory, cause a NULL pointer dereference, or possibly have unspecified other impact (bnc#1176485).
CVE-2020-16120: Fixed permission check to open real file when using overlayfs. It was possible to have a file not readable by an unprivileged user be copied to a mountpoint controlled by that user and then be able to access the file. (bsc#1177470)
CVE-2020-14351: Fixed a race condition in the perfmmapclose() function (bsc#1177086).
The following non-security bugs were fixed:
ACPI: Always build evged in (git-fixes).
ACPI: button: fix handling lid state changes when input device closed (git-fixes).
ACPI: configfs: Add missing configitemput() to fix refcount leak (git-fixes).
acpi-cpufreq: Honor _PSD table setting on new AMD CPUs (git-fixes).
ACPI: debug: do not allow debugging when ACPI is disabled (git-fixes).