The SUSE Linux Enterprise 15 SP2 kernel Azure was updated to receive various security and bugfixes.
The following security bugs were fixed:
CVE-2020-25656: Fixed a concurrency use-after-free in vtdokdgkb_ioctl (bnc#1177766).
CVE-2020-25285: Fixed a race condition between hugetlb sysctl handlers in mm/hugetlb.c (bnc#1176485).
CVE-2020-14351: Fixed a race in the perfmmapclose() function (bsc#1177086).
CVE-2020-16120: Fixed a permissions issue in ovlpathopen() (bsc#1177470).
CVE-2020-12351: Implemented a kABI workaround for bluetooth l2cap_ops filter addition (bsc#1177724).
CVE-2020-12352: Fixed an information leak when processing certain AMP packets aka 'BleedingTooth' (bsc#1177725).
CVE-2020-25212: Fixed a TOCTOU mismatch in the NFS client code (bnc#1176381).
CVE-2020-25645: Fixed an an issue in IPsec that caused traffic between two Geneve endpoints to be unencrypted (bnc#1177511).
CVE-2020-24490: Fixed a heap buffer overflow when processing extended advertising report events aka 'BleedingTooth' aka 'BadVibes' (bsc#1177726).
CVE-2020-25641: Fixed a zero-length biovec request issued by the block subsystem could have caused the kernel to enter an infinite loop, causing a denial of service (bsc#1177121).
CVE-2020-25643: Fixed a memory corruption and a read overflow which could have caused by improper input validation in the pppcpparse_cr function (bsc#1177206).
CVE-2020-27673: Fixed an issue where rogue guests could have caused denial of service of Dom0 via high frequency events (XSA-332 bsc#1177411)
CVE-2020-27675: Fixed a race condition in event handler which may crash dom0 (XSA-331 bsc#1177410).
CVE-2020-25705: A ICMP global rate limiting side-channel was removed which could lead to e.g. the SADDNS attack (bsc#1175721)
The following non-security bugs were fixed:
9p: Fix memory leak in v9fs_mount (git-fixes).
ACPI: Always build evged in (git-fixes).
ACPI: button: fix handling lid state changes when input device closed (git-fixes).
ACPI: configfs: Add missing configitemput() to fix refcount leak (git-fixes).
acpi-cpufreq: Honor _PSD table setting on new AMD CPUs (git-fixes).
ACPI: debug: do not allow debugging when ACPI is disabled (git-fixes).
ACPI: EC: Reference count query handlers under lock (git-fixes).
actife: load meta modules before tcfidrcheckalloc() (networking-stable-200924).
crypto: qat - check cipher length for aead AES-CBC-HMAC-SHA (git-fixes).
cxgb4: fix memory leak during module unload (networking-stable-200924).
cxgb4: Fix offset when clearing filter byte counters (networking-stable-200924).
cxl: Rework error message for incompatible slots (bsc#1055014 git-fixes).
cypto: mediatek - fix leaks in mtkdescring_alloc (git-fixes).
dax: Fix compilation for CONFIGDAX && !CONFIGFS_DAX (bsc#1177817).
Disable ipa-clones dump for KMP builds (bsc#1178330) The feature is not really useful for KMP, and rather confusing, so let's disable it at building out-of-tree codes
Disable module compression on SLE15 SP2 (bsc#1178307)
dma-direct: add missing setmemorydecrypted() for coherent mapping (bsc#1175898, ECO-2743).
dma-direct: always align allocation size in dmadirectalloc_pages() (bsc#1175898, ECO-2743).
dma-direct: atomic allocations must come from atomic coherent pools (bsc#1175898, ECO-2743).
dma-direct: check return value when encrypting or decrypting memory (bsc#1175898, ECO-2743).
dma-direct: consolidate the error handling in dmadirectalloc_pages (bsc#1175898, ECO-2743).
dma-direct: make uncachedkerneladdress more general (bsc#1175898, ECO-2743).
dma-direct: provide function to check physical memory area validity (bsc#1175898, ECO-2743).
dma-direct: provide mmap and get_sgtable method overrides (bsc#1175898, ECO-2743).
dma-direct: re-encrypt memory if dmadirectalloc_pages() fails (bsc#1175898, ECO-2743).
mm: replace memmapcontext by meminitcontext (bsc#1178002).
mm/rmap: fixup copying of soft dirty and uffd ptes (git-fixes (mm/rmap)).
mm, slab/slub: move and improve cachefromobj() (mm/slub bsc#1165692). mm, slab/slub: improve error reporting and overhead of cachefromobj() (mm/slub bsc#1165692).
mm, slub: extend checks guarded by slub_debug static key (mm/slub bsc#1165692).
mm, slub: extend slub_debug syntax for multiple blocks (mm/slub bsc#1165692).
mm, slub: introduce kmemcachedebug_flags() (mm/slub bsc#1165692).
mm, slub: introduce static key for slub_debug() (mm/slub bsc#1165692).
mm, slub: make reclaim_account attribute read-only (mm/slub bsc#1165692).
mm, slub: make remaining slub_debug related attributes read-only (mm/slub bsc#1165692).
mm, slub: make some slub_debug related attributes read-only (mm/slub bsc#1165692).
mm, slub: remove runtime allocation order changes (mm/slub bsc#1165692).
mm, slub: restore initial kmem_cache flags (mm/slub bsc#1165692).
mm/zsmalloc.c: fix the migrated zspage statistics (git-fixes (mm/zsmalloc)).
ring-buffer: Return 0 on success from ringbufferresize() (git-fixes).
rpm/kernel-binary.spec.in: Fix compressed module handling for in-tree KMP (jsc#SLE-10886) The in-tree KMP that is built with SLE kernels have a different scriptlet that is embedded in kernel-binary.spec.in rather than *.sh files.
rpm/kernel-module-subpackage: make Group tag optional (bsc#1163592)
rtc: ds1374: fix possible race condition (git-fixes).
rtc: rx8010: do not modify the global rtc ops (git-fixes).
rtc: sa1100: fix possible race condition (git-fixes).