The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
CVE-2020-15436: Fixed a use after free vulnerability in fs/block_dev.c which could have allowed local users to gain privileges or cause a denial of service (bsc#1179141).
CVE-2020-15437: Fixed a null pointer dereference which could have allowed local users to cause a denial of service(bsc#1179140).
CVE-2020-25669: Fixed a use-after-free read in sunkbd_reinit() (bsc#1178182).
CVE-2020-27777: Restrict RTAS requests from userspace (bsc#1179107).
CVE-2020-28915: Fixed a buffer over-read in the fbcon code which could have been used by local attackers to read kernel memory (bsc#1178886).
CVE-2020-28974: Fixed a slab-out-of-bounds read in fbcon which could have been used by local attackers to read privileged information or potentially crash the kernel (bsc#1178589).
CVE-2020-29371: Fixed uninitialized memory leaks to userspace (bsc#1179429).
The following non-security bugs were fixed:
ACPI: GED: fix -Wformat (git-fixes).
ALSA: ctl: fix error path at adding user-defined element set (git-fixes).
ALSA: firewire: Clean up a locking issue in copyrespto_buf() (git-fixes).
ALSA: mixart: Fix mutex deadlock (git-fixes).
arm64: KVM: Fix system register enumeration (bsc#1174726).
arm/arm64: KVM: Add PSCI version selection API (bsc#1174726).