The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
CVE-2020-28374: Fixed a Linux SCSI target issue (bsc#1178372).
CVE-2020-36158: Fixed a potential remote code execution in the Marvell mwifiex driver (bsc#1180559).
CVE-2020-27825: Fixed a race in the trace_open and buffer resize calls (bsc#1179960).
CVE-2020-0466: Fixed a use-after-free due to a logic error in doepollctl and eploopcheck_proc of eventpoll.c (bnc#1180031).
CVE-2020-27068: Fixed an out-of-bounds read due to a missing bounds check in the nl80211_policy policy of nl80211.c (bnc#1180086).
CVE-2020-0465: Fixed multiple missing bounds checks in hid-multitouch.c that could have led to local privilege escalation (bnc#1180029).
CVE-2020-0444: Fixed a bad kfree due to a logic error in auditdatato_entry (bnc#1180027).
CVE-2020-29660: Fixed a locking inconsistency in the tty subsystem that may have allowed a read-after-free attack against TIOCGSID (bnc#1179745).
CVE-2020-29661: Fixed a locking issue in the tty subsystem that allowed a use-after-free attack against TIOCSPGRP (bsc#1179745).
CVE-2020-27777: Fixed a privilege escalation in the Run-Time Abstraction Services (RTAS) interface, affecting guests running on top of PowerVM or KVM hypervisors (bnc#1179107).
CVE-2019-20934: Fixed a use-after-free in shownumastats() because NUMA fault statistics were inappropriately freed, aka CID-16d51a590a8c (bsc#1179663).
CVE-2020-27786: Fixed a use after free in kernel midi subsystem sndrawmidikernel_read1() (bsc#1179601).
The following non-security bugs were fixed:
ACPI: PNP: compare the string length in the matching_id() (git-fixes).
ACPICA: Disassembler: create buffer fields in ACPIPARSELOAD_PASS1 (git-fixes).
ACPICA: Do not increment operation_region reference counts for field units (git-fixes).
fbcon: Fix user font detection test at fbcon_resize(). (bsc#1112178) Backporting changes: * updated path drivers/video/fbcon/core to drivers/video/console
fbcon: Remove the superfluous break (bsc#1129770) Backporting changes: * updated path drivers/video/fbcon/core to drivers/video/console * context changes
firmware: qcom: scm: Ensure 'a0' status code is treated as signed (git-fixes).
fix regression in 'epoll: Keep a reference on files added to the check list' (bsc#1180031, git-fixes).
forcedeth: use per cpu to collect xmit/recv statistics (git-fixes).
fs: Do not invalidate page buffers in blockwritefull_page() (bsc#1179711).
geneve: change from txerror to txdropped on missing metadata (git-fixes).
genirq/irqdomain: Add an irqcreatemapping_affinity() function (bsc#1065729).
gpio: arizona: handle pmruntimeget_sync failure case (git-fixes).
gpio: gpio-grgpio: fix possible sleep-in-atomic-context bugs in grgpioirqmap/unmap() (git-fixes).
gpio: max77620: Add missing dependency on GPIOLIB_IRQCHIP (git-fixes).