The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
CVE-2021-29650: Fixed an issue with the netfilter subsystem that allowed attackers to cause a denial of service (panic) because net/netfilter/xtables.c and include/linux/netfilter/xtables.h lack a full memory barrier upon the assignment of a new table value (bnc#1184208).
CVE-2021-29155: Fixed an issue that was discovered in kernel/bpf/verifier.c that performs undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory. Specifically, for sequences of pointer arithmetic operations, the pointer modification performed by the first operation was not correctly accounted for when restricting subsequent operations (bnc#1184942).
The following non-security bugs were fixed:
ACPI: CPPC: Replace cppcattr with kobjattribute (git-fixes).
ALSA: core: remove redundant spinlock pair in sndcard_disconnect (git-fixes).
ALSA: emu8000: Fix a use after free in sndemu8000create_mixer (git-fixes).
ALSA: hda/cirrus: Add error handling into CS8409 I2C functions (git-fixes).
ALSA: hda/cirrus: Add Headphone and Headset MIC Volume Control (git-fixes).
ALSA: hda/cirrus: Add jack detect interrupt support from CS42L42 companion codec (git-fixes).
ALSA: hda/cirrus: Add support for CS8409 HDA bridge and CS42L42 companion codec (git-fixes).