The SUSE Linux Enterprise 15 SP3 Azure kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
CVE-2021-3659: Fixed a NULL pointer dereference in llseckeyalloc() in net/mac802154/llsec.c (bsc#1188876).
CVE-2021-21781: Fixed a information disclosure vulnerability in the ARM SIGPAGE (bsc#1188445).
CVE-2021-22543: Fixed improper handling of VMIO|VMPFNMAP vmas in KVM, which could bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allowed users with the ability to start and control a VM to read/write random pages of memory and can result in local privilege escalation (bsc#1186482).
CVE-2021-37576: Fixed an issue on the powerpc platform, where a KVM guest OS user could cause host OS memory corruption via rtas_args.nargs (bsc#1188838).
CVE-2021-3609: Fixed a potential local privilege escalation in the CAN BCM networking protocol (bsc#1187215).
CVE-2021-3612: Fixed an out-of-bounds memory write flaw in the joystick devices subsystem. This flaw allowed a local user to crash the system or possibly escalate their privileges on the system. (bsc#1187585)
CVE-2021-35039: Fixed mishandling of signature verification. Without CONFIGMODULESIG, verification that a kernel module is signed, for loading via initmodule, did not occur for a module.sigenforce=1 command-line argument (bsc#1188080).
The following non-security bugs were fixed:
ACPI: AMBA: Fix resource name in /proc/iomem (git-fixes).
ACPI: APEI: fix synchronous external aborts in user-mode (git-fixes).
ACPI: DPTF: Fix reading of attributes (git-fixes).
ACPI: EC: Make more Asus laptops use ECDT _GPE (git-fixes).
ACPI: PM / fan: Put fan device IDs into separate header file (git-fixes).
ACPI: bus: Call kobjectput() in acpiinit() error path (git-fixes).
ACPI: processor idle: Fix up C-state latency if not ordered (git-fixes).
ACPI: property: Constify stubs for CONFIG_ACPI=n case (git-fixes).
ACPI: resources: Add checks for ACPI IRQ override (git-fixes).
ACPI: sysfs: Fix a buffer overrun problem with description_show() (git-fixes).
ACPI: video: Add quirk for the Dell Vostro 3350 (git-fixes).
ACPICA: Fix memory leak caused by _CID repair function (git-fixes).
ALSA: ac97: fix PM reference leak in ac97busremove() (git-fixes).
ALSA: bebob: add support for ToneWeal FW66 (git-fixes).
ALSA: firewire-motu: fix detection for S/PDIF source on optical interface in v2 protocol (git-fixes).
ALSA: firewire-motu: fix stream format for MOTU 8pre FireWire (git-fixes).
ALSA: hda/realtek: Add another ALC236 variant support (git-fixes).
ALSA: hda/realtek: Apply LED fixup for HP Dragonfly G1, too (git-fixes).
ALSA: hda/realtek: Fix bass speaker DAC mapping for Asus UM431D (git-fixes).
ALSA: hda/realtek: Fix pop noise and 2 Front Mic issues on a machine (git-fixes).
ALSA: hda/realtek: Improve fixup for HP Spectre x360 15-df0xxx (git-fixes).
ALSA: hda/realtek: fix mute/micmute LEDs for HP EliteBook 830 G8 Notebook PC (git-fixes).
ALSA: hda/realtek: fix mute/micmute LEDs for HP EliteBook x360 830 G8 (git-fixes).
ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 445 G8 (git-fixes).
ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 450 G8 (git-fixes).
ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 630 G8 (git-fixes).
ALSA: hda: Add IRQ check for platformgetirq() (git-fixes).
ALSA: hda: intel-dsp-cfg: add missing ElkhartLake PCI ID (git-fixes).
ALSA: hdmi: Expose all pins on MSI MS-7C94 board (git-fixes).
ALSA: intel8x0: Fix breakage at ac97 clock measurement (git-fixes).
ALSA: isa: Fix error return code in sndcmi8330probe() (git-fixes).
ALSA: pcm - fix mmap capability check for the snd-dummy driver (git-fixes).
kabi/severities: ignore kABI of iwlwifi symbols (bsc#1187495) iwlwifi driver consists of several modules and all exported symbols are internal uses. Let's ignore kABI checks of those.