The SUSE Linux Enterprise 15 SP2 Realtime kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
int_ctl
VMCB field and allows a malicious L1 guest to enable AVIC support for the L2 guest. (bsc#1189399).virt_ext
VMCB field and allows a malicious L1 guest to disable both VMLOAD/VMSAVE intercepts and VLS for the L2 guest (bsc#1189400).The following non-security bugs were fixed:
{ "binaries": [ { "kernel-devel-rt": "5.3.18-51.1", "dlm-kmp-rt": "5.3.18-51.2", "kernel-rt_debug": "5.3.18-51.2", "kernel-rt-devel": "5.3.18-51.2", "cluster-md-kmp-rt": "5.3.18-51.2", "kernel-rt_debug-devel": "5.3.18-51.2", "kernel-source-rt": "5.3.18-51.1", "kernel-rt": "5.3.18-51.2", "ocfs2-kmp-rt": "5.3.18-51.2", "gfs2-kmp-rt": "5.3.18-51.2", "kernel-syms-rt": "5.3.18-51.1" } ] }
{ "binaries": [ { "kernel-devel-rt": "5.3.18-51.1", "dlm-kmp-rt": "5.3.18-51.2", "kernel-rt_debug": "5.3.18-51.2", "kernel-rt-devel": "5.3.18-51.2", "cluster-md-kmp-rt": "5.3.18-51.2", "kernel-rt_debug-devel": "5.3.18-51.2", "kernel-source-rt": "5.3.18-51.1", "kernel-rt": "5.3.18-51.2", "ocfs2-kmp-rt": "5.3.18-51.2", "gfs2-kmp-rt": "5.3.18-51.2", "kernel-syms-rt": "5.3.18-51.1" } ] }
{ "binaries": [ { "kernel-devel-rt": "5.3.18-51.1", "dlm-kmp-rt": "5.3.18-51.2", "kernel-rt_debug": "5.3.18-51.2", "kernel-rt-devel": "5.3.18-51.2", "cluster-md-kmp-rt": "5.3.18-51.2", "kernel-rt_debug-devel": "5.3.18-51.2", "kernel-source-rt": "5.3.18-51.1", "kernel-rt": "5.3.18-51.2", "ocfs2-kmp-rt": "5.3.18-51.2", "gfs2-kmp-rt": "5.3.18-51.2", "kernel-syms-rt": "5.3.18-51.1" } ] }
{ "binaries": [ { "kernel-devel-rt": "5.3.18-51.1", "dlm-kmp-rt": "5.3.18-51.2", "kernel-rt_debug": "5.3.18-51.2", "kernel-rt-devel": "5.3.18-51.2", "cluster-md-kmp-rt": "5.3.18-51.2", "kernel-rt_debug-devel": "5.3.18-51.2", "kernel-source-rt": "5.3.18-51.1", "kernel-rt": "5.3.18-51.2", "ocfs2-kmp-rt": "5.3.18-51.2", "gfs2-kmp-rt": "5.3.18-51.2", "kernel-syms-rt": "5.3.18-51.1" } ] }