The SUSE Linux Enterprise 12 SP2 LTSS kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
Unprivileged BPF has been disabled by default to reduce attack surface as too many security issues have happened in the past (jsc#SLE-22573)
You can reenable via systemctl setting /proc/sys/kernel/unprivilegedbpfdisabled to 0. (kernel.unprivilegedbpfdisabled = 0)
CVE-2017-5753: Systems with microprocessors utilizing speculative execution and branch prediction may have allowed unauthorized disclosure of information to an attacker with local user access via a side-channel analysis (bnc#1068032). Additional spectrev1 fixes were added to the eBPF code.
{ "binaries": [ { "kernel-macros": "4.4.121-92.161.1", "kernel-devel": "4.4.121-92.161.1", "kernel-default-base": "4.4.121-92.161.1", "kernel-default": "4.4.121-92.161.1", "kernel-source": "4.4.121-92.161.1", "kernel-syms": "4.4.121-92.161.1", "kernel-default-devel": "4.4.121-92.161.1" } ] }
{ "binaries": [ { "kernel-macros": "4.4.121-92.161.1", "kernel-devel": "4.4.121-92.161.1", "kernel-default-base": "4.4.121-92.161.1", "kernel-default": "4.4.121-92.161.1", "kernel-source": "4.4.121-92.161.1", "kernel-syms": "4.4.121-92.161.1", "kernel-default-devel": "4.4.121-92.161.1" } ] }
{ "binaries": [ { "kernel-macros": "4.4.121-92.161.1", "kernel-devel": "4.4.121-92.161.1", "kernel-default-base": "4.4.121-92.161.1", "kernel-default": "4.4.121-92.161.1", "kernel-source": "4.4.121-92.161.1", "kernel-syms": "4.4.121-92.161.1", "kernel-default-devel": "4.4.121-92.161.1" } ] }