The SUSE Linux Enterprise 12 SP5 Real Time kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
Unprivileged BPF has been disabled by default to reduce attack surface as too many security issues have happened in the past (jsc#SLE-22573)
You can reenable via systemctl setting /proc/sys/kernel/unprivilegedbpfdisabled to 0. (kernel.unprivilegedbpfdisabled = 0)
CVE-2021-0941: In bpfskbchange_head of filter.c, there is a possible out of bounds read due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation (bnc#1192045).
The following non-security bugs were fixed:
{ "binaries": [ { "kernel-devel-rt": "4.12.14-10.70.2", "dlm-kmp-rt": "4.12.14-10.70.2", "gfs2-kmp-rt": "4.12.14-10.70.2", "kernel-rt_debug": "4.12.14-10.70.2", "kernel-rt-devel": "4.12.14-10.70.2", "cluster-md-kmp-rt": "4.12.14-10.70.2", "kernel-rt_debug-devel": "4.12.14-10.70.2", "kernel-source-rt": "4.12.14-10.70.2", "kernel-rt": "4.12.14-10.70.2", "ocfs2-kmp-rt": "4.12.14-10.70.2", "kernel-syms-rt": "4.12.14-10.70.2", "kernel-rt-base": "4.12.14-10.70.2" } ] }
{ "binaries": [ { "kernel-devel-rt": "4.12.14-10.70.2", "dlm-kmp-rt": "4.12.14-10.70.2", "gfs2-kmp-rt": "4.12.14-10.70.2", "kernel-rt_debug": "4.12.14-10.70.2", "kernel-rt-devel": "4.12.14-10.70.2", "cluster-md-kmp-rt": "4.12.14-10.70.2", "kernel-rt_debug-devel": "4.12.14-10.70.2", "kernel-source-rt": "4.12.14-10.70.2", "kernel-rt": "4.12.14-10.70.2", "ocfs2-kmp-rt": "4.12.14-10.70.2", "kernel-syms-rt": "4.12.14-10.70.2", "kernel-rt-base": "4.12.14-10.70.2" } ] }
{ "binaries": [ { "kernel-devel-rt": "4.12.14-10.70.2", "dlm-kmp-rt": "4.12.14-10.70.2", "gfs2-kmp-rt": "4.12.14-10.70.2", "kernel-rt_debug": "4.12.14-10.70.2", "kernel-rt-devel": "4.12.14-10.70.2", "cluster-md-kmp-rt": "4.12.14-10.70.2", "kernel-rt_debug-devel": "4.12.14-10.70.2", "kernel-source-rt": "4.12.14-10.70.2", "kernel-rt": "4.12.14-10.70.2", "ocfs2-kmp-rt": "4.12.14-10.70.2", "kernel-syms-rt": "4.12.14-10.70.2", "kernel-rt-base": "4.12.14-10.70.2" } ] }
{ "binaries": [ { "kernel-devel-rt": "4.12.14-10.70.2", "dlm-kmp-rt": "4.12.14-10.70.2", "gfs2-kmp-rt": "4.12.14-10.70.2", "kernel-rt_debug": "4.12.14-10.70.2", "kernel-rt-devel": "4.12.14-10.70.2", "cluster-md-kmp-rt": "4.12.14-10.70.2", "kernel-rt_debug-devel": "4.12.14-10.70.2", "kernel-source-rt": "4.12.14-10.70.2", "kernel-rt": "4.12.14-10.70.2", "ocfs2-kmp-rt": "4.12.14-10.70.2", "kernel-syms-rt": "4.12.14-10.70.2", "kernel-rt-base": "4.12.14-10.70.2" } ] }