The SUSE Linux Enterprise 12 SP5 kernel was updated.
The following security bugs were fixed:
CVE-2021-4083: Fixed a race condition with Unix domain socket garbage collection that can lead to read memory after free. (bsc#1193727)
CVE-2021-4149: Fixed an improper lock operation in btrfs which allows users to crash the kernel or deadlock the system. (bsc#1194001)
CVE-2021-45485: Fixed an information leak because of certain use of a hash table which use IPv6 source addresses. (bsc#1194094)
CVE-2021-45486: Fixed an information leak because the hash table is very small in net/ipv4/route.c. (bsc#1194087)
CVE-2021-0920: Fixed a local privilege escalation due to an use after free bug in unix_gc. (bsc#1193731)
CVE-2021-28715: Fixed an issue where a guest could force Linux netback driver to hog large amounts of kernel memory by do not queueing unlimited number of packages. (bsc#1193442)
CVE-2021-28714: Fixed an issue where a guest could force Linux netback driver to hog large amounts of kernel memory by fixing rx queue stall detection. (bsc#1193442)
CVE-2021-28713: Fixed a rogue backends that could cause DoS of guests via high frequency events by hardening hvc_xen against event channel storms. (bsc#1193440)
CVE-2021-28712: Fixed a rogue backends that could cause DoS of guests via high frequency events by hardening netfront against event channel storms. (bsc#1193440)
CVE-2021-28711: Fixed a rogue backends that could cause DoS of guests via high frequency events by hardening blkfront against event channel storms. (bsc#1193440)
CVE-2018-25020: Fixed an issue in the BPF subsystem in the Linux kernel mishandled situations with a long jump over an instruction sequence where inner instructions require substantial expansions into multiple BPF instructions, leading to an overflow. (bsc#1193575)
CVE-2021-4002: Added a missing TLB flush that could lead to leak or corruption of data in hugetlbfs. (bsc#1192946)
CVE-2021-0935: Fixed out of bounds write due to a use after free which could lead to local escalation of privilege with System execution privileges needed in ip6_xmit. (bsc#1192032)
CVE-2019-15126: Fixed a vulnerability in Broadcom and Cypress Wi-Fi chips, used in RPi family of devices aka 'Kr00k'. (bsc#1167162)
CVE-2021-33098: Fixed a potential denial of service in Intel(R) Ethernet ixgbe driver due to improper input validation. (bsc#1192877)
CVE-2021-43975: Fixed a flaw in hwatlutilsfwrpc_wait that could allow an attacker (who can introduce a crafted device) to trigger an out-of-bounds write via a crafted length value. (bsc#1192845)
CVE-2021-43976: Fixed a flaw that could allow an attacker (who can connect a crafted USB device) to cause a denial of service. (bsc#1192847)
CVE-2020-27820: Fixed a vulnerability where a use-after-frees in nouveau's postclose() handler could happen if removing device. (bsc#1179599)
The following non-security bugs were fixed:
blk-mq: do not deactivate hctx if managed irq isn't used (bsc#1185762).
bpf: Add kconfig knob for disabling unpriv bpf by default (jsc#SLE-22913)
bpf: Disallow unprivileged bpf by default (jsc#SLE-22913).
cifs: Add new mount parameter 'acdirmax' to allow caching directory metadata (bsc#1190317).
cifs: Add new parameter 'acregmax' for distinct file and directory metadata timeout (bsc#1190317).
cifs: convert listforeach to entry variant (jsc#SLE-20656).
cifs: convert revalidate of directories to using directory metadata cache timeout (bsc#1190317).
cifs: Do not leak EDEADLK to dgetents64 for STATUSUSERSESSION_DELETED (bsc#1190317).
cifs: fiemap: do not return EINVAL if get nothing (bsc#1190317).
cifs: Fix a potencially linear read overflow (git-fixes).
cifs: fix a sign extension bug (git-fixes).
cifs: fix incorrect check for null pointer in header_assemble (bsc#1190317).
cifs: fix memory leak of smb3fscontextdup::serverhostname (bsc#1190317).
cifs: fix missed refcounting of ipc tcon (git-fixes).
cifs: fix print of hdrflags in dfscacheproc_show() (jsc#SLE-20656).
cifs: fix wrong release in sessallocbuffer() failed path (bsc#1190317).
cifs: for compound requests, use open handle if possible (bsc#1190317).
cifs: introduce new helper for cifs_reconnect() (jsc#SLE-20656).
cifs: move to generic async completion (bsc#1190317).
cifs: nosharesock should be set on new server (git-fixes).
cifs: nosharesock should not share socket with future sessions (bsc#1190317).
cifs: On cifs_reconnect, resolve the hostname again (bsc#1190317).
cifs: properly invalidate cached root handle when closing it (bsc#1190317).
cifs: release lock earlier in dequeue_mid error case (bsc#1190317).
cifs: set a minimum of 120s for next dns resolution (bsc#1190317).
cifs: Simplify reconnect code when dfs upcall is enabled (bsc#1190317).
cifs: split out dfs code from cifs_reconnect() (jsc#SLE-20656).
cifs: support nested dfs links over reconnect (jsc#SLE-20656).
cifs: support share failover when remounting (jsc#SLE-20656).
cifs: To match file servers, make sure the server hostname matches (bsc#1190317).
config: disable unprivileged BPF by default (jsc#SLE-22913) Backport of mainline commit 8a03e56b253e ('bpf: Disallow unprivileged bpf by default') only changes kconfig default, used e.g. for 'make oldconfig' when the config option is missing, but does not update our kernel configs used for build. Update also these to make sure unprivileged BPF is really disabled by default.
config: INPUT_EVBUG=n (bsc#1192974). Debug driver unsuitable for production, only enabled on ppc64.
constraints: Build aarch64 on recent ARMv8.1 builders. Request asimdrdm feature which is available only on recent ARMv8.1 CPUs. This should prevent scheduling the kernel on an older slower builder.
cred: allow getcred() and putcred() to be given NULL (git-fixes).
EDAC/amd64: Handle three rank interleaving mode (bsc#1114648).
elfcore: correct reference to CONFIG_UML (git-fixes).
elfcore: fix building with clang (bsc#1169514).
fuse: release pipe buf after last use (bsc#1193318).
genirq: Move initial affinity setup to irq_startup() (bsc#1193231).
genirq: Provide IRQCHIPAFFINITYPRE_STARTUP (bsc#1193231).
genirq: Remove mask argument from setup_affinity() (bsc#1193231).
genirq: Rename setupaffinity() to irqsetup_affinity() (bsc#1193231).
genirq: Split out irq_startup() code (bsc#1193231).
kprobes: Limit max data_size of the kretprobe instances (bsc#1193669).
lpfc: Reintroduce old IRQ probe logic (bsc#1183897).
md: fix a lock order reversal in md_alloc (git-fixes).