The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2019-15291: There was a NULL pointer dereference, caused by a malicious USB device in the flexcop_usb_probe function in the drivers/media/usb/b2c2/flexcop-usb.c driver (bnc#1146540).
- CVE-2019-14821: An out-of-bounds access issue was found in the way the KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices 'ring->first' and 'ring->last' value could be supplied by a host user-space process. An unprivileged host user or process with access to '/dev/kvm' device could use this flaw to crash the host kernel, resulting in a denial of service or potentially escalating privileges on the system (bnc#1151350).
- CVE-2017-18595: A double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c (bnc#1149555).
- CVE-2019-9506: The Bluetooth BR/EDR specification up to and including version 5.1 permitted sufficiently low encryption key length and did not prevent an attacker from influencing the key length negotiation. This allowed practical brute-force attacks (aka 'KNOB') that could decrypt traffic and injected arbitrary ciphertext without the victim noticing (bnc#1137865 bnc#1146042).
The following non-security bugs were fixed:
- ACPI: custom_method: fix memory leaks (bsc#1051510).
- ACPI / PCI: fix acpi_pci_irq_enable() memory leak (bsc#1051510).
- ACPI / property: Fix acpi_graph_get_remote_endpoint() name in kerneldoc (bsc#1051510).
- alarmtimer: Use EOPNOTSUPP instead of ENOTSUPP (bsc#1151680).
- ALSA: aoa: onyx: always initialize register read value (bsc#1051510).
- ALSA: firewire-tascam: check intermediate state of clock status and retry (bsc#1051510).
- ALSA: firewire-tascam: handle error code when getting current source of clock (bsc#1051510).
- ASoC: es8328: Fix copy-paste error in...