The SUSE Linux Enterprise 12 SP2 LTSS kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2020-36312: Fixed an issue in virt/kvm/kvm_main.c that had a kvm_io_bus_unregister_dev memory leak upon a kmalloc failure (bnc#1184509).
- CVE-2021-29650: Fixed an issue inside the netfilter subsystem that allowed attackers to cause a denial of service (panic) because net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h lack a full memory barrier upon the assignment of a new table value (bnc#1184208).
- CVE-2020-27673: Fixed an issue in Xen where a guest OS users could have caused a denial of service (host OS hang) via a high rate of events to dom0 (bnc#1177411, bnc#1184583).
- CVE-2021-29154: Fixed BPF JIT compilers that allowed to execute arbitrary code within the kernel context (bnc#1184391).
- CVE-2020-25673: Fixed NFC endless loops caused by repeated llcp_sock_connect() (bsc#1178181).
- CVE-2020-25672: Fixed NFC memory leak in llcp_sock_connect() (bsc#1178181).
- CVE-2020-25671: Fixed NFC refcount leak in llcp_sock_connect() (bsc#1178181).
- CVE-2020-25670: Fixed NFC refcount leak in llcp_sock_bind() (bsc#1178181).
- CVE-2021-28950: Fixed an issue in fs/fuse/fuse_i.h where a 'stall on CPU' could have occured because a retry loop continually finds the same bad inode (bnc#1184194, bnc#1184211).
- CVE-2020-36322: Fixed an issue inside the FUSE filesystem implementation where fuse_do_getattr() calls make_bad_inode() in inappropriate situations, could have caused a system crash. NOTE: the original fix for this vulnerability was incomplete, and its incompleteness is tracked as CVE-2021-28950 (bnc#1184211).
- CVE-2021-30002: Fixed a memory leak issue when a webcam device exists (bnc#1184120).
- CVE-2021-3483: Fixed a use-after-free bug in nosy_ioctl() (bsc#1184393).
- CVE-2021-20219: Fixed a denial of service vulnerability in drivers/tty/n_tty.c of the Linux kernel. In this flaw a local attacker with a normal...