The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2019-25160: Fixed out-of-bounds memory accesses in netlabel (bsc#1220394).
- CVE-2020-36312: Fixed an issue in virt/kvm/kvm_main.c that had a kvm_io_bus_unregister_dev memory leak upon a kmalloc failure (bsc#1184509).
- CVE-2021-23134: Fixed a use-after-free issue in nfc sockets (bsc#1186060).
- CVE-2021-46904: Fixed NULL pointer dereference during tty device unregistration (bsc#1220416).
- CVE-2021-46905: Fixed NULL pointer dereference on disconnect regression (bsc#1220418).
- CVE-2021-46909: Fixed PCI interrupt mapping in ARM footbridge (bsc#1220442).
- CVE-2021-46938: Fixed double free of blk_mq_tag_set in dev remove after table load fails (bsc#1220554).
- CVE-2021-46939: Fixed possible hung in trace_clock_global() (bsc#1220580).
- CVE-2021-46941: Fixed core softreset when switch mode in usb dwc3 (bsc#1220628).
- CVE-2021-46950: Fixed possible data corruption in md/raid1 when ending a failed write request (bsc#1220662).
- CVE-2021-46958: Fixed race between transaction aborts and fsyncs that could lead to use-after-free in btrfs (bsc#1220521).
- CVE-2021-46960: Fixed wrong error code from smb2_get_enc_key() (bsc#1220528).
- CVE-2021-46963: Fixed crash in qla2xxx_mqueuecommand() (bsc#1220536).
- CVE-2021-46964: Fixed unreserved extra IRQ vectors in qla2xxx (bsc#1220538).
- CVE-2021-46966: Fixed potential use-after-free issue in cm_write() (bsc#1220572).
- CVE-2021-46981: Fixed NULL pointer in flush_workqueue (bsc#1220611).
- CVE-2021-46988: Fixed possible crash in userfaultfd due to unreleased page (bsc#1220706).
- CVE-2021-46990: Fixed crashes when toggling entry flush barrier in powerpc/64s (bsc#1220743).
- CVE-2021-46998: Fixed a use after free bug in enic_hard_start_xmit() (bsc#1220625).
- CVE-2021-47006: Fixed wrong check in overflow_handler hook in ARM 9064/1 hw_breakpoint (bsc#1220751).
- CVE-2021-47015: Fixed RX...