The SUSE Linux Enterprise 15 GA LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-0305: In cdev_get of char_dev.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation . - CVE-2019-20908: An issue was discovered in drivers/firmware/efi/efi.c where incorrect access permissions for the efivar_ssdt ACPI variable could be used by attackers to bypass lockdown or secure boot restrictions, aka CID-1957a85b0032 . - CVE-2020-15780: An issue was discovered in drivers/acpi/acpi_configfs.c where injection of malicious ACPI tables via configfs could be used by attackers to bypass lockdown and secure boot restrictions, aka CID-75b0cea7bf30 . - CVE-2020-15393: usbtest_disconnect in drivers/usb/misc/usbtest.c had a memory leak, aka CID-28ebeb8db770 . - CVE-2020-12771: btree_gc_coalesce in drivers/md/bcache/btree.c has a deadlock if a coalescing operation fails . - CVE-2019-16746: An issue was discovered in net/wireless/nl80211.c which did not check the length of variable elements in a beacon head, leading to a buffer overflow . - CVE-2020-12888: The VFIO PCI driver mishandled attempts to access disabled memory space . - CVE-2020-10769: A buffer over-read flaw was found in crypto_authenc_extractkeys in crypto/authenc.c in the IPsec Cryptographic algorithm"s module, authenc. When a payload longer than 4 bytes, and is not following 4-byte alignment boundary guidelines, it causes a buffer over-read threat, leading to a system crash. This flaw allowed a local attacker with user privileges to cause a denial of service . - CVE-2020-10773: A kernel stack information leak on s390/s390x was fixed . - CVE-2020-14416: A race condition in tty-gt;disc_data handling in the slip and slcan line discipline could lead to a use-after-free, aka CID-0ace17d56824. This affects drivers/net/slip/slip.c and drivers/net/can/slcan.c . - CVE-2020-10768: Indirect branch speculation could have been enabled after it was force-disabled by the PR_SPEC_FORCE_DISABLE prctl command. - CVE-2020-10766: Fixed Rogue cross-process SSBD shutdown, where a Linux scheduler logical bug allows an attacker to turn off the SSBD protection. - CVE-2020-10767: Indirect Branch Prediction Barrier was force-disabled when STIBP is unavailable or enhanced IBRS is available. - CVE-2020-13974: drivers/tty/vt/keyboard.c had an integer overflow if k_ascii is called several times in a row, aka CID-b86dab054059 . The following non-security bugs were fixed: - Merge ibmvnic reset fixes . - block, bfq: add requeue-request hook . - block, bfq: postpone rq preparation to insert or merge . - ibmvnic: Do not process device remove during device reset . - ibmvnic: Flush existing work items before device removal . - ibmvnic: Harden device login requests . - ibmvnic: Skip fatal error reset after passive init . - ibmvnic: continue to init in CRQ reset returns H_CLOSED . - intel_idle: Graceful probe failure when MWAIT is disabled . - livepatch: Apply vmlinux-specific KLP relocations early . - livepatch: Disallow vmlinux.ko . - livepatch: Make klp_apply_object_relocs static . - livepatch: Prevent module-specific KLP rela sections from referencing vmlinux symbols . - livepatch: Remove .klp.arch . - vfio/pci: Fix SR-IOV VF handling with MMIO blocking . - vfio/pci: Fix SR-IOV VF handling with MMIO blocking . - vfio/pci: Mask buggy SR-IOV VF INTx support . - vfio/pci: Mask buggy SR-IOV VF INTx support . - x86/{mce,mm}: Unmap the entire page if the whole page is affected and poisoned . Special Instructions and Notes: Please reboot the system after installing this update.