The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-1749: Use ip6_dst_lookup_flow instead of ip6_dst_lookup . - CVE-2020-14314: Fixed a potential negative array index in do_split . - CVE-2020-14356: Fixed a null pointer dereference in cgroupv2 subsystem which could have led to privilege escalation . - CVE-2020-14331: Fixed a missing check in vgacon scrollback handling . - CVE-2020-16166: Fixed a potential issue which could have allowed remote attackers to make observations that help to obtain sensitive information about the internal state of the network RNG . - CVE-2020-24394: Fixed an issue which could set incorrect permissions on new filesystem objects when the filesystem lacks ACL support . - CVE-2020-10135: Legacy pairing and secure-connections pairing authentication Bluetooth might have allowed an unauthenticated user to complete authentication without pairing credentials via adjacent access . - CVE-2020-14386: Fixed a potential local privilege escalation via memory corruption . The following non-security bugs were fixed: - cifs: add support for fallocate mode 0 for non-sparse files . - cifs: allow unlock flock and OFD lock across fork . - cifs_atomic_open: fix double-put on late allocation failure . - cifs: Avoid doing network I/O while holding cache lock . - cifs: call wake_up inside of cifs_reconnect . - cifs: Clean up DFS referral cache . - cifs: document and cleanup dfs mount . - cifs: do not ignore the SYNC flags in getattr . - cifs: do not leak -EAGAIN for stat during reconnect . - cifs: do not share tcons with DFS . - cifs: ensure correct super block for DFS reconnect . - cifs: fail i/o on soft mounts if sessionsetup errors out . - cifs: fiemap: do not return EINVAL if get nothing . - cifs: Fix an error pointer dereference in cifs_mount . - cifs: fix double free error on share and prefix . - cifs: fix leaked reference on requeued write . - cifs: fix NULL dereference in match_prepath . - cifs: Fix null pointer check in cifs_read . - cifs: Fix potential deadlock when updating vol in cifs_reconnect . - cifs: fix potential mismatch of UNC paths . - cifs: fix rename by ensuring source handle opened with DELETE bit . - cifs: Fix return value in __update_cache_entry . - cifs: fix soft mounts hanging in the reconnect code . - cifs: Fix task struct use-after-free on reconnect . - cifs: fix uninitialised lease_key in open_shroot . - cifs: fix unitialized variable poential problem with network I/O cache lock patch . - cifs: Get rid of kstrdup_const"d paths . - cifs: get rid of unused parameter in reconn_setup_dfs_targets . - cifs: handle empty list of targets in cifs_reconnect . - cifs: handle hostnames that resolve to same ip in failover . - cifs: handle prefix paths in reconnect . - cifs: handle RESP_GET_DFS_REFERRAL.PathConsumed in reconnect . - cifs: improve read performance for page size 64KB amp; cache=strict amp; vers=2.1+ . - cifs: Introduce helpers for finding TCP connection . - cifs: make sure we do not overflow the max EA buffer size . - cifs: make use of cap_unix in cifs_reconnect_tcon . - cifs: merge __{cifs,smb2}_reconnect[_tcon] into cifs_tree_connect . - cifs: Merge is_path_valid into get_normalized_path . - cifs: minor update to comments around the cifs_tcp_ses_lock mutex . - cifs: only update prefix path of DFS links in cifs_tree_connect . - cifs: Optimize readdir on reparse points . - cifs: potential unintitliazed error code in cifs_getattr . - cifs: protect updating server-gt;dstaddr with a spinlock . - cifs: reduce number of referral requests in DFS link lookups . - cifs: rename reconn_inval_dfs_target . - cifs: set correct max-buffer-size for smb2_ioctl_init . - cifs: set up next DFS target before generic_ip_connect . - cifs: use mod_delayed_work for amp;server-gt;reconnect if already queued . - cifs: use PTR_ERR_OR_ZERO to simplify code . - Drivers: hv: vmbus: Only notify Hyper-V for die events that are oops . - ibmvnic: Fix IRQ mapping disposal in error path . - ip6_tunnel: allow not to count pkts on tstats by passing dev as NULL . - ip_tunnel: allow not to count pkts on tstats by setting skb"s dev to NULL . - kabi: hide new parameter of ip6_dst_lookup_flow . - kabi: mask changes to struct ipv6_stub . - mm: Avoid calling build_all_zonelists_init under hotplug context . - mm, vmstat: reduce zone-gt;lock holding time by /proc/pagetypeinfo . - scripts/git_sort/git_sort.py: add bluetooth/bluetooth-next.git repository - selftests/livepatch: fix mem leaks in test-klp-shadow-vars . - selftests/livepatch: more verification in test-klp-shadow-vars . - selftests/livepatch: rework test-klp-shadow-vars . - selftests/livepatch: simplify test-klp-callbacks busy target tests . - smb3: fix performance regression with setting mtime . - smb3: query attributes on file close . - smb3: remove unused flag passed into close functions . - Update patch reference for a tipc fix patch - x86/unwind/orc: Fix ORC for newly forked tasks . Special Instructions and Notes: Please reboot the system after installing this update.