The SUSE Linux Enterprise 12 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

• CVE-2018-20855: An issue was discovered in the Linux kernel In
  create_qp_common in drivers/infiniband/hw/mlx5/qp.c,
  mlx5_ib_create_qp_resp was never initialized, resulting in a leak of
  stack memory to userspace(bsc#1143045).
• CVE-2019-1125: Exclude ATOMs from speculation through SWAPGS
  (bsc#1139358).
• CVE-2019-14283: In the Linux kernel, set_geometry in
  drivers/block/floppy.c did not validate the sect and head fields, as
  demonstrated by an integer overflow and out-of-bounds read. It could be
  triggered by an unprivileged local user when a floppy disk was inserted.
  NOTE: QEMU creates the floppy device by default. (bnc#1143191)
• CVE-2019-11810: An issue was discovered in the Linux kernel A NULL
  pointer dereference could occur when megasas_create_frame_pool() failed
  in megasas_alloc_cmds() in drivers/scsi/megaraid/megaraid_sas_base.c.
  This caused a Denial of Service, related to a use-after-free
  (bnc#1134399).
• CVE-2019-13648: In the Linux kernel on the powerpc platform, when
  hardware transactional memory was disabled, a local user could cause a
  denial of service (TM Bad Thing exception and system crash) via a
  sigreturn() system call that sent a crafted signal frame. (bnc#1142254)
• CVE-2019-13631: In parse_hid_report_descriptor in
  drivers/input/tablet/gtco.c in the Linux kernel, a malicious USB device
  could send an HID report that triggered an out-of-bounds write during
  generation of debugging messages. (bnc#1142023)

The following non-security bugs were fixed:
http://lists.suse.com/pipermail/sle-security-updates/2019-August/005794.html