The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various
security and bugfixes.

The following security bugs were fixed:

• CVE-2020-26088: Fixed an improper CAP_NET_RAW check in NFC socket
  creation could have been used by local attackers to create raw sockets,
  bypassing security mechanisms (bsc#1176990).
• CVE-2020-14390: Fixed an out-of-bounds memory write leading to memory
  corruption or a denial of service when changing screen size
  (bnc#1176235).
• CVE-2020-0432: Fixed an out of bounds write due to an integer overflow
  (bsc#1176721).
• CVE-2020-0427: Fixed an out of bounds read due to a use after free
  (bsc#1176725).
• CVE-2020-0431: Fixed an out of bounds write due to a missing bounds
  check (bsc#1176722).
• CVE-2020-0404: Fixed a linked list corruption due to an unusual root
  cause (bsc#1176423).
• CVE-2020-25212: Fixed getxattr kernel panic and memory overflow
  (bsc#1176381).
• CVE-2020-25284: Fixed an incomplete permission checking for access to
  rbd devices, which could have been leveraged by local attackers to map
  or unmap rbd block devices (bsc#1176482).
• CVE-2020-14381: Fixed requeue paths such that filp was valid when
  dropping the references (bsc#1176011).
• CVE-2019-25643: Fixed an improper input validation in ppp_cp_parse_cr
  function which could have led to memory corruption and read overflow
  (bsc#1177206).
• CVE-2020-25641: Fixed ann issue where length bvec was causing
  softlockups (bsc#1177121).

The following non-security bugs were fixed:
https://lists.suse.com/pipermail/sle-security-updates/2020-October/007544.html