The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various
security and bugfixes.

The following security bugs were fixed:

• CVE-2021-3347: A use-after-free was discovered in the PI futexes during
  fault handling, allowing local users to execute code in the kernel
  (bnc#1181349).
• CVE-2021-3348: Fixed a use-after-free in nbd_add_socket that could be
  triggered by local attackers (with access to the nbd device) via an I/O
  request at a certain point during device setup (bnc#1181504).
• CVE-2021-20177: Fixed a kernel panic related to iptables string matching
  rules. A privileged user could insert a rule which could lead to denial
  of service (bnc#1180765).
• CVE-2021-0342: In tun_get_user of tun.c, there is possible memory
  corruption due to a use after free. This could lead to local escalation
  of privilege with System execution privileges required. (bnc#1180812)
• CVE-2020-27835: A use-after-free in the infiniband hfi1 driver was
  found, specifically in the way user calls Ioctl after open dev file and
  fork. A local user could use this flaw to crash the system (bnc#1179878).
• CVE-2020-25639: Fixed a NULL pointer dereference via nouveau ioctl
  (bnc#1176846).
• CVE-2020-29569: Fixed a potential privilege escalation and information
  leaks related to the PV block backend, as used by Xen (bnc#1179509).
• CVE-2020-29568: Fixed a denial of service issue, related to processing
  watch events (bnc#1179508).
• CVE-2020-25211: Fixed a flaw where a local attacker was able to inject
  conntrack netlink configuration that could cause a denial of service or
  trigger the use of incorrect protocol numbers in
  ctnetlink_parse_tuple_filter (bnc#1176395).

The following non-security bugs were fixed:
https://lists.suse.com/pipermail/sle-security-updates/2021-February/008292.html