The SUSE Linux Enterprise 15 SP2 RT kernel was updated to receive various security and bugfixes.
Transient execution side-channel attacks attacking the Branch History Buffer (BHB), named 'Branch Target Injection' and 'Intra-Mode Branch History Injection' are now mitigated.
The following security bugs were fixed:
- CVE-2022-0001: Fixed Branch History Injection vulnerability (bsc#1191580). - CVE-2022-0002: Fixed Intra-Mode Branch Target Injection vulnerability (bsc#1191580). - CVE-2022-0847: Fixed a vulnerability were a local attackers could overwrite data in arbitrary (read-only) files (bsc#1196584).
The following non-security bugs were fixed:
- btrfs: check for missing device in btrfs_trim_fs (bsc#1195701). - lib/iov_iter: initialize 'flags' in new pipe_buffer (bsc#1196584). - nfsd: allow delegation state ids to be revoked and then freed (bsc#1192483). - nfsd: allow open state ids to be revoked and then freed (bsc#1192483). - nfsd: do not admin-revoke NSv4.0 state ids (bsc#1192483). - nfsd: prepare for supporting admin-revocation of state (bsc#1192483). - powerpc/pseries/ddw: Revert 'Extend upper limit for huge DMA window for persistent memory' (bsc#1195995 ltc#196394).