File _patchinfo of Package patchinfo.2888
<patchinfo incident="2888"> <issue id="984764" tracker="bnc">VUL-0: CVE-2016-4470: kernel live patch: Uninitialized variable in request_key handling causes kernel crash in error handling path</issue> <issue id="2016-4470" tracker="cve" /> <category>security</category> <rating>important</rating> <packager>mbenes</packager> <description>This update for the Linux Kernel 3.12.60-52_49 fixes several issues. The following security bugs were fixed: - CVE-2016-4470: The key_reject_and_link function in security/keys/key.c in the Linux kernel did not ensure that a certain data structure is initialized, which allowed local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command (bsc#984764). </description> <summary>Security update for Linux Kernel Live Patch 14 for SLE 12</summary> </patchinfo>
