File _patchinfo of Package patchinfo.7085

<patchinfo incident="7085">
  <issue id="1083488" tracker="bnc">VUL-0: CVE-2018-7566: kernel live patch: race condition in snd_seq_write() may lead to UAF or OOB-access</issue>
  <issue id="1085114" tracker="bnc">VUL-0:  CVE-2018-1068: kernel live patch: netfilter: ebtables: CONFIG_COMPAT: don't trust userland offsets</issue>
  <issue id="1085447" tracker="bnc">VUL-0: CVE-2017-13166: kernel live patch: An elevation of privilege vulnerability in the kernel v4l2 video driver.Product: Android. Versions: Android kernel. Android ID A-34624167.</issue>
  <issue id="2017-13166" tracker="cve" />
  <issue id="2018-1068" tracker="cve" />
  <issue id="2018-7566" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>mbenes</packager>
  <description>This update for the Linux Kernel 4.4.114-92_64 fixes several issues.

The following security issues were fixed:

- CVE-2017-13166: Prevent elevation of privilege vulnerability in the v4l2 video driver (bsc#1085447).
- CVE-2018-1068: A flaw in the implementation of 32-bit syscall interface for bridging allowed a privileged user to arbitrarily write to a limited range of kernel memory (bsc#1085114).
- CVE-2018-7566: Prevent buffer overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user (bsc#1083488).
</description>
<summary>Security update for the Linux Kernel (Live Patch 18 for SLE 12 SP2)</summary>
</patchinfo>