File _patchinfo of Package patchinfo.16239
<patchinfo incident="16239"> <issue id="1173100" tracker="bnc">VUL-0: CVE-2019-14895: kernel live patch: Heap Overflow in mwifiex_process_country_ie() function of Marvell Wifi Driver</issue> <issue id="1173659" tracker="bnc">VUL-0: CVE-2019-16746: kernel live patch: buffer overflow via missing check of variable elements length in a beacon head in net/wireless/nl80211.c</issue> <issue id="1173661" tracker="bnc">VUL-0: CVE-2019-14901: kernel live patch: overflow in mwifiex_process_tdls_action_frame function in marvell/mwifiex/tdls.c of Marvell Wifi Driver</issue> <issue id="1173663" tracker="bnc">VUL-0: CVE-2019-0155: kernel live patch: i915 priv esc</issue> <issue id="1173664" tracker="bnc">VUL-0: CVE-2019-14814: kernel live patch: Heap Overflow in mwifiex_set_uap_rates() function of Marvell Wifi Driver</issue> <issue id="1173665" tracker="bnc">VUL-0: CVE-2019-14815: kernel live patch: Heap Overflow in mwifiex_set_wmm_params() function of Marvell Wifi Driver</issue> <issue id="1173666" tracker="bnc">VUL-0: CVE-2019-14816: kernel live patch: Heap Overflow in mwifiex_update_vs_ie() function of Marvell Wifi Driver</issue> <issue id="1173867" tracker="bnc">VUL-0: CVE-2019-18680: kernel live patch: there is a NULL pointer dereference in rds_tcp_kill_sock() in net/rds/tcp.c that will cause denial of service, aka CID-91573ae4aed0.</issue> <issue id="1173869" tracker="bnc">VUL-0: CVE-2019-19447: kernel live patch: mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4_put_super in fs/ext4/super.c</issue> <issue id="1173942" tracker="bnc">VUL-1: CVE-2020-11668: kernel live patch: malicious USB device pretending to be Xirlink camera can corrupt random kernel memory</issue> <issue id="1173963" tracker="bnc">VUL-0: CVE-2019-9458: kernel live patch: use-after-free due to race condition in the video driver leads to local privilege escalation</issue> <issue id="1174247" tracker="bnc">VUL-0: CVE-2020-14331: kernel live patch: buffer over write in vgacon_scroll</issue> <issue id="2019-0155" tracker="cve" /> <issue id="2019-14814" tracker="cve" /> <issue id="2019-14815" tracker="cve" /> <issue id="2019-14816" tracker="cve" /> <issue id="2019-14895" tracker="cve" /> <issue id="2019-14901" tracker="cve" /> <issue id="2019-16746" tracker="cve" /> <issue id="2019-18680" tracker="cve" /> <issue id="2019-19447" tracker="cve" /> <issue id="2019-9458" tracker="cve" /> <issue id="2020-11668" tracker="cve" /> <issue id="2020-14331" tracker="cve" /> <category>security</category> <rating>important</rating> <packager>nstange</packager> <description>This update for the Linux Kernel 4.4.121-92_120 fixes several issues. The following security issues were fixed: - CVE-2020-14331: Fixed a buffer over-write in vgacon_scroll (bsc#1174247). - CVE-2019-0155: Fixed a privilege escalation in the i915 graphics driver (bsc#1173663). - CVE-2019-16746: Fixed a buffer overflow in net/wireless/nl80211.c (bsc#1173659). - CVE-2019-9458: Fixed a use-after-free in media/v4l (bsc#1173963). - CVE-2020-11668: Fixed a memory corruption issue in the Xirlink camera USB driver (bsc#1173942). - CVE-2019-19447: Fixed a use-after-free in ext4_put_super (bsc#1173869). - CVE-2019-18680: Fixed a NULL pointer dereference in rds_tcp_kill_sock() in net/rds/tcp.c (bsc#1173867). - CVE-2019-14816: Fixed a heap-based buffer overflow in the Marvell WiFi driver (bsc#1173666). - CVE-2019-14814: Fixed a heap-based buffer overflow in the Marvell WiFi driver (bsc#1173664). - CVE-2019-14815: Fixed a heap-based buffer overflow in the Marvell WiFi driver (bsc#1173665). - CVE-2019-14901: Fixed a heap overflow in the Marvell WiFi driver (bsc#1173661). - CVE-2019-14895: Fixed a heap-based buffer overflow in the Marvell WiFi driver (bsc#1173100). </description> <summary>Security update for the Linux Kernel (Live Patch 32 for SLE 12 SP2)</summary> </patchinfo>
