Overview

File _patchinfo of Package patchinfo.11756

<patchinfo incident="11756">
  <issue id="1136446" tracker="bnc">VUL-0: CVE-2019-3846: kernel live patch: Heap Overflow in mwifiex_update_bss_desc_with_ie function of Marvell Wifi Driver in Linux kernel</issue>
  <issue id="1138264" tracker="bnc">VUL-0: CVE-2019-12817: kernel live patch: powerpc: access to other processes memory</issue>
  <issue id="2019-12817" tracker="cve" />
  <issue id="2019-3846" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>nstange</packager>
  <description>This update for the Linux Kernel 4.12.14-195 fixes several issues.

The following security issues were fixed:

- CVE-2019-12817: arch/powerpc/mm/mmu_context_book3s64.c in the Linux kernel for powerpc had a bug where unrelated processes may be able to read/write to one another's virtual memory under certain conditions via an mmap above 512 TB. Only a subset of powerpc systems are affected (bsc#1138264).
- CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network (bsc#1136446).
</description>
<summary>Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP1)</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places