Overview

File _patchinfo of Package patchinfo.34346

<patchinfo incident="34346">
  <issue id="1220537" tracker="bnc">VUL-0: CVE-2021-46955: kernel live patch: openvswitch: fix stack OOB read while fragmenting IPv4 packets</issue>
  <issue id="1222118" tracker="bnc">VUL-0: CVE-2023-52628: kernel live patch: netfilter: nftables: exthdr: 4-byte stack OOB write</issue>
  <issue id="1223059" tracker="bnc">VUL-0: CVE-2024-26852: kernel live patch: net/ipv6: UAF in ip6_route_mpath_notify()</issue>
  <issue id="2021-46955" tracker="cve" />
  <issue id="2023-52628" tracker="cve" />
  <issue id="2024-26852" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>nstange</packager>
  <description>This update for the Linux Kernel 5.3.18-150200_24_163 fixes several issues.

The following security issues were fixed:

- CVE-2021-46955: Fixed an out-of-bounds read with openvswitch, when fragmenting IPv4 packets (bsc#1220537).
- CVE-2023-52628: Fixed 4-byte stack OOB write in nftables (bsc#1222118).
- CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059).
</description>
<summary>Security update for the Linux Kernel (Live Patch 40 for SLE 15 SP2)</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places