Overview

File _patchinfo of Package patchinfo.23069

<patchinfo incident="23069">
  <issue id="1194463" tracker="bnc">VUL-0: CVE-2021-0920: kernel live patch: Use After Free in unix_gc() which could result in a local privilege escalation</issue>
  <issue id="1195307" tracker="bnc">VUL-0: CVE-2021-22600: kernel live patch: A double free bug in packet_set_ring() in net/packet/af_packet.c can be exploited by a local user through crafted syscalls to escalate privileges or deny service</issue>
  <issue id="1195947" tracker="bnc">VUL-0: CVE-2022-0516: kernel live patch: KVM: s390: missing check in ioctl allows kernel memory read/write</issue>
  <issue id="2021-0920" tracker="cve" />
  <issue id="2021-22600" tracker="cve" />
  <issue id="2022-0516" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>nstange</packager>
  <description>This update for the Linux Kernel 5.3.18-57 fixes several issues.

The following security issues were fixed:

- CVE-2022-0516: Fixed KVM s390 return error on SIDA memop on normal guest (bsc#1195947).
- CVE-2021-0920: Fixed a local privilege escalation due to an use after free bug in unix_gc (bsc#1194463).
- CVE-2021-22600: Fixed double free bug in packet_set_ring() in net/packet/af_packet.c that could have been exploited by a local user through crafted syscalls to escalate privileges or deny service (bsc#1195307).
</description>
<summary>Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP3)</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places