Overview

File _patchinfo of Package patchinfo.24390

<patchinfo incident="24390">
  <issue id="1198590" tracker="bnc">VUL-0: CVE-2022-1280: kernel live patch: concurrency uaf between drm_setmaster_ioctl and drm_mode_getresources</issue>
  <issue id="1199834" tracker="bnc">kernel-livepatch: module_mutex lock missing in livepatches' module notifier callbacks</issue>
  <issue id="2022-1280" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>nstange</packager>
  <description>This update for the Linux Kernel 5.3.18-150300_59_54 fixes several issues.

The following security issue was fixed:

- CVE-2022-1280: Fixed a use-after-free vulnerability in drm_lease_held in drivers/gpu/drm/drm_lease.c. This flaw allowed a local user privilege attacker to cause a denial of service (DoS) or a kernel information leak (bsc#1198590).
- Add missing module_mutex lock to module notifier for previous live patches (bsc#1199834).
</description>
<summary>Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP3)</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places