Overview

File _patchinfo of Package patchinfo.19207

<patchinfo incident="19207">
  <issue id="1182294" tracker="bnc">VUL-0: CVE-2021-26930: kernel live patch: error handling issues in blkback's grant mapping (XSA-365 v3)</issue>
  <issue id="1184171" tracker="bnc">VUL-0: CVE-2021-3444: kernel-source: [] Linux kernel bpf verifier incorrect mod32 truncation</issue>
  <issue id="2021-26930" tracker="cve" />
  <issue id="2021-26931" tracker="cve" />
  <issue id="2021-28688" tracker="cve" />
  <issue id="2021-3444" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>nstange</packager>
  <description>This update for the Linux Kernel 4.12.14-150_52 fixes several issues.

The following security issues were fixed:

- CVE-2021-3444: Fixed an issue with the bpf verifier which did not properly handle mod32 destination register truncation when the source register was known to be 0 leading to out of bounds read  (bsc#1184171).
- CVE-2021-28688: Fixed an issue introduced by XSA-365 (bsc##1182294, bsc#1183646).
- CVE-2021-26930: Fixed an improper error handling in blkback's grant mapping (XSA-365 bsc#1182294).
- CVE-2021-26931: Fixed an issue where Linux  kernel was treating grant mapping errors as bugs (XSA-362 bsc#1183022).
</description>
<summary>Security update for the Linux Kernel (Live Patch 18 for SLE 15)</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places