Overview

File _patchinfo of Package patchinfo.24520

<patchinfo incident="24520">
  <issue id="1197597" tracker="bnc">VUL-0: CVE-2022-1048: kernel live patch: Race Condition in snd_pcm_hw_free leading to use-after-free</issue>
  <issue id="1199602" tracker="bnc">VUL-0: CVE-2022-30594:kernel live patch: mishandled seccomp permissions</issue>
  <issue id="1199834" tracker="bnc">kernel-livepatch: module_mutex lock missing in livepatches' module notifier callbacks</issue>
  <issue id="2022-1048" tracker="cve" />
  <issue id="2022-30594" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>nstange</packager>
  <description>This update for the Linux Kernel 5.3.18-24_86 fixes several issues.

The following security issues were fixed:

- CVE-2022-1048: Fixed a race Condition in snd_pcm_hw_free leading to use-after-free due to the AB/BA lock with buffer_mutex and mmap_lock (bsc#1197597).
- CVE-2022-30594: Fixed restriction bypass on setting the PT_SUSPEND_SECCOMP flag (bnc#1199602).
- Add missing module_mutex lock to module notifier for previous live patches (bsc#1199834).
</description>
<summary>Security update for the Linux Kernel (Live Patch 20 for SLE 15 SP2)</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places