File _patchinfo of Package patchinfo.20840
<patchinfo incident="20840"> <issue id="1186483" tracker="bnc">VUL-0: CVE-2021-22543: kernel live patch: /dev/kvm LPE</issue> <issue id="1188323" tracker="bnc">VUL-0: CVE-2021-3609: kernel live patch: net/can: race condition in net/can/bcm.c leads to local privilege escalation</issue> <issue id="1188842" tracker="bnc">VUL-0: CVE-2021-37576: kernel-source-azure,kernel-source,kernel-source-rt: powerpc: KVM guest OS users can cause host OS memory corruption</issue> <issue id="2021-22543" tracker="cve" /> <issue id="2021-3609" tracker="cve" /> <issue id="2021-37576" tracker="cve" /> <category>security</category> <rating>important</rating> <packager>nstange</packager> <description>This update for the Linux Kernel 5.3.18-57 fixes several issues. The following security issues were fixed: - CVE-2021-22543: Fixed an issue with KVM, related to the handling of VM_IO|VM_PFNMAP vmas, which allowed users with the ability to start and control a VM to read/write random pages of memory and could result in local privilege escalation (bsc#1186482). - CVE-2021-37576: On the powerpc platform KVM guest OS users could cause host OS memory corruption via rtas_args.nargs (bsc#1188838). - CVE-2021-3609: Fixed a local privilege escalation via a race condition in net/can/bcm.c (bsc#1187215). </description> <summary>Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP3)</summary> </patchinfo>




