File _patchinfo of Package patchinfo.25725
<patchinfo incident="25725"> <issue id="1196867" tracker="bnc"></issue> <issue id="1201941" tracker="bnc"></issue> <issue id="2020-36516" tracker="cve" /> <issue id="2022-36946" tracker="cve" /> <category>security</category> <rating>important</rating> <packager>nstange</packager> <description>This update for the Linux Kernel 4.12.14-150100_197_111 fixes several issues. The following security issues were fixed: - CVE-2020-36516: Fixed an off-path attack via mixed IPID assignment method with the hash-based IPID assignment policy to inject data into a victim's TCP session or terminate that session (bsc#1196867). - CVE-2022-36946: Fixed a remote denial of service attack inside nfqnl_mangle in net/netfilter/nfnetlink_queue.c, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative length (bsc#1201941). </description> <summary>Security update for the Linux Kernel (Live Patch 30 for SLE 15 SP1)</summary> </patchinfo>




