Overview

File _patchinfo of Package patchinfo.18069

<patchinfo incident="18069">
  <issue id="1179664" tracker="bnc">VUL-0: CVE-2020-29368: kernel live patch: the copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check</issue>
  <issue id="1179779" tracker="bnc">VUL-1: CVE-2020-29373: kernel live patch: unsafely handling of the root directory during path lookups in fs/io_uring.c</issue>
  <issue id="1180008" tracker="bnc">VUL-0: CVE-2020-29569: kernel live patch: Use after free triggered by block frontend in Linux blkback (XSA-350 v3)</issue>
  <issue id="2020-29368" tracker="cve" />
  <issue id="2020-29373" tracker="cve" />
  <issue id="2020-29569" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>nstange</packager>
  <description>This update for the Linux Kernel 5.3.18-24_46 fixes several issues.

The following security issues were fixed:

- CVE-2020-29373: Fixed an issue where kernel unsafely handles the root directory during path lookups, and thus a process inside a mount namespace can escape to unintended filesystem locations (bsc#1179779).
- CVE-2020-29569: Fixed a use after free due to a logic error (bsc#1180008).
- CVE-2020-29368: Fixed an issue in copy-on-write implementation which could grant unintended write access because of a race condition in a THP mapcount check (bsc#1179664).
</description>
<summary>Security update for the Linux Kernel (Live Patch 9 for SLE 15 SP2)</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places