File _patchinfo of Package patchinfo.18588

<patchinfo incident="18588">
  <issue id="1179616" tracker="bnc">VUL-0: CVE-2020-27786: kernel live patch: use-after-free in kernel midi subsystem snd_rawmidi_kernel_read1()</issue>
  <issue id="1179664" tracker="bnc">VUL-0: CVE-2020-29368: kernel live patch: the copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check</issue>
  <issue id="1180859" tracker="bnc">VUL-0: CVE-2021-0342: kernel live patch: memory corruption due to a use after free in tun_get_user() of tun.c</issue>
  <issue id="1181553" tracker="bnc">VUL-0: CVE-2021-3347: kernel live patch: UAF in futex</issue>
  <issue id="2020-27786" tracker="cve" />
  <issue id="2020-29368" tracker="cve" />
  <issue id="2021-0342" tracker="cve" />
  <issue id="2021-3347" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>nstange</packager>
  <description>This update for the Linux Kernel 4.12.14-197_78 fixes several issues.

The following security issues were fixed:

- CVE-2020-29368: Fixed an issue in copy-on-write implementation which could have granted unintended write access because of a race condition in a THP mapcount check (bsc#1179664).
- CVE-2021-3347: Fixed a use-after-free in the PI futexes during fault handling, allowing local users to execute code in the kernel (bsc#1181553).
- CVE-2020-27786: Fixed a potential user after free which could have led to memory corruption or privilege escalation (bsc#1179616).
- CVE-2021-0342: Fixed a potential memory corruption due to a use after free which could have led to local escalation of privilege with System execution privileges required (bsc#1180859).
</description>
<summary>Security update for the Linux Kernel (Live Patch 21 for SLE 15 SP1)</summary>
</patchinfo>