File _patchinfo of Package patchinfo.23453

Overview Repositories Revisions Requests Users Attributes Meta

File _patchinfo of Package patchinfo.23453

<patchinfo incident="23453">
  <issue id="1194463" tracker="bnc">VUL-0: CVE-2021-0920: kernel live patch: Use After Free in unix_gc() which could result in a local privilege escalation</issue>
  <issue id="1196301" tracker="bnc">VUL-0: CVE-2022-25636: kernel live patch: heap out of bounds write in nf_dup_netdev.c</issue>
  <issue id="2021-0920" tracker="cve" />
  <issue id="2022-25636" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>nstange</packager> 
  <description>This update for the Linux Kernel 5.3.18-150300_59_54 fixes several issues.

The following security issues were fixed:

- CVE-2022-25636: Fixed an issue which allowed a local users to gain privileges because of a heap out-of-bounds write in nf_dup_netdev.c, related to nf_tables_offload (bsc#1196299).
- CVE-2021-0920: Fixed a local privilege escalation due to a use-after-free vulnerability in unix_scm_to_skb of af_unix (bsc#1193731).
</description>
<summary>Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP3)</summary>
</patchinfo>

Places

File _patchinfo of Package patchinfo.23453

Places