Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:15.5:Update
patchinfo.25757
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.25757
<patchinfo incident="25757"> <issue id="1196867" tracker="bnc"></issue> <issue id="1196959" tracker="bnc"></issue> <issue id="1201941" tracker="bnc"></issue> <issue id="2020-36516" tracker="cve" /> <issue id="2021-39698" tracker="cve" /> <issue id="2022-36946" tracker="cve" /> <category>security</category> <rating>important</rating> <packager>nstange</packager> <description>This update for the Linux Kernel 5.14.21-150400_24_16 fixes several issues. The following security issues were fixed: - CVE-2020-36516: Fixed an off-path attack via mixed IPID assignment method with the hash-based IPID assignment policy to inject data into a victim's TCP session or terminate that session (bsc#1196867). - CVE-2021-39698: Fixed possible memory corruption in aio_poll_complete_work of aio.c, that could have led to local escalation of privilege with no additional execution privileges needed (bsc#1196959). - CVE-2022-36946: Fixed a remote denial of service attack inside nfqnl_mangle in net/netfilter/nfnetlink_queue.c, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative length (bsc#1201941). </description> <summary>Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP4)</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor