Описание
Security update for the Linux Kernel (Live Patch 14 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-150300_59_49 fixes several issues.
The following security issues were fixed:
- CVE-2022-0516: Fixed KVM s390 return error on SIDA memop on normal guest (bsc#1195947).
- CVE-2021-0920: Fixed a local privilege escalation due to an use after free bug in unix_gc (bsc#1194463).
Список пакетов
SUSE Linux Enterprise Live Patching 15 SP2
SUSE Linux Enterprise Live Patching 15 SP3
Ссылки
- Link for SUSE-SU-2022:0615-1
- E-Mail link for SUSE-SU-2022:0615-1
- SUSE Security Ratings
- SUSE Bug 1194463
- SUSE Bug 1195947
- SUSE CVE CVE-2021-0920 page
- SUSE CVE CVE-2022-0516 page
Описание
In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-196926917References: Upstream kernel
Затронутые продукты
Ссылки
- CVE-2021-0920
- SUSE Bug 1193731
- SUSE Bug 1194463
- SUSE Bug 1195939
- SUSE Bug 1199255
- SUSE Bug 1200084
Описание
A vulnerability was found in kvm_s390_guest_sida_op in the arch/s390/kvm/kvm-s390.c function in KVM for s390 in the Linux kernel. This flaw allows a local attacker with a normal user privilege to obtain unauthorized memory write access. This flaw affects Linux kernel versions prior to 5.17-rc4.
Затронутые продукты
Ссылки
- CVE-2022-0516
- SUSE Bug 1195516
- SUSE Bug 1195947