File _patchinfo of Package patchinfo.7025

Overview Repositories Revisions Requests Users Attributes Meta

File _patchinfo of Package patchinfo.7025

<patchinfo incident="7025">
  <issue id="1083488" tracker="bnc">VUL-0: CVE-2018-7566: kernel live patch: race condition in snd_seq_write() may lead to UAF or OOB-access</issue>
  <issue id="1085114" tracker="bnc">VUL-0:  CVE-2018-1068: kernel live patch: netfilter: ebtables: CONFIG_COMPAT: don't trust userland offsets</issue>
  <issue id="1085447" tracker="bnc">VUL-0: CVE-2017-13166: kernel live patch: An elevation of privilege vulnerability in the kernel v4l2 video driver.Product: Android. Versions: Android kernel. Android ID A-34624167.</issue>
  <issue id="2017-13166" tracker="cve" />
  <issue id="2018-1068" tracker="cve" />
  <issue id="2018-7566" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>mbenes</packager>
  <description>This update for the Linux Kernel 3.12.61-52_122 fixes several issues.

The following security issues were fixed:

- CVE-2017-13166: An elevation of privilege vulnerability was fixed in the kernel v4l2 video driver. (bsc#1085447).
- CVE-2018-1068: A flaw was found in the Linux kernels implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory (bsc#1085114).
- CVE-2018-7566: The Linux kernel had a buffer overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user (bsc#1083488).
</description>
<summary>Security update for the Linux Kernel (Live Patch 32 for SLE 12)</summary>
</patchinfo>

Places

File _patchinfo of Package patchinfo.7025

Places