File _patchinfo of Package patchinfo.23879

Overview Repositories Revisions Requests Users Attributes Meta

File _patchinfo of Package patchinfo.23879

<patchinfo incident="23879">
  <issue id="1197335" tracker="bnc">VUL-0: CVE-2022-1015,CVE-2022-1016: kernel live patch: Vulnerability in nf_tables can cause privilege escalation</issue>
  <issue id="1197344" tracker="bnc">VUL-0: CVE-2022-1011: kernel live patch: FUSE allows UAF reads of write() buffers, allowing theft of (partial) /etc/shadow hashes</issue>
  <issue id="2022-1011" tracker="cve" />
  <issue id="2022-1016" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>nstange</packager>
  <description>This update for the Linux Kernel 4.12.14-197_108 fixes several issues.

The following security issues were fixed:

- CVE-2022-1016: Fixed a vulnerability in the nf_tables component of the netfilter subsystem. This vulnerability gives an attacker a powerful primitive that can be used to both read from and write to relative stack data, which can lead to arbitrary code execution. (bsc#1197335)
- CVE-2022-1011: Fixed an use-after-free vulnerability which could allow a local attacker to retireve (partial) /etc/shadow hashes or any other data from filesystem when he can mount a FUSE filesystems. (bsc#1197344)
</description>
<summary>Security update for the Linux Kernel (Live Patch 29 for SLE 15 SP1)</summary>
</patchinfo>

Places

File _patchinfo of Package patchinfo.23879

Places