File _patchinfo of Package patchinfo.20844

Overview Repositories Revisions Requests Users Attributes Meta

File _patchinfo of Package patchinfo.20844

<patchinfo incident="20844">
  <issue id="1186483" tracker="bnc">VUL-0: CVE-2021-22543: kernel live patch: /dev/kvm LPE</issue>
  <issue id="1188323" tracker="bnc">VUL-0: CVE-2021-3609: kernel live patch: net/can: race condition in net/can/bcm.c leads to local privilege escalation</issue>
  <issue id="1188842" tracker="bnc">VUL-0: CVE-2021-37576: kernel-source-azure,kernel-source,kernel-source-rt: powerpc: KVM guest OS users can cause host OS memory corruption</issue>
  <issue id="2021-22543" tracker="cve" />
  <issue id="2021-3609" tracker="cve" />
  <issue id="2021-37576" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>nstange</packager>
  <description>This update for the Linux Kernel 5.3.18-59_16 fixes several issues.

The following security issues were fixed:

- CVE-2021-22543: Fixed an issue with KVM, related to the handling of VM_IO|VM_PFNMAP vmas, which allowed users with the ability to start and control a VM to read/write random pages of memory and could result in local privilege escalation (bsc#1186482).
- CVE-2021-37576: On the powerpc platform KVM guest OS users could cause host OS memory corruption via rtas_args.nargs (bsc#1188838).
- CVE-2021-3609: Fixed a local privilege escalation via a race condition in net/can/bcm.c (bsc#1187215).
</description>
<summary>Security update for the Linux Kernel (Live Patch 4 for SLE 15 SP3)</summary>
</patchinfo>

Places

File _patchinfo of Package patchinfo.20844

Places