| Revision Date: | 2022-07-21 | Version: | 1 |
| Title: | Security update for the Linux Kernel (Live Patch 24 for SLE 12 SP4) (Important) |
| Description: |
This update for the Linux Kernel 4.12.14-95_88 fixes several issues.
The following security issues were fixed:
- CVE-2022-20154: Fixed a use after free due to a race condition in lock_sock_nested of sock.c. This could lead to local escalation of privilege with System execution privileges needed (bsc#1200599). - CVE-2022-21499: Reinforced the kernel lockdown feature, until now it's been trivial to break out of it with kgdb or kdb (bsc#1199426). - CVE-2022-1729: Fixed a sys_perf_event_open() race condition against self (bsc#1199507).
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | 1199697
1200059
1200608
CVE-2022-1729
CVE-2022-20154
CVE-2022-21499
SUSE-SU-2022:2482-1
|
| Platform(s): | SUSE Linux Enterprise Live Patching 12 SP4
| Product(s): | |
| Definition Synopsis |
| SUSE Linux Enterprise Live Patching 12 SP4 is installed AND kgraft-patch-4_12_14-95_88-default-7-2.3 is installed
|