Security update for the Linux Kernel (Live Patch 11 for SLE 15 SP1)
Details
This update for the Linux Kernel 4.12.14-197_40 fixes several issues.
The following security issues were fixed:
CVE-2020-12653: Fixed a buffer overflow in mwifiexcmdappendvsietlv() which could have allowed local users to gain privileges or cause a denial of service (bsc#1171254).
CVE-2020-12654: Fixed a heap-based buffer overflow in mwifiexretwmmgetstatus() which could have been triggered by a remote AP to trigger (bsc#1171252).
CVE-2020-1749: Fixed an improper implementation in some IPsec protocols where the data were sent unencrypted allowing an attacker to read them (bsc#1165631).