Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP2)
Details
This update for the Linux Kernel 5.3.18-22 fixes several issues.
The following security issues were fixed:
CVE-2020-36322: Fixed an issue inside the FUSE filesystem implementation where fusedogetattr() calls makebadinode() in inappropriate situations, could have caused a system crash. NOTE: the original fix for this vulnerability was incomplete, and its incompleteness is tracked as CVE-2021-28950 (bsc#1184952).
CVE-2021-29154: Fixed BPF JIT compilers that allowed to execute arbitrary code within the kernel context (bsc#1184710)