Security update for the Linux Kernel (Live Patch 12 for SLE 15 SP1)
Details
This update for the Linux Kernel 4.12.14-197_45 fixes several issues.
The following security issues were fixed:
CVE-2020-36322: Fixed an issue inside the FUSE filesystem implementation where fusedogetattr() calls makebadinode() in inappropriate situations, could have caused a system crash. NOTE: the original fix for this vulnerability was incomplete, and its incompleteness is tracked as CVE-2021-28950 (bsc#1184952).
CVE-2021-29154: Fixed BPF JIT compilers that allowed to execute arbitrary code within the kernel context (bsc#1184710)
Fix system crash on kernfskillsb() as a sysfs superblock's kernfssuperinfo node list was NULL (bsc#1183452).