Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3)
Details
This update for the Linux Kernel 4.4.180-94_138 fixes several issues.
The following security issues were fixed:
CVE-2020-36322: Fixed an issue inside the FUSE filesystem implementation where fusedogetattr() calls makebadinode() in inappropriate situations, could have caused a system crash. NOTE: the original fix for this vulnerability was incomplete, and its incompleteness is tracked as CVE-2021-28950 (bsc#1184952).
CVE-2021-29154: Fixed BPF JIT compilers that allowed to execute arbitrary code within the kernel context (bsc#1184710)