Security update for the Linux Kernel (Live Patch 17 for SLE 15 SP2)
Details
This update for the Linux Kernel 5.3.18-24_75 fixes several issues.
The following security issues were fixed:
CVE-2021-22543: Fixed an issue with KVM, related to the handling of VMIO|VMPFNMAP vmas, which allowed users with the ability to start and control a VM to read/write random pages of memory and could result in local privilege escalation (bsc#1186482).
CVE-2021-37576: On the powerpc platform KVM guest OS users could cause host OS memory corruption via rtas_args.nargs (bsc#1188838).