Security update for the Linux Kernel (Live Patch 24 for SLE 15 SP1)
Details
This update for the Linux Kernel 4.12.14-197_89 fixes several issues.
The following security issues were fixed:
CVE-2022-27666: Fixed a buffer overflow vulnerability in IPsec ESP transformation code. This flaw allowed a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation. (bnc#1197462)
CVE-2022-22942: Fixed stale file descriptors on failed usercopy. (bsc#1195065)