Security update for the Linux Kernel (Live Patch 4 for SLE 15 SP3)
Details
This update for the Linux Kernel 5.3.18-59_16 fixes several issues.
The following security issues were fixed:
CVE-2022-27666: Fixed a buffer overflow vulnerability in IPsec ESP transformation code. This flaw allowed a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation. (bnc#1197462)
CVE-2021-39698: Fixed a possible memory corruption due to a use after free in aiopollcomplete_work. This could lead to local escalation of privilege with no additional execution privileges needed. (bsc#1196956)
CVE-2022-22942: Fixed stale file descriptors on failed usercopy. (bsc#1195065)