Security update for the Linux Kernel (Live Patch 20 for SLE 15 SP3)
Details
This update for the Linux Kernel 5.3.18-1503005976 fixes several issues.
The following security issues were fixed:
CVE-2022-20154: Fixed a use after free due to a race condition in locksocknested of sock.c. This could lead to local escalation of privilege with System execution privileges needed (bsc#1200599).
CVE-2022-1116: Fixed an integer overflow in io_uring which may lead to local privilege escalation (bsc#1199647).
CVE-2021-39698: Fixed a possible memory corruption due to a use after free in aiopollcomplete_work. This could lead to local escalation of privilege with no additional execution privileges needed. (bsc#1196956)