Security update for the Linux Kernel (Live Patch 12 for SLE 15 SP4)
Details
This update for the Linux Kernel 5.14.21-1504002463 fixes several issues.
The following security issues were fixed:
CVE-2023-4921: Fixed a use-after-free vulnerability in the QFQ network scheduler which could be exploited to achieve local privilege escalation (bsc#1215300).
CVE-2023-39198: Fixed a race condition leading to a use-after-free in qxlmodedumb_create() (bsc#1217116).
CVE-2023-51780: Fixed a use-after-free in dovccioctl in net/atm/ioctl.c, because of a vcc_recvmsg race condition (bsc#1218733).