Details
-
Improvement
-
Resolution: Won't Fix
-
Minor
-
None
-
None
-
None
-
9223372036854775807
Description
The following security bugs were fixed:
- CVE-2022-0001: Fixed Branch History Injection vulnerability
(bsc#1191580). - CVE-2022-0002: Fixed Intra-Mode Branch Target Injection vulnerability
(bsc#1191580). - CVE-2022-0847: Fixed a vulnerability were a local attackers could
overwrite data in arbitrary (read-only) files (bsc#1196584). - CVE-2022-25375: The RNDIS USB gadget lacks validation of the size of the
RNDIS_MSG_SET command. Attackers can obtain sensitive information from
kernel memory (bnc#1196235 ). - CVE-2022-0492: Fixed a privilege escalation related to cgroups v1
release_agent feature, which allowed bypassing namespace isolation
unexpectedly (bsc#1195543). - CVE-2022-0516: Fixed missing check in ioctl related to KVM in s390
allows kernel memory read/write (bsc#1195516).
The following non-security bugs were fixed:
https://lists.suse.com/pipermail/sle-security-updates/2022-March/010397.html