Kernel Live Patch Security Notice LSN-0087-1

Discussion in 'News Aggregator' started by Packet Storm, 21 Jun 2022.

  1. Packet Storm

    Packet Storm Guest

    Aaron Adams discovered that the netfilter subsystem in the Linux kernel did not properly handle the removal of stateful expressions in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. Ziming Zhang discovered that the netfilter subsystem in the Linux kernel did not properly validate sets with multiple ranged fields. A local attacker could use this to cause a denial of service or execute arbitrary code.

    Continue reading...
     

Share This Page

Loading...