Ubuntu Security Notice USN-5071-3

Discussion in 'News Aggregator' started by Packet Storm, 23 Sep 2021.

  1. Packet Storm

    Packet Storm Guest

    Ubuntu Security Notice 5071-3 - It was discovered that the KVM hypervisor implementation in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. An attacker who could start and control a VM could possibly use this to expose sensitive information or execute arbitrary code. Murray McAllister discovered that the joystick device interface in the Linux kernel did not properly validate data passed via an ioctl. A local attacker could use this to cause a denial of service or possibly execute arbitrary code on systems with a joystick device registered. Various other issues were also addressed.

    Continue reading...
     

Share This Page

Loading...