Ubuntu Security Notice USN-5094-2

Discussion in 'News Aggregator' started by Packet Storm, 2 Oct 2021.

  1. Packet Storm

    Packet Storm Guest

    Ubuntu Security Notice 5094-2 - It was discovered that the KVM hypervisor implementation in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. An attacker who could start and control a VM could possibly use this to expose sensitive information or execute arbitrary code. It was discovered that the tracing subsystem in the Linux kernel did not properly keep track of per-cpu ring buffer state. A privileged attacker could use this to cause a denial of service. Various other issues were also addressed.

    Continue reading...
     

Share This Page

Loading...