Ubuntu Security Notice USN-5096-1

Discussion in 'News Aggregator' started by Packet Storm, 1 Oct 2021.

  1. Packet Storm

    Packet Storm Guest

    Ubuntu Security Notice 5096-1 - Valentina Palmiotti discovered that the io_uring subsystem in the Linux kernel could be coerced to free adjacent memory. A local attacker could use this to execute arbitrary code. Benedict Schlueter discovered that the BPF subsystem in the Linux kernel did not properly protect against Speculative Store Bypass side- channel attacks in some situations. A local attacker could possibly use this to expose sensitive information. Various other issues were also addressed.

    Continue reading...
     

Share This Page

Loading...