Ubuntu Security Notice USN-5297-1

Discussion in 'News Aggregator' started by Packet Storm, 23 Feb 2022.

  1. Packet Storm

    Packet Storm Guest

    Ubuntu Security Notice 5297-1 - Szymon Heidrich discovered that the USB Gadget subsystem in the Linux kernel did not properly restrict the size of control requests for certain gadget types, leading to possible out of bounds reads or writes. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Jann Horn discovered a race condition in the Unix domain socket implementation in the Linux kernel that could result in a read-after-free. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

    Continue reading...
     

Share This Page

Loading...