We recommend upgrading past commit 8fc134fee27f2263988ae38920bc03da416b03d8.ĬVE-2023-4881 was wrongly assigned to a bug that was deemed to be a non-security issue by the Linux kernel security team.Ī flaw was found in pfn_swap_entry_to_page in memory management subsystem in the Linux Kernel. peek handler of sch_plug and lack of error checking in agg_dequeue(). When the plug qdisc is used as a class of the qfq qdisc, sending network packets triggers use-after-free in qfq_dequeue() due to the incorrect. This issue may result in a denial of service from guest to host via zero length descriptor.Ī use-after-free vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation. We recommend upgrading past commit f15f29fd4779be8a418b66e9d52979bb6d6c2325.Ī flaw was found in vringh_kiov_advance in drivers/vhost/vringh.c in the host side of a virtio ring in the Linux Kernel. Addition and removal of rules from chain bindings within the same transaction causes leads to use-after-free. We recommend upgrading past commit e6e43b8aa7cd3c3af686caf0c2e11819a886d705.Ī use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. In case of an error in smb3_fs_context_parse_param, ctx->password was freed but the field was not set to NULL which could lead to double free. A use-after-free vulnerability in the Linux kernel's fs/smb/client component can be exploited to achieve local privilege escalation.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |