ALAS-2018-1100 --- kernel perfID: oval:org.secpod.oval:def:1600944 | Date: (C)2018-11-19 (M)2024-05-04 |
Class: PATCH | Family: unix |
An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel. An attacker with a local account can trick the stack unwinder code to leak stack contents to userspace. The fix allows only root to inspect the kernel stack of an arbitrary task.A vulnerability was discovered in the Linux kernel that allows an attacker to escalate privileges with using a 64-bit ARM architecture. A local attacker with permission to create KVM-based virtual machines can both panic the hypervisor by triggering an illegal exception return and to redirect execution elsewhere within the hypervisor with full register control, instead of causing a return to the guest.
Platform: |
Amazon Linux AMI |