ALAS-2019-1149 --- kernel perfID: oval:org.secpod.oval:def:1600973 | Date: (C)2019-01-28 (M)2024-05-22 |
Class: PATCH | Family: unix |
A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out
Platform: |
Amazon Linux AMI |