ALAS2KERNEL-5.4-2023-044 --- kernelID: oval:org.secpod.oval:def:1701284 | Date: (C)2023-05-08 (M)2024-05-05 |
Class: PATCH | Family: unix |
A double-free flaw was found in the Linux kernel and rsquo;s TUN/TAP device driver functionality in how a user registers the device when the register_netdevice function fails . This flaw allows a local user to crash or potentially escalate their privileges on the system. A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. An out-of-bounds memory access flaw was found in the Linux kernel's XFS file system in how a user restores an XFS image after failure . This flaw allows a local user to crash or potentially escalate their privileges on the system. do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition
Product: |
kernel |
perf |
python-perf |
bpftool |