ALAS2LIVEPATCH-2023-134 --- kernel-livepatch-4.14.314-238.539ID: oval:org.secpod.oval:def:1701541 | Date: (C)2023-09-01 (M)2024-04-25 |
Class: PATCH | Family: unix |
A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation.The out-of-bounds write is caused by missing skb- greater than cb initialization in the ipvlan network driver. The vulnerability is reachable if CONFIG_IPVLAN is enabled.We recommend upgrading past commit 90cbed5247439a966b645b34eb0a2e037836ea8e
Product: |
kernel-livepatch-4.14.314-238.539 |