ALAS2LIVEPATCH-2023-136 --- kernel-livepatch-4.14.313-235.533| ID: oval:org.secpod.oval:def:1701559 | Date: (C)2023-09-01 (M)2024-04-25 |
| Class: PATCH | Family: unix |
A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation.The out-of-bounds write is caused by missing skb- greater than cb initialization in the ipvlan network driver. The vulnerability is reachable if CONFIG_IPVLAN is enabled.We recommend upgrading past commit 90cbed5247439a966b645b34eb0a2e037836ea8e
| Product: |
| kernel-livepatch-4.14.313-235.533 |
