The new kernel live patch addresses a race condition (CVE-2017-0861) found in Linux kernel’s ALSA PCM subsystem and a use-after-free vulnerability (CVE-2017-15129) discovered in the network namespaces implementation, both of which could allow a local attacker to crash the system or execute arbitrary code. Additionally, the new kernel live patch fixes a race condition (CVE-2018-5344) discovered in Linux kernel’s loop block device, which could allow a local attacker to either crash the system by causing a denial of service or possibly execute arbitrary code, and a null pointer dereference (CVE-2018-5333) in the RDS (Reliable Datagram Sockets) protocol implementation that lets local attackers to crash the vulnerable system.
Articles
View All Hover to load posts
Articles
View All Hover to load posts
Articles
View All Hover to load posts
Articles
View All Hover to load posts
Articles
View All Hover to load posts
Articles
View All Hover to load posts
Articles
View All Hover to load posts
Articles
View All Hover to load posts
