ALAS-2023-1803 --- kernelID: oval:org.secpod.oval:def:1601777 | Date: (C)2023-09-01 (M)2024-05-22 |
Class: PATCH | Family: unix |
A buffer overrun vulnerability was found in the netback driver in Xen due to an unusual split packet. This flaw allows an unprivileged guest to cause a denial of service of the host by sending network packets to the backend, causing the backend to crash. A use-after-free flaw was found in net/sched/cls_fw.c in classifiers in the Linux Kernel. This flaw allows a local attacker to perform a local privilege escalation due to incorrect handling of the existing filter, leading to a kernel information leak issue
Platform: |
Amazon Linux AMI |