ALAS-2017-870 ---- kernel, perfID: oval:org.secpod.oval:def:1600748 | Date: (C)2020-11-27 (M)2024-04-17 |
Class: PATCH | Family: unix |
Buffer overflow in mp_override_legacy_irq:Buffer overflow in the mp_override_legacy_irq function in arch/x86/kernel/acpi/boot.c in the Linux kernel through 4.12.2 allows local users to gain privileges via a crafted ACPI table. A race between inotify_handle_event and sys_rename:A race condition was found in the Linux kernel, present since v3.14-rc1 through v4.12. The race happens between threads of inotify_handle_event and vfs_rename while running the rename operation against the same file. As a result of the race the next slab data or the slab"s free list pointer can be corrupted with attacker-controlled data, which may lead to the privilege escalation. Integer overflow in ip6_find_1stfragopt causes infinite loop:An integer overflow vulnerability in ip6_find_1stfragopt function was found. A local attacker that has privileges to open raw socket can cause an infinite loop inside the ip6_find_1stfragopt function.
Platform: |
Amazon Linux AMI |