ALAS2KERNEL-5.4-2022-020 --- kernelID: oval:org.secpod.oval:def:1700814 | Date: (C)2022-02-01 (M)2024-04-17 |
Class: PATCH | Family: unix |
A use-after-free flaw was found in kernel/trace/ring_buffer.c in Linux kernel. There was a race problem in trace_open and resize of cpu buffer running parallely on different cpus, may cause a denial of service problem . This flaw could even allow a local attacker with special user privilege to a kernel information leak threat. A flaw leak of the file handle for parent directory in the Linux kernel's NFS3 functionality was found in the way user calls READDIRPLUS. A local user could use this flaw to traverse to other parts of the file-system than mounted sub-folder. A flaw was found in the Linux kernel. A use-after-free memory flaw in the Fast Userspace Mutexes functionality allowing a local user to crash the system or escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. A use after free flaw in the Linux kernel network block device subsystem was found in the way user calls an ioctl NBD_SET_SOCK at a certain point during device setup
Product: |
kernel |
perf |
python-perf |