ALAS2KERNEL-5.4-2022-017 --- kernelID: oval:org.secpod.oval:def:1700827 | Date: (C)2022-02-01 (M)2023-12-20 |
Class: PATCH | Family: unix |
A flaw was found in the Linux kernel. A local attacker, able to inject conntrack netlink configuration, could overflow a local buffer causing crashes or triggering the use of incorrect protocol numbers in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability
Product: |
kernel |
perf |
python-perf |