ALAS2LIVEPATCH-2023-107 --- kernel-livepatch-5.10.157-139.675ID: oval:org.secpod.oval:def:1701147 | Date: (C)2023-02-09 (M)2024-04-17 |
Class: PATCH | Family: unix |
A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function follow_page_pte of the file mm/gup.c of the component BPF. The manipulation leads to race condition. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211921 was assigned to this vulnerability. A missing check on user input in the _do_proc_dointvec function can result in a stack-based buffer overflow in the Linux kernel, which can cause a crash or potentially escalate privileges
Product: |
kernel-livepatch-5.10.157-139.675 |