ALAS2LIVEPATCH-2023-105 --- kernel-livepatch-5.10.149-133.644ID: oval:org.secpod.oval:def:1701151 | Date: (C)2023-02-09 (M)2024-04-25 |
Class: PATCH | Family: unix |
A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function ipv6_renew_options of the component IPv6 Handler. The manipulation leads to memory leak. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211021 was assigned to this vulnerability. A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function intr_callback of the file drivers/net/usb/r8152.c of the component BPF. The manipulation leads to logging of excessive data. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211363. A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function follow_page_pte of the file mm/gup.c of the component BPF. The manipulation leads to race condition. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211921 was assigned to this vulnerability. A missing check on user input in the _do_proc_dointvec function can result in a stack-based buffer overflow in the Linux kernel, which can cause a crash or potentially escalate privileges
Product: |
kernel-livepatch-5.10.149-133.644 |