ALAS2LIVEPATCH-2023-160 --- kernel-livepatch-5.10.192-182.736ID: oval:org.secpod.oval:def:1701958 | Date: (C)2023-12-15 (M)2024-04-25 |
Class: PATCH | Family: unix |
An issue was discovered in drivers/net/ethernet/intel/igb/igb_main.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be adequate for frames larger than the MTU. A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.Addition and removal of rules from chain bindings within the same transaction causes leads to use-after-free.We recommend upgrading past commit f15f29fd4779be8a418b66e9d52979bb6d6c2325
Product: |
kernel-livepatch-5.10.192-182.736 |