ALAS2KERNEL-5.10-2024-046 --- kernelID: oval:org.secpod.oval:def:1702073 | Date: (C)2024-02-07 (M)2024-04-17 |
Class: PATCH | Family: unix |
An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information. A use-after-free flaw was found in the netfilter subsystem of the Linux kernel. If the catchall element is garbage-collected when the pipapo set is removed, the element can be deactivated twice. This can cause a use-after-free issue on an NFT_CHAIN object or NFT_OBJECT object, allowing a local unprivileged user with CAP_NET_ADMIN capability to escalate their privileges on the system
Product: |
kernel |
perf |
python-perf |
bpftool |