ALAS2KERNEL-5.15-2024-037 --- kernelID: oval:org.secpod.oval:def:1702121 | Date: (C)2024-02-28 (M)2024-04-25 |
Class: PATCH | Family: unix |
A memory corruption flaw was found in the Linux kernel's human interface device subsystem in how a user inserts a malicious USB device. This flaw allows a local user to crash or potentially escalate their privileges on the system. In the Linux kernel 6.0.8, there is a use-after-free in inode_cgwb_move_to_attached in fs/fs-writeback.c, related to __list_del_entry_valid
Product: |
kernel |
perf |
python-perf |
bpftool |