ALAS-2022-1581 --- kernelID: oval:org.secpod.oval:def:1601529 | Date: (C)2022-04-22 (M)2024-04-17 |
Class: PATCH | Family: unix |
A buffer overflow flaw was found in the Linux kernel's NFC protocol functionality. This flaw allows a local user to crash or escalate their privileges on the system. A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat. In the Linux kernel before 5.17.1, a refcount leak bug was found in net/llc/af_llc.c
Platform: |
Amazon Linux AMI |