ALAS2LIVEPATCH-2020-026 --- kernel-livepatch-4.14.186-146.268ID: oval:org.secpod.oval:def:1700501 | Date: (C)2020-11-24 (M)2024-05-22 |
Class: PATCH | Family: unix |
An issue has been reported in the Linux kernel"s handling of raw sockets. This issue can be used locally to cause denial of service or local privilege escalation from unprivileged processes or from containers with the CAP_NET_RAW capability enabled.See Also:https://marc.info/?l=linux-netdevm=159915549623724w=2https://www.openwall.com/lists/oss-security/2020/09/03/3https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-14386 An issue was discovered in xfs_agf_verify in fs/xfs/libxfs/xfs_alloc.c in the Linux kernel through 5.6.10. Attackers may trigger a sync of excessive duration via an XFS v5 image with crafted metadata, aka CID-d0c7feaf8767
Product: |
kernel-livepatch-4.14.186-146.268 |