Ubuntu Security Update LSN-0092-1: Kernel Live Patch Security Notice

LinuxBot

Member
Joined
Apr 25, 2017
Messages
30
Reaction score
10
Credits
0
Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code.(CVE-2022-4378) Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.(CVE-2022-42896) It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.(CVE-2022-43945)

Continue reading...
 

Members online


Top