This issue occurs due to integer underflow on the memcpy length, leading to a denial of service.Ī use-after-free flaw was found in the Linux Kernel. This flaw allows a local user to crash or potentially escalate their privileges on the system.Īn out-of-bounds memory read flaw was found in receive_encrypted_standard in fs/smb/client/smb2ops.c in the SMB Client sub-component in the Linux Kernel. This flaw allows a local user to observe a refcnt use-after-free issue when receiving an igmp query packet, leading to a kernel information leak.Ī memory leak flaw was found in the Linux kernel’s io_uring functionality in how a user registers a buffer ring with IORING_REGISTER_PBUF_RING, mmap() it, and then frees it. This flaw allows a local user to cause a denial of service or potentially escalate their privileges on the system.Ī use-after-free issue was found in igmp_start_timer in net/ipv4/igmp.c in the network sub-component in the Linux Kernel. That means every iteration overwrites part of the previous element, possibly leading to an out-of-bounds write. On each iteration, 8 bytes are written, but `dst` is an array of u32, so each element only has space for 4 bytes. The issue is in the nft_byteorder_eval() function, where the code iterates through a loop and writes to the `dst` array. This flaw allows a local user to crash or potentially escalate their privileges on the system.Ī flaw was found in the Netfilter subsystem in the Linux kernel. An out-of-bounds memory write flaw was found in the Linux kernel’s Transport Layer Security functionality in how a user calls a function splice with a ktls socket as the destination.
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |