4 matches found
AZL-26953 CVE-2023-0459 affecting package kernel for versions less than 5.15.116.1-1
Copyfromuser on 64-bit versions of the Linux kernel does not implement the uaccessbeginnospec allowing a user to bypass the "accessok" check and pass a kernel pointer to copyfromuser. This would allow an attacker to leak information. We recommend upgrading beyond...
Design/Logic Flaw
Copyfromuser on 64-bit versions of the Linux kernel does not implement the uaccessbeginnospec allowing a user to bypass the "accessok" check and pass a kernel pointer to copyfromuser. This would allow an attacker to leak information. We recommend upgrading beyond...
CVE-2023-0459
CVE-2023-0459: Linux kernel on 64-bit systems is affected by a local elevation of information disclosure due to Copy_from_user bypassing __uaccess_begin_nospec, bypassing access_ok and allowing a user to pass a kernel pointer to copy_from_user. Root cause is the __uaccess_begin_nospec handling. I...
kernel: Copy_from_user on 64-bit versions may leak kernel information
A vulnerability was found in copyfromuser in 64-bit versions of the Linux kernel. This flaw allows a local attacker to bypass the "accessok" sanity check and pass a kernel pointer to copyfromuser, resulting in kernel data leaking...