2 matches found
AZL-34155 CVE-2024-1086 affecting package kernel for versions less than 5.15.153.1-1
A use-after-free vulnerability in the Linux kernel's netfilter: nftables component can be exploited to achieve local privilege escalation. The nftverdictinit function allows positive values as drop error within the hook verdict, and hence the nfhookslow function can cause a double free...
AZL-33890 CVE-2024-0646 affecting package kernel for versions less than 5.15.153.1-1
An out-of-bounds memory write flaw was found in the Linux kernel’s Transport Layer Security functionality in how a user calls a function splice with a ktls socket as the destination. This flaw allows a local user to crash or potentially escalate their privileges on the system...