Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the reuse of the xfrm interface after release, which could lead to a double release...

Linux Distros Unpatched Vulnerability : CVE-2022-27666

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal...

SUSE CVE-2024-50142

In the Linux kernel, the following vulnerability has been resolved: xfrm: validate new SA's prefixlen using SA family when sel.family is unset This expands the validation introduced in commit 07bf7908950a "xfrm: Validate address prefix lengths in the xfrm selector." syzbot created an SA with...

SUSE-SU-2022:1182-1 Security update for the Linux Kernel (Live Patch 23 for SLE 12 SP4)

This update for the Linux Kernel 4.12.14-9583 fixes one issue. The following security issue was fixed: - CVE-2022-27666: Fixed a buffer overflow vulnerability in IPsec ESP transformation code. This flaw allowed a local attacker with a normal user privilege to overwrite kernel heap objects and may...

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-5358-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5358-1 advisory. It was discovered that the network traffic control implementation in the Linux kernel contained a use- after-free vulnerability. A local...

CVE-2022-0886

A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat. Mitigation The given exploit needs...