MiracleLinux 7 : kernel-3.10.0-1160.42.2.el7 (AXSA:2021-2411:20)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2411:20 advisory. kernel: use-after-free in route4change in net/sched/clsroute.c CVE-2021-3715 Tenable has extracted the preceding description block directly from the...

The vulnerability of the route4_change() function in the net/sched/cls_route.c module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information, or to enhance their privileges.

The vulnerability of the route4change function in the net/sched/clsroute.c module of the Linux kernel is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of protected...

kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation

A use-after-free flaw was found in route4change in the net/sched/clsroute.c filter implementation in the Linux kernel. This flaw allows a local user to crash the system and possibly lead to a local privilege escalation problem...

Important: kernel-livepatch-5.10.135-122.509

Issue Overview: A use-after-free flaw was found in route4change in the net/sched/clsroute.c filter implementation in the Linux kernel. This flaw allows a local user to crash the system and possibly lead to a local privilege escalation problem. CVE-2022-2588 Affected Packages:...

Important: kernel-livepatch-4.14.290-217.505

Issue Overview: A use-after-free flaw was found in route4change in the net/sched/clsroute.c filter implementation in the Linux kernel. This flaw allows a local user to crash the system and possibly lead to a local privilege escalation problem. CVE-2022-2588 Affected Packages:...

kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation

A use-after-free flaw was found in route4change in the net/sched/clsroute.c filter implementation in the Linux kernel. This flaw allows a local user to crash the system and possibly lead to a local privilege escalation problem...

kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation

A use-after-free flaw was found in route4change in the net/sched/clsroute.c filter implementation in the Linux kernel. This flaw allows a local user to crash the system and possibly lead to a local privilege escalation problem...

Important: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, i...

kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation

A use-after-free flaw was found in route4change in the net/sched/clsroute.c filter implementation in the Linux kernel. This flaw allows a local user to crash the system and possibly lead to a local privilege escalation problem...

kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation

A use-after-free flaw was found in route4change in the net/sched/clsroute.c filter implementation in the Linux kernel. This flaw allows a local user to crash the system and possibly lead to a local privilege escalation problem...

kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation

A use-after-free flaw was found in route4change in the net/sched/clsroute.c filter implementation in the Linux kernel. This flaw allows a local user to crash the system and possibly lead to a local privilege escalation problem...

kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation

A use-after-free flaw was found in route4change in the net/sched/clsroute.c filter implementation in the Linux kernel. This flaw allows a local user to crash the system and possibly lead to a local privilege escalation problem...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: i2c: Fix a potential use after free Free the adap structure only after we are done using it. This patch just moves the putdevice down a bit to avoid the use after free. wsa: added comment to the code, added Fixes...

Important: kernel

Issue Overview: An out-of-bounds read flaw was found in the Linux kernel's TeleTYpe subsystem. The issue occurs in how a user triggers a race condition using ioctls TIOCSPTLCK and TIOCGPTPEER and TIOCSTI and TCXONC with leakage of memory in the flushtoldisc function. This flaw allows a local user...

Updated kernel-linus packages fix security vulnerabilities

This kernel update is based on upstream 5.15.62 and fixes at least the following security issues: A use-after-free flaw was found in the Linux kernel Atheros wireless adapter driver in the way a user forces the ath9khtcwaitfortarget function to fail with some input messages. This flaw allows a...

The vulnerability of the route4_change function (net/sched/cls_route.c) in the Linux operating system allows a attacker to execute arbitrary code or cause the application to terminate abnormally.

The vulnerability of the route4change function in the Linux kernel’s net/sched/clsroute.c file is related to resource management errors. Exploiting this vulnerability can allow an attacker to cause an application to terminate abnormally or execute arbitrary code...

CVE-2022-2588

A use-after-free flaw was found in route4change in the net/sched/clsroute.c filter implementation in the Linux kernel. This flaw allows a local user to crash the system and possibly lead to a local privilege escalation problem. Mitigation Mitigation for this issue is either not available or the...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel route4change, which stems from reuse after release, allowing a locally privileged attacker to crash the system, potentially...

Security Bulletin: Linux Kernel vulnerability may affect IBM Spectrum Protect Plus (CVE-2021-3715)

Summary IBM Spectrum Protect Plus may be affected by a Linux Kernel vulnerability that allows an attacker to gain elevated privileges on the system. Vulnerability Details CVEID: CVE-2021-3715 DESCRIPTION: Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the...

bpftool, kernel, perf, python security update

CentOS Errata and Security Advisory CESA-2021:3438 An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...