Описание
A use-after-free flaw was found in the Linux kernel’s pipes functionality in how a user performs manipulations with the pipe post_one_notification() after free_pipe_info() that is already called. This flaw allows a local user to crash or potentially escalate their privileges on the system.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| linux | fixed | 5.18.16-1 | package | |
| linux | fixed | 5.10.136-1 | bullseye | package |
| linux | not-affected | buster | package | |
| linux | not-affected | stretch | package |
Примечания
https://bugzilla.redhat.com/show_bug.cgi?id=2089701
https://lore.kernel.org/lkml/20220507115605.96775-1-tcs.kernel@gmail.com/T/
https://ssd-disclosure.com/ssd-advisory-linux-config_watch_queue-lpe/
CONFIG_WATCH_QUEUE is not enabled in Debian builds
EPSS
Связанные уязвимости
A use-after-free flaw was found in the Linux kernel’s pipes functionality in how a user performs manipulations with the pipe post_one_notification() after free_pipe_info() that is already called. This flaw allows a local user to crash or potentially escalate their privileges on the system.
A use-after-free flaw was found in the Linux kernel’s pipes functionality in how a user performs manipulations with the pipe post_one_notification() after free_pipe_info() that is already called. This flaw allows a local user to crash or potentially escalate their privileges on the system.
A use-after-free flaw was found in the Linux kernel’s pipes functionality in how a user performs manipulations with the pipe post_one_notification() after free_pipe_info() that is already called. This flaw allows a local user to crash or potentially escalate their privileges on the system.
A flaw use after free in the Linux kernel pipes functionality was found in the way user do some manipulations with pipe ex. with the post_one_notification() after free_pipe_info() already called. A local user could use this flaw to crash the system or potentially escalate their privileges on the system.
EPSS