Описание
A flaw was found in the Linux kernel's Layer 2 Tunneling Protocol (L2TP). A missing lock when clearing sk_user_data can lead to a race condition and NULL pointer dereference. A local user could use this flaw to potentially crash the system causing a denial of service.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| linux | fixed | 6.1.4-1 | package | |
| linux | fixed | 5.10.178-1 | bullseye | package |
Примечания
https://lore.kernel.org/all/20221114191619.124659-1-jakub@cloudflare.com/t
https://git.kernel.org/linus/b68777d54fac21fc833ec26ea1a2a84f975ab035 (6.1-rc6)
https://git.kernel.org/linus/af295e854a4e3813ffbdef26dbb6a4d6226c3ea1 (6.1-rc7)
EPSS
Связанные уязвимости
A flaw was found in the Linux kernel's Layer 2 Tunneling Protocol (L2TP). A missing lock when clearing sk_user_data can lead to a race condition and NULL pointer dereference. A local user could use this flaw to potentially crash the system causing a denial of service.
A flaw was found in the Linux kernel's Layer 2 Tunneling Protocol (L2TP). A missing lock when clearing sk_user_data can lead to a race condition and NULL pointer dereference. A local user could use this flaw to potentially crash the system causing a denial of service.
A flaw was found in the Linux kernel's Layer 2 Tunneling Protocol (L2TP). A missing lock when clearing sk_user_data can lead to a race condition and NULL pointer dereference. A local user could use this flaw to potentially crash the system causing a denial of service.
A flaw was found in the Linux kernel's Layer 2 Tunneling Protocol (L2TP). A missing lock when clearing sk_user_data can lead to a race condition and NULL pointer dereference. A local user could use this flaw to potentially crash the system causing a denial of service.
Уязвимость реализации протокола Layer 2 Tunneling Protocol (L2TP) ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
EPSS