Описание
A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | kernel | Not affected | ||
| Red Hat Enterprise Linux 6 | kernel | Not affected | ||
| Red Hat Enterprise Linux 7 | kernel-rt | Fixed | RHSA-2019:1891 | 29.07.2019 |
| Red Hat Enterprise Linux 7 | kernel | Fixed | RHSA-2019:1873 | 29.07.2019 |
| Red Hat Enterprise Linux 7 | kernel-alt | Fixed | RHSA-2020:2854 | 07.07.2020 |
| Red Hat Enterprise Linux 7.4 Extended Update Support | kernel | Fixed | RHSA-2019:2696 | 12.09.2019 |
| Red Hat Enterprise Linux 8 | kernel-rt | Fixed | RHSA-2019:3309 | 05.11.2019 |
| Red Hat Enterprise Linux 8 | kernel | Fixed | RHSA-2019:3517 | 05.11.2019 |
| Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions | kernel | Fixed | RHSA-2020:0204 | 22.01.2020 |
| Red Hat Enterprise MRG 2 | kernel-rt | Fixed | RHSA-2019:2730 | 11.09.2019 |
Показывать по
Дополнительная информация
Статус:
EPSS
6.5 Medium
CVSS3
Связанные уязвимости
A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out.
A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out.
A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares ...
Security update for the Linux Kernel (Live Patch 25 for SLE 12 SP2)
Security update for the Linux Kernel (Live Patch 35 for SLE 12)
EPSS
6.5 Medium
CVSS3