Описание
network backend may cause Linux netfront to use freed SKBs While adding logic to support XDP (eXpress Data Path), a code label was moved in a way allowing for SKBs having references (pointers) retained for further processing to nevertheless be freed.
An incomplete cleanup flaw was found in the Linux kernel’s Xen networking XDP (eXpress Data Path) subsystem. This flaw allows a local user to crash the system.
Отчет
Keeping this flaw Moderate, because only a denial of service is possible (A:H) as result of memory leak problem. The memory leak can happen because instead of removing skb, keeping it in the networking stack forever. The CVSS score is higher, than usually for Moderate, because kept "C:H" and "I:H" too in case maybe potentially would be possible privilege escalation too.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | kernel | Not affected | ||
| Red Hat Enterprise Linux 7 | kernel | Not affected | ||
| Red Hat Enterprise Linux 7 | kernel-rt | Not affected | ||
| Red Hat Enterprise Linux 8 | kernel | Not affected | ||
| Red Hat Enterprise Linux 8 | kernel-rt | Not affected | ||
| Red Hat Enterprise Linux 9 | kernel | Fixed | RHSA-2023:2458 | 09.05.2023 |
| Red Hat Enterprise Linux 9 | kernel-rt | Fixed | RHSA-2023:2148 | 09.05.2023 |
| Red Hat Enterprise Linux 9 | kernel | Fixed | RHSA-2023:2458 | 09.05.2023 |
Показывать по
Ссылки на источники
Дополнительная информация
Статус:
7.8 High
CVSS3
Связанные уязвимости
network backend may cause Linux netfront to use freed SKBs While adding logic to support XDP (eXpress Data Path), a code label was moved in a way allowing for SKBs having references (pointers) retained for further processing to nevertheless be freed.
network backend may cause Linux netfront to use freed SKBs While adding logic to support XDP (eXpress Data Path), a code label was moved in a way allowing for SKBs having references (pointers) retained for further processing to nevertheless be freed.
network backend may cause Linux netfront to use freed SKBs While addin ...
network backend may cause Linux netfront to use freed SKBs While adding logic to support XDP (eXpress Data Path), a code label was moved in a way allowing for SKBs having references (pointers) retained for further processing to nevertheless be freed.
7.8 High
CVSS3