Описание
A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system.
Отчет
To trigger this issue, the user needs some privileges (for example, access to the sysctl files), but usually less than root or CAP_NET_ADMIN.
Меры по смягчению последствий
A possible workaround is preventing regular users from accessing sysctl files (such as /proc/sys/net/ipv4/tcp_rmem and similar). Also, preventing a user from increasing privileges with commands such as "unshare -rn" (that allows obtaining net namespace privileges required to access /proc/sys/net/ipv4/tcp_rmem).
Ссылки на источники
Дополнительная информация
Статус:
EPSS
7.8 High
CVSS3
Связанные уязвимости
A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system.
A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system.
A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem ...
A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system.
EPSS
7.8 High
CVSS3