Описание
A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. This issue could allow the leakage of both stack and heap addresses, and potentially allow Local Privilege Escalation to the root user via arbitrary code execution.
Меры по смягчению последствий
This flaw can be mitigated by disabling unprivileged user namespaces will prevent exploitation:
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | kernel | Not affected | ||
| Red Hat Enterprise Linux 7 | kernel | Not affected | ||
| Red Hat Enterprise Linux 7 | kernel-rt | Not affected | ||
| Red Hat Enterprise Linux 8 | kernel | Not affected | ||
| Red Hat Enterprise Linux 8 | kernel-rt | Not affected | ||
| Red Hat Enterprise Linux 9 | kernel | Fixed | RHSA-2023:0951 | 28.02.2023 |
| Red Hat Enterprise Linux 9 | kernel-rt | Fixed | RHSA-2023:0979 | 28.02.2023 |
| Red Hat Enterprise Linux 9 | kernel | Fixed | RHSA-2023:0951 | 28.02.2023 |
| Red Hat Enterprise Linux 9 | kpatch-patch | Fixed | RHSA-2023:1008 | 28.02.2023 |
| Red Hat Enterprise Linux 9.0 Extended Update Support | kernel | Fixed | RHSA-2023:1202 | 14.03.2023 |
Показывать по
Дополнительная информация
Статус:
EPSS
7.8 High
CVSS3
Связанные уязвимости
A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. This issue could allow the leakage of both stack and heap addresses, and potentially allow Local Privilege Escalation to the root user via arbitrary code execution.
A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. This issue could allow the leakage of both stack and heap addresses, and potentially allow Local Privilege Escalation to the root user via arbitrary code execution.
A buffer overflow vulnerability was found in the Netfilter subsystem i ...
Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP4)
EPSS
7.8 High
CVSS3