Описание
Security update for the Linux Kernel (Live Patch 52 for SLE 12 SP5)
This update for the Linux Kernel 4.12.14-122_189 fixes one issue.
The following security issue was fixed:
- CVE-2024-1086: Fixed a use-after-free vulnerability inside the nf_tables component that could have been exploited to achieve local privilege escalation (bsc#1219435).
Список пакетов
SUSE Linux Enterprise Live Patching 12 SP5
kgraft-patch-4_12_14-122_189-default-5-2.1
Ссылки
- Link for SUSE-SU-2024:1401-1
- E-Mail link for SUSE-SU-2024:1401-1
- SUSE Security Ratings
- SUSE Bug 1219435
- SUSE CVE CVE-2024-1086 page
Описание
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cause a double free vulnerability when NF_DROP is issued with a drop error which resembles NF_ACCEPT. We recommend upgrading past commit f342de4e2f33e0e39165d8639387aa6c19dff660.
Затронутые продукты
SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_189-default-5-2.1
Ссылки
- CVE-2024-1086
- SUSE Bug 1219434
- SUSE Bug 1219435
- SUSE Bug 1224298
- SUSE Bug 1224878
- SUSE Bug 1226066