๐ Kernel Live Patch Security Notice LSN-0075-1
๐ก Newskategorie: IT Security Tools
๐ Quelle: packetstormsecurity.com
Piotr Krysiuk discovered that the BPF subsystem in the Linux kernel did not properly apply speculative execution limits on some pointer types. A local attacker could use this to expose sensitive information (kernel memory). It was discovered that the memory management subsystem in the Linux kernel did not properly handle copy-on-write operations in some situations. A local attacker could possibly use this to gain unintended write access to read-only memory pages. Various other issues were also addressed. ...