USN-4884-1: Linux kernel (OEM) vulnerabilities

Loris Reiff discovered that the BPF implementation in the Linux kernel did
not properly validate attributes in the getsockopt BPF hook. A local
attacker could possibly use this to cause a denial of service (system
crash). (CVE-2021-20194)

It was discovered that the priority inheritance futex implementation in the
Linux kernel contained a race condition, leading to a use-after-free
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2021-3347)

It was discovered that the network block device (nbd) driver in the Linux
kernel contained a use-after-free vulnerability during device setup. A
local attacker with access to the nbd device could use this to cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2021-3348)

Smash a Button
[Total: 0 Average: 0]
Get PDFPrint This
About Me: I'm just some retired dude with a little bit more free time on my hands. If you want to support the site, why not help yourself out too by ordering some inexpensive web hosting so that you can start your own site?


Author: Admin

I'm a retired mathematician that has a fondness for Linux and many (not all) things tech. I'm an old-school geek that just enjoys the life he has. I live in a very, very rural area of Maine.

Leave a Reply

Your email address will not be published. Required fields are marked *

Linux Tips
Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 International License.
SITEMAP