[SRU OEM-5.17,OEM-6.0 0/1] CVE-2023-32269
Thadeu Lima de Souza Cascardo
cascardo at canonical.com
Mon Jul 31 20:25:35 UTC 2023
[Impact]
It was discovered that the NET/ROM protocol implementation in the Linux
kernel contained a race condition in some situations, leading to a use-
after-free vulnerability. A local attacker could use this to cause a denial
of service (system crash) or possibly execute arbitrary code.
[Potential regression]
NET/ROM users may notice regressions, specially if trying to listen to
reused sockets.
Hyunwoo Kim (1):
netrom: Fix use-after-free caused by accept on already connected
socket
net/netrom/af_netrom.c | 5 +++++
1 file changed, 5 insertions(+)
--
2.34.1
More information about the kernel-team
mailing list