ALT-PU-2023-1220-1
Package kernel-image-un-def updated to version 6.1.11-alt1 for branch sisyphus in task 314943.
Closed vulnerabilities
Published: 2023-01-30
BDU:2023-02624
Уязвимость реализации сетевого протокола NET/ROM ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность данных.
Severity: MEDIUM (6.7)
Vector: AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2023-05-05
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2023-32269
An issue was discovered in the Linux kernel before 6.1.11. In net/netrom/af_netrom.c, there is a use-after-free because accept is also allowed for a successfully connected AF_NETROM socket. However, in order for an attacker to exploit this, the system must have netrom routing configured or the attacker must have the CAP_NET_ADMIN capability.
Severity: MEDIUM (6.7)
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
References: