vulnerability
Oracle Linux: CVE-2022-33743: ELSA-2023-2458: kernel security, bug fix, and enhancement update (IMPORTANT) (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:L/AC:L/Au:S/C:C/I:C/A:C) | 07/04/2022 | 07/22/2024 | 11/29/2024 |
Severity
7
CVSS
(AV:L/AC:L/Au:S/C:C/I:C/A:C)
Published
07/04/2022
Added
07/22/2024
Modified
11/29/2024
Description
network backend may cause Linux netfront to use freed SKBs While adding logic to support XDP (eXpress Data Path), a code label was moved in a way allowing for SKBs having references (pointers) retained for further processing to nevertheless be freed.
An incomplete cleanup flaw was found in the Linux kernel’s Xen networking XDP (eXpress Data Path) subsystem. This flaw allows a local user to crash the system.
An incomplete cleanup flaw was found in the Linux kernel’s Xen networking XDP (eXpress Data Path) subsystem. This flaw allows a local user to crash the system.
Solution
oracle-linux-upgrade-kernel
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.