We found results for “”
WS-2021-0449
Good to know:
Date: November 29, 2021
In Linux/Kernel is vulnerable to integer overflow in prealloc_elems_and_freelist() in kernel/bpf/stackmap.c
Language: C
Severity Score
Severity Score
Weakness Type (CWE)
Missing Release of Memory after Effective Lifetime
CWE-401Top Fix
Upgrade Version
Upgrade to version Linux/Kernel -v5.14.12, v5.10.73, v5.4.153, v4.19.211, v4.14.251, v4.9.288, v5.15-rc5
CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | LOCAL |
Attack Complexity (AC): | LOW |
Privileges Required (PR): | NONE |
User Interaction (UI): | NONE |
Scope (S): | UNCHANGED |
Confidentiality (C): | LOW |
Integrity (I): | LOW |
Availability (A): | NONE |