Use After Free Affecting torvalds/linux package, versions [0,v6.0-rc1)


0.0
high

Snyk CVSS

    Exploit Maturity Mature
    Attack Complexity Low
    Confidentiality High
    Integrity High
    Availability High
Expand this section
RHEL
7.8 high
Expand this section
SUSE
7.8 high

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
  • Snyk ID SNYK-UNMANAGED-TORVALDSLINUX-3027432
  • published 20 Sep 2022
  • disclosed 20 Sep 2022
  • credit Zhenpeng Lin

How to fix?

Upgrade torvalds/linux to version v6.0-rc1 or higher.

Overview

Affected versions of this package are vulnerable to Use After Free in route4_change which allows a local user to crash the system and possibly lead to a local privilege escalation problem.