14 lines
1.4 KiB
JSON
14 lines
1.4 KiB
JSON
{
|
|
"id": "openEuler-SA-2023-1152",
|
|
"url": "https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2023-1152",
|
|
"title": "An update for kernel is now available for openEuler-22.03-LTS",
|
|
"severity": "Important",
|
|
"description": "The Linux Kernel, the operating system core itself.\r\n\r\nSecurity Fix(es):\r\n\r\nDue to a vulnerability in the io_uring subsystem, it is possible to leak kernel memory information to the user process. timens_install calls current_is_single_threaded to determine if the current process is single-threaded, but this call does not consider io_uring's io_worker threads, thus it is possible to insert a time namespace's vvar page to process's memory space via a page fault. When this time namespace is destroyed, the vvar page is also freed, but not removed from the process' memory, and a next page allocated by the kernel will be still available from the user-space process and can leak memory contents via this (read-only) use-after-free vulnerability. We recommend upgrading past version 5.10.161 or commit 788d0824269bef539fe31a785b1517882eafed93 https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/io_uring(CVE-2023-23586)\r\n\r\nIn the Linux kernel 6.0.8, there is an out-of-bounds read in ntfs_attr_find in fs/ntfs/attrib.c.(CVE-2023-26607)",
|
|
"cves": [
|
|
{
|
|
"id": "CVE-2023-26607",
|
|
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26607",
|
|
"severity": "Moderate"
|
|
}
|
|
]
|
|
} |