USN-5567-1: Linux kernel (OEM) vulnerabilities
USN-5567-1: Linux kernel (OEM) vulnerabilities Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-2588) It was discovered that the netfilter subsystem of the Linux kernel did not prevent one nft object from referencing an nft set in another nft table, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-2586) It was discovered that the implementation of POSIX timers in the Linux kernel did not properly clean up timers in some situations. A local attacker could use this to cause a denial of service (system crash) or [ more… ]