Davide Ornaghi discovered that the netfilter subsystem in the Linux kernel
did not properly handle VLAN headers in some situations. A local attacker
could use this to cause a denial of service (system crash) or possibly
execute arbitrary code.(CVE-2023-0179)
It was discovered that the Upper Level Protocol (ULP) subsystem in the
Linux kernel did not properly handle sockets entering the LISTEN state in
certain protocols, leading to a use-after-free vulnerability. A local
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code.(CVE-2023-0461)
More Stories
DSA-5688-1 atril – security update
It was discovered that missing input sanitising in the Atril document viewer could result in writing arbitrary files in the...
chromium-124.0.6367.201-1.el9
FEDORA-EPEL-2024-6f1c3198f5 Packages in this update: chromium-124.0.6367.201-1.el9 Update description: update to 124.0.6367.201 * High CVE-2024-4671: Use after free in Visuals update...