Read Time:27 Second
It was discovered that the network traffic control implementation in the
Linux kernel contained a use-after-free vulnerability. A local attacker
could use this to cause a denial of service (system crash) or possibly
execute arbitrary code. (CVE-2022-1055)
It was discovered that the IPsec implementation in the Linux kernel did not
properly allocate enough memory when performing ESP transformations,
leading to a heap-based buffer overflow. A local attacker could use this to
cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2022-27666)