GreySyntax Posted February 20, 2019 Share Posted February 20, 2019 (edited) "In the Linux kernel through 4.20.10, af_alg_release() in crypto/af_alg.c neglects to set a NULL value for a certain structure member, which leads to a use-after-free in sockfs_setattr." https://nvd.nist.gov/vuln/detail/CVE-2019-8912 Details on impacted kernels: https://www.securityfocus.com/bid/107063 Edited February 20, 2019 by GreySyntax Quote Link to comment
GreySyntax Posted February 20, 2019 Author Share Posted February 20, 2019 Looking at the changelogs the fix is still only in linux-next Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.