From: Steve Beattie
Date: Apr 8, 2020 7:59AM
It was discovered that the IPMI message handler implementation in the Linux
kernel did not properly deallocate memory in certain situations. A local
attacker could use this to cause a denial of service (kernel memory
exhaustion). (CVE-2019-19046)
Al Viro discovered that the vfs layer in the Linux kernel contained a use-
after-free vulnerability. A local attacker could use this to cause a denial
of service (system crash) or possibly expose sensitive information (kernel
memory). (CVE-2020-8428)
References:
https://usn.ubuntu.com/4325-1
CVE-2019-19046, CVE-2020-8428
沒有留言:
張貼留言