摘要:
A use-after-free flaw was found in the Linux kernel MCTP (Management Component Transport Protocol) functionality. This issue occurs when a user simultaneously calls DROPTAG ioctl and socket close happens, which could allow a local user to crash the system or potentially escalate their privileges on the system.
安全等级: Low
公告ID: KylinSec-SA-2022-2649
发布日期: 2022年11月25日
关联CVE: CVE-2022-3977
A use-after-free flaw was found in the Linux kernel MCTP (Management Component Transport Protocol) functionality. This issue occurs when a user simultaneously calls DROPTAG ioctl and socket close happens, which could allow a local user to crash the system or potentially escalate their privileges on the system.
| cve名称 | 产品 | 组件 | 是否受影响 |
|---|---|---|---|
| CVE-2022-3977 | KY3.4-4A | kernel | Unaffected |
| CVE-2022-3977 | KY3.4-5A | kernel | Unaffected |
| CVE-2022-3977 | KY3.5.1 | kernel | Unaffected |
