Heap buffer overflow vulnerability has been found in Linux kernel RHEL 8 and derivatives, CVE-2022-0185, in the legacy_parse_param function in the Filesystem Context functionality of the Linux kernel and the way it verifies the supplied parameters length which could be used for privilege escalation.
Kernel update is required or you can apply a mitigation that involves disabling user namespaces on the system. Details on the vulnerability can be found in the SVG advisory.
Recent Comments