A use-after-free flaw was found in the Linux kernel’s TLS protocol
functionality in how a user installs a tls context (struct tls_context)
on a connected TCP socket. The assigned CVE to this vulnerability is CVE-2023-0461.
This flaw allows a local user to crash or
potentially escalate their privileges on the system.
Site are expected to update the relevant components as soon as possible. Details on this vulnerability can be found in this SVG advisory.
Recent Comments