Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read and copying it into a socket.
CVSS Information
N/A
Vulnerability Type
加锁机制不恰当
Vulnerability Title
Linux kernel 缓冲区错误漏洞
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于当多个对 xfrm_probe_algs 的调用同时发生时,在 Linux 内核的用于转换数据包的 IP 框架(XFRM 子系统)中发现了竞争条件,攻击者利用该漏洞可以触发越界写入或泄漏内核堆内存。
CVSS Information
N/A
Vulnerability Type
N/A