First published: Fri Sep 09 2022(Updated: )
A use-after-free vulnerability was found in the Linux kernel's vmwgfx driver in vmw_execbuf_tie_context. Systems making use of the vmwgfx driver are potentially affected by this flaw. Exploiting the bug would require an attacker to have access to either /dev/dri/card0 or /dev/dri/rendererD128 and be able to issue an ioctl() on the resulting file descriptor. Under certain circumstances a local unprivileged user could use this flaw to crash the system, causing a denial of service. Reference: <a href="https://bugzilla.openanolis.cn/show_bug.cgi?id=2075">https://bugzilla.openanolis.cn/show_bug.cgi?id=2075</a>
Credit: security@openanolis.org
Affected Software | Affected Version | How to fix |
---|---|---|
Linux Linux kernel | >=4.20<6.1.7 | |
Linux Linux kernel | =6.2-rc1 | |
Linux Linux kernel | =6.2-rc2 | |
Linux Linux kernel | =6.2-rc3 | |
Linux Linux kernel | =6.2-rc4 | |
IBM QRadar SIEM | <=7.5 - 7.5.0 UP8 IF01 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.