Oracle has announced the release of Critical Patch Update for January 2019. In this update, there are some critical vulnerabilities fixed. Among those, one of the major issues was the one found in Linux Kernel. An attacker can exploit this vulnerability using a remote code execution attack.
A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211045 was assigned to this vulnerability.
Vulnerability details
An attacker can use this vulnerability to create a denial-of-service (DoS) condition. To execute the attack, an attacker needs write access to the memory of a process running on the victim machine. The attacker can exploit this vulnerability using a remote code execution attack.
Note: This is not considered a security issue for versions of Linux Kernel before 4.14.
Vulnerable Software
Linux Kernel
IPsec
Vulnerability Finding Tools for Oracle Critical Patch Update
There are some vulnerabilities found in the Critical Patch Update from Oracle. The release of this update is expected to be on January 23, 2019.
To make sure that your business is not affected by these vulnerabilities, you can use vulnerability finding tools for Oracle Critical Patch Update. These tools will show you what vulnerabilities were fixed and which are still unnoticed.
Timeline
Published on: 10/17/2022 12:15:00 UTC
Last modified on: 10/19/2022 04:26:00 UTC