Kernel Live Patch Security Notice LSN-0102-1

It was discovered that a race condition existed in the io_uring subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Lonial Con discovered that the netfilter subsystem in the Linux kernel contained a memory leak when handling certain element flush operations. A local attacker could use this to expose sensitive information (kernel memory). Various other issues were also addressed.

arbitrary code attacker code con crash denial of service free io_uring kernel linux linux kernel live local memory netfilter notice patch race race condition security security notice service subsystem system use-after-free vulnerability