May 15, 2024, 3:15 p.m. |

Ubuntu security notices ubuntu.com

It was discovered that the Open vSwitch implementation in the Linux kernel
could overflow its stack during recursive action operations under certain
conditions. A local attacker could use this to cause a denial of service
(system crash). (CVE-2024-1151)

Sander Wiebing, Alvise de Faveri Tron, Herbert Bos, and Cristiano Giuffrida
discovered that the Linux kernel mitigations for the initial Branch History
Injection vulnerability (CVE-2022-0001) were insufficient for Intel
processors. A local attacker could potentially use this to expose sensitive
information. (CVE-2024-2201) …

action attacker conditions crash cve cve-2024 denial of service implementation kernel linux linux kernel linux kernel vulnerabilities local mitigations operations overflow service stack system tron under usn vulnerabilities

Sr. Product Manager

@ MixMode | Remote, US

Information Security Engineers

@ D. E. Shaw Research | New York City

Assoc/Mid ET P&C Control System Field Compliance Analyst (Glen Allen, VA)

@ Dominion Energy | GLEN ALLEN, VA, US, 23060

Technology Risk & Controls Lead- PCI Compliance

@ JPMorgan Chase & Co. | Plano, TX, United States

Editor, Compliance Risk and Diligence

@ Kroll | Manila, Philippines

KGS - KDN IAM Associate Consultant - Bengaluru

@ KPMG India | Bengaluru, Karnataka, India