Kernel Live Patch Security Notice LSN-0025-1
https://packetstormsecurity.com/files/143381/LSN-0025-1.txt
https://packetstormsecurity.com/files/143381/LSN-0025-1.txthttps://packetstormsecurity.com/files/143381/Kernel-Live-Patch-Security-Notice-LSN-0025-1.htmlSun, 16 Jul 2017 14:44:44 GMTAndrey Konovalov discovered a use-after-free vulnerability in the DCCP implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly gain administrative privileges. It was discovered that the stack guard page for processes in the Linux kernel was not sufficiently large enough to prevent overlapping with the heap. An attacker could leverage this with another vulnerability to execute arbitrary code and gain administrative privileges. Various other vulnerabilities were addressed.