A memory leak flaw was found in the Linux kernel’s io_uring functionality in how a user registers a buffer ring with IORING_REGISTER_PBUF_RING, mmap() it, and then frees it. This flaw allows a local user to crash or potentially escalate their privileges on the system.
CVE | Severity | CVSS | Product(s) Affected |
---|---|---|---|
CVE-2024-0582 | High | 7.8 | Linux Kernel - From (including) 6.4, Up to (excluding) 6.6.5 |
There is no evidence of exploitation affecting Western Australian Government networks at the time of publishing.
The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe of one month... (refer Patch Management):