Linux Kernel Use-After-Free Vulnerability

Description: A kernel use-after-free vulnerability was identified in the XFRM netlink subsystem.There is an out-of-bounds array access in __xfrm_policy_unlink, which causes denial of service, because verify_newpolicy_info in net/xfrm/xfrm_user.c mishandles directory validation. This vulnerability also leads to local privilege escalation.This issue was assigned under CVE-2019-15666. For more details about the vulnerability please visit here. Affected Products: … Continue reading “Linux Kernel Use-After-Free Vulnerability”