Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
In arch/x86/lib/insn-eval.c in the Linux kernel before 5.1.9, there is a use-after-free for access to an LDT entry because of a race condition between modify_ldt() and a #BR exception for an MPX bounds violation.
- http://packetstormsecurity.com/files/154408/Kernel-Live-Patch-Security-Notice-LSN-0055-1.html
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.9
- https://usn.ubuntu.com/4117-1/
- https://usn.ubuntu.com/4118-1/
- https://github.com/Sec20-Paper310/Paper310