Marked by the Red Hat Product Security as having a security impact of “Important,” the new Linux kernel security patch addresses a buffer overflow flaw (CVE-2019-14835) discovered in Linux kernel’s vhost (virtual host) functionality, which apparently could allow a privileged guest user to escalate his/her privileges on the host system by passing descriptors with invalid length during migration.
“A buffer overflow flaw was found in the way Linux kernel’s vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to… (read more)
Remember to like our facebook and our twitter @ubuntufree for a chance to win a free Ubuntu laptop by Dell or HP!
Top Trending Pages: Ubuntu Hosting | Download Ubuntu Software | Share Ubuntu Files With Windows