Bug 1966 - [Anolis OS 7] Bugfix for CVE-2022-2978
Summary: [Anolis OS 7] Bugfix for CVE-2022-2978
Status: RESOLVED FIXED
Alias: None
Product: Anolis OS 7
Classification: Anolis OS
Component: BaseOS Packages (show other bugs) BaseOS Packages
Version: 7.7
Hardware: All Linux
: P3-Medium S3-normal
Target Milestone: ---
Assignee: xiaoguangwang
QA Contact: 杨晓旋
URL:
Whiteboard:
Keywords: CVE
Depends on:
Blocks:
 
Reported: 2022-08-25 10:52 UTC by 小龙
Modified: 2022-09-29 10:26 UTC (History)
2 users (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description 小龙 admin 2022-08-25 10:52:19 UTC
A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers function security_inode_alloc to fail with following call to function nilfs_mdt_destroy. A local user could use this flaw to crash the system or potentially escalate their privileges on the system.
Comment 2 xiaoguangwang alibaba_cloud_group 2022-09-29 10:26:32 UTC
https://gitee.com/anolis/cloud-kernel/pulls/668

修改补丁已经合入。