A vulnerability exists in the memory management subsystem of the Linux kernel. The lock handling for accessing and updating virtual memory areas (VMAs) is incorrect, leading to use-after-free problems. This issue can be successfully exploited to execute arbitrary kernel code, escalate containers, and gain root privileges.
| Version | Score | Severity | Vector String |
|---|---|---|---|
| 3.1 | 7.8 | High | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H |
| Product | Vendor | Version |
|---|---|---|
| Fedora | Fedora | QCA6595 |
| Red Hat Enterprise Linux 6 | Red Hat | QCA6426 |
| Red Hat Enterprise Linux 7 | Red Hat | QCA6430 |
| Red Hat Enterprise Linux 8 | Red Hat | QCA6436 |
| Red Hat Enterprise Linux 9 | Red Hat | QCA6574A |
| Red Hat Enterprise Linux 8 | Red Hat | QCA6574 |
| Red Hat Enterprise Linux 7 | Red Hat | QCA6431 |
| Red Hat Enterprise Linux 9 | Red Hat | QCA6574AU |
| kernel | n/a | QCA6421 |