CVE-2022-27666 - Fedoraproject Fedora, Redhat Virtualization and Linux Linux Kernel

March 23, 2022

Critical 7.8

A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat.

Affected software

Fedoraproject Fedora

Redhat Virtualization

Linux Linux Kernel

Redhat Enterprise Linux

Reference links

https://bugzilla.redhat.com/show_bug.cgi?id=2061633
https://github.com/torvalds/linux/commit/ebe48d368e97d007bfeb76fcb065d6cfc4c96645

CVE-2022-27666 - Fedoraproject Fedora, Redhat Virtualization and Linux Linux Kernel

Affected software

Reference links

Get alerted to vulnerabilities in your software