发布于3月6日3月6日 Members Oracle Linux: CVE-2023-52801: ELSA-2024-6567:kernel security update (MODERATE) (Multiple Advisories) Severity 4 CVSS (AV:L/AC:L/Au:M/C:N/I:N/A:C) Published 05/21/2024 Created 10/24/2024 Added 10/16/2024 Modified 01/07/2025 Description In the Linux kernel, the following vulnerability has been resolved: iommufd: Fix missing update of domains_itree after splitting iopt_area In iopt_area_split(), if the original iopt_area has filled a domain and is linked to domains_itree, pages_nodes have to be properly reinserted. Otherwise the domains_itree becomes corrupted and we will UAF. Solution(s) oracle-linux-upgrade-kernel References https://attackerkb.com/topics/cve-2023-52801 CVE - 2023-52801 ELSA-2024-6567
