Kua kitea he whakaraeraetanga (CVE-2022-3977) i roto i te kernel Linux, ka taea pea te whakamahi e tetahi kaiwhakamahi rohe ki te whakanui ake i o raatau mana ki te punaha. Ka puta mai te whakaraeraetanga mai i te kernel 5.18 ka whakatikahia ki te peka 6.1. Ko te ahua o te whakatika i nga tohatoha ka taea te tirotiro i nga wharangi: Debian, Ubuntu, Gentoo, RHEL, SUSE, Arch.
Ko te whakaraeraetanga kei roto i te whakatinanatanga o te kawa MCTP (Management Component Transport Protocol), e whakamahia ana mo te taunekeneke i waenga i nga kaiwhakahaere whakahaere me nga taputapu hono. Ko te whakaraeraetanga i puta mai i tetahi ahuatanga iwi i roto i te mahi mctp_sk_unhash(), e arai ana ki te uru mahara kore-muri-kore i te wa e tukuna ana he tono DROPTAG ioctl i te wa kotahi me te kati i te turanga.
Source: opennet.ru