Kotsi (CVE-2022-3977) e khethiloe ho Linux kernel, e ka sebelisoang ke mosebelisi oa lehae ho eketsa litokelo tsa bona tsamaisong. Bofokoli bo hlaha ho tloha ho kernel 5.18 mme bo ne bo lokisitsoe lekaleng la 6.1. Ponahalo ea ho lokisoa ha li-distributions e ka fumanoa maqepheng: Debian, Ubuntu, Gentoo, RHEL, SUSE, Arch.
Ho ba kotsing ho teng ts'ebetsong ea protocol ea MCTP (Management Component Transport Protocol), e sebelisetsoang ho sebelisana pakeng tsa balaoli ba tsamaiso le lisebelisoa tse amanang le tsona. Kotsi e bakoa ke boemo ba morabe ho mctp_sk_unhash() ts'ebetso, e lebisang ho ts'ebeliso ea morao-rao ea mahala ha o romella kopo ea ioctl ea DROPTAG ka nako e ts'oanang le ho koala sokete.
Source: opennet.ru