kernel CVE-2022-36879

Moderate

arnaldo2792 published GHSA-j8qh-3ff4-2pj6

Oct 13, 2022

Package

kernel-5.10 (bottlerocket)

Affected versions

< 1.10.0

Patched versions

1.10.0

kernel-5.15 (bottlerocket)

< 1.10.0

1.10.0

Description

An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice.