Iwona Winiarska

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 5.14.6 **Description** An issue was discovered in the `aspeed lpc ctrl mmap` function in the Linux kernel, which could allow local attackers to overwrite memory in the kernel and potentially execute privileges. This occurs because a certain comparison uses values that are not memory sizes, leading to a buffer overflow in memory. The exploitation of this issue could allow an attacker to access confidential data, compromise data integrity, and cause a denial of service. **Recommendations** For Linux kernel versions prior to 5.14.6, update to version 5.14.6 or later to resolve the issue. As a temporary workaround, consider restricting access to the Aspeed LPC control interface to minimize the risk of exploitation.