Vegard Nossum

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 6.9.0-rc3+ #365 **Description** The vulnerability is related to a memleak in the netfilter nf tables module. The delete set command does not rely on the transaction object for element removal, which could result in restoring twice the refcount of the mapping when a combination of delete element and delete set commands are used from the abort path. The issue is resolved by checking for inactive elements in the next generation for the delete element command in the abort path and skipping the restoration of state if the next generation bit has been already cleared. **Recommendations** To resolve the issue, update the Linux kernel to a version that includes the fix for the netfilter nf tables memleak vulnerability. Specifically, update to a version later than 6.9.0-rc3+ #365.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 5.15.0-rc4+ **Description** The issue is related to the x86/entry component of the Linux kernel, where a warning can still trigger on a machine that supports SMAP but has it disabled in the kernel config. This warning is related to the `irqentry enter from user mode` function and can be triggered when running the `syscall nt` selftest. The warning is caused by the `AC` flag being set when in the kernel, and it can be mitigated by clearing the `X86 FEATURE SMAP` feature when `CONFIG X86 SMAP` is not enabled. **Recommendations** To resolve the issue, update the Linux kernel to a version that includes the fix for this issue. As a temporary workaround, consider disabling the `irqentry enter from user mode` function until a patch is available. Restrict access to the `syscall nt` selftest to minimize the risk of exploitation. Avoid using the `nosmap` parameter at boot time until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 4.7.1 **Description** The issue is related to a use-after-free vulnerability in the disk seqf stop function. This vulnerability allows local users to gain privileges by executing a certain stop operation, even if the corresponding start operation had failed. **Recommendations** For Linux kernel versions prior to 4.7.1, update to version 4.7.1 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 4.6.5 **Description** The issue concerns the apparmor setprocattr function in the Linux kernel, which does not validate the buffer size. This allows local users to gain privileges by triggering an AppArmor setprocattr hook. **Recommendations** For Linux kernel versions prior to 4.6.5, update to version 4.6.5 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 2.6.37 **Description** The issue is related to a memory leak in the inotify init1 function, which can be exploited by local users to cause a denial of service through memory consumption. This can be achieved via vectors involving failed attempts to create files. **Recommendations** For Linux kernel versions prior to 2.6.37, update to version 2.6.37 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions 2.6.9 Red Hat Enterprise Linux kernel versions 2.6.9 CentOS kernel versions 2.6.9 **Description** The issue affects the Linux kernel and can lead to a disruption of confidentiality, integrity, and availability of protected information. Exploitation of the vulnerabilities can be done remotely. The wait for unix gc function in net/unix/garbage.c does not properly select times for garbage collection of inflight sockets, allowing local users to cause a denial of service via crafted use of the socketpair and sendmsg system calls for SOCK SEQPACKET sockets. **Recommendations** For Linux kernel version 2.6.9, update to a version after 2.6.37-rc3-next-20101125. For Red Hat Enterprise Linux kernel version 2.6.9, update to a version after 2.6.37-rc3-next-20101125. For CentOS kernel version 2.6.9, update to a version after 2.6.37-rc3-next-20101125. As a temporary workaround, consider restricting access to the vulnerable kernel functions until a patch is available.