kernel/ucount.c in the Linux kernel 5.14 through 5.16.4, when unprivileged user namespaces are enabled, allows a use-after-free and privilege escalation because a ucounts object can outlive its namespace.
Priority: Normal => HighSeverity: normal => critical
CVE: (none) => CVE-2022-24122CC: (none) => 79625490833
The problem has been manifested since the Linux kernel 5.14 and will be fixed in updates 5.16.5 and 5.15.19.
Already patched in our testing version :) https://bugs.mageia.org/show_bug.cgi?id=29960#c11 With your energy it would be nice to have you onboard. Have you considered joining? *** This bug has been marked as a duplicate of bug 29960 ***
CC: (none) => friResolution: (none) => DUPLICATEStatus: NEW => RESOLVED
good idea. I'll probably use it.
Welcome. https://wiki.mageia.org/en/Contributing Join a mail list and say you are here :)