1.0 Introduction
Linux kernel release a high-severity vulnerabilities in the Linux kernel’s eBPF framework.
2.0 Impact
These vulnerabilities could be exploited by an unauthenticated attacker to gain unauthorized access to affected systems.
3.0 Affected Products
- AF_XDP sockets versions > 4.18
4.0 Recommendations
CyberSecurity Malaysia encourages users and system administrators using the affected products above to update the products with the latest patches/updates from the product vendors.
Kindly refer to the following URLs for more information:
- https://github.com/google/security-research/security/advisories/GHSA-cqc2-6j63-6qrx
- https://github.com/google/security-research/security/advisories/GHSA-fphp-6498-x998
Generally, we advise the users to be updated with the latest security announcements by the vendor and follow best practice security policies to determine which updates should be applied.
For further enquiries, please contact the Cyber999 Incident Response Team through the following channels:
E-mail: cyber999[at]cybersecurity.my
Phone: 1-300-88-2999 (monitored during business hours)
Mobile: +60 19 2665850 (24x7 call incident reporting)
Business Hours: Mon - Fri 08:30 -17:30 MYT
Web: https://www.mycert.org.my
5.0 References