A flaw in the Linux Kernel Flower classifier found. If local user creates some specific rules for networking packets classifier and then few malicious packets being received, it can lead to kernel crash and potential privileges escalation. Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/sched?id=4d56304e5827c8cc8cc18c75343d283af7c4825c
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 2214025]
This was fixed for Fedora with the 6.3.7 stable kernel update.
(In reply to Alex from comment #0) > A flaw in the Linux Kernel Flower classifier found. If local user creates > some specific rules for networking packets classifier and then few malicious > packets being received, it can lead to kernel crash and potential privileges > escalation. I get the point that the system may be configured in a vulnerable state without the user knowing it, but I wonder how this can lead to privilege escalation in this situation.
*** This bug has been marked as a duplicate of bug 2215768 ***