A flaw in Linux Kernel found. A use-after-free vulnerabilities caused by rose_t0timer_expiry in net/rose/rose_route.c of linux can lead to Linux Kernel crash or potentially privileges escalation. Attackers can use an active rose network interface, then, call close(), bind(), connect() and write() syscalls to crash Linux kernel. Reference: https://github.com/torvalds/linux/commit/148ca04518070910739dfc4eeda765057856403d
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 2117259]
This was fixed for Fedora with the 5.18.11 stable kernel updates.
*** This bug has been marked as a duplicate of bug 2104114 ***