A use-after-free vulnerability was found in alloc_ucounts in kernel/ucount.c in the Linux kernel. In this flaw, a local attacker with unprivileged user namespaces may lead to a privilege escalation problem. Reference: https://www.openwall.com/lists/oss-security/2022/01/29/1 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f9d87929d451d3e649699d0f1d74f71f77ad38f5
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 2048493]
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2022-24122