In __efi_rt_asm_wrapper of efi-rt-wrapper.S, there is a possible bypass of shadow stack protection due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. Reference: https://android.googlesource.com/kernel/common/+/ec6fe823507b2f6ef4a58f3a9bee9a5ec086c32c%5E%21/ https://source.android.com/docs/security/bulletin/2023-05-01
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:5091 https://access.redhat.com/errata/RHSA-2023:5091
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:5069 https://access.redhat.com/errata/RHSA-2023:5069