It was discovered that the IPsec implementation in the Linux kernel did not properly allocate enough memory when performing ESP transformations, leading to a heap-based buffer overflow. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.
{ "availability": "No subscription required", "binaries": [ { "linux-headers-5.14.0-1031-oem": "5.14.0-1031.34", "linux-modules-5.14.0-1031-oem": "5.14.0-1031.34", "linux-oem-5.14-tools-host": "5.14.0-1031.34", "linux-image-unsigned-5.14.0-1031-oem-dbgsym": "5.14.0-1031.34", "linux-image-unsigned-5.14.0-1031-oem": "5.14.0-1031.34", "linux-oem-5.14-headers-5.14.0-1031": "5.14.0-1031.34", "linux-tools-5.14.0-1031-oem": "5.14.0-1031.34", "linux-buildinfo-5.14.0-1031-oem": "5.14.0-1031.34", "linux-oem-5.14-tools-5.14.0-1031": "5.14.0-1031.34" } ] }