Severity
Medium
Analysis Summary
A use-after-free error related to the “rds_tcp_kill_sock()” function (net/rds/tcp.c) can be exploited to corrupt memory and subsequently execute arbitrary code.
Impact
Unauthorized System Access
Affected Vendors
Linux
Affected Products
Remediation
Update to a fixed version.
Versions 5.0.x:
Update to version 5.0.8 or later.
Versions 4.19.x:
Update to version 4.19.35 or later.
Versions 4.14.x:
Update to version 4.14.112 or later.
Versions 4.9.x:
Update to version 4.9.169 or later.
Versions 4.4.x:
Update to version 4.4.179 or later.