Linux kernel heap overflow via filesystem context parsing — enables local privilege escalation. Container escape possible if running privileged containers. Apply kernel patches. Restrict CAP_SYS_ADMIN from all container workloads.
A heap-based buffer overflow flaw was found in the way the legacy_parse_param function in the Filesystem Context functionality of the Linux kernel verified the supplied arguments. Linux kernel LPE.
Supernova subscribers receive AI-triaged CVE alerts the moment they're published — before the PoC drops.
Start Supernova — $99/mo →