Authored by Jann Horn, Google Security Research

CentOS Stream 9 has a missing kernel security fix for a tun double-free amongst other missing fixes. Included is a local root exploit to demonstrate the issue.

advisories | CVE-2022-4744, CVE-2023-1249