diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2022-08-15 17:23:03 +0200 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2022-08-15 17:23:03 +0200 |
commit | 835cd73cfdee73f8f75e6dcb768ef30607e84515 (patch) | |
tree | 1ceca8898f5e36fff33248c433b55c78848c1a84 | |
parent | b169022bb4b16e5274b14950e7f984b602f383d5 (diff) |
Add initial drafts for some CVEs fixed in 5.10.136-1
-rw-r--r-- | dsa-texts/5.10.136-1 | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/dsa-texts/5.10.136-1 b/dsa-texts/5.10.136-1 index 5797242a..9ba8f3d4 100644 --- a/dsa-texts/5.10.136-1 +++ b/dsa-texts/5.10.136-1 @@ -7,12 +7,32 @@ leaks. CVE-2022-2585 + A use-after-free flaw in the implementation of POSIX CPU timers may + result in denial of service or in local privilege escalation. + CVE-2022-2586 + A use-after-free in the Netfilter subsystem may result in local + privilege escalation for a user with the CAP_NET_ADMIN capability in + any user or network namespace. + CVE-2022-2588 + Zhenpeng Lin discovered a use-after-free flaw in the cls_route + filter implementation which may result in local privilege escalation + for a user with the CAP_NET_ADMIN capability in any user or network + namespace. + CVE-2022-26373 + It was discovered that on certain processors with Intel's Enhanced + Indirect Branch Restricted Speculation (eIBRS) capabilities there + are exceptions to the documented properties in some situations, + which may result in information disclosure. + + Intel's explanation of the issue can be found at + <https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/advisory-guidance/post-barrier-return-stack-buffer-predictions.html> + CVE-2022-29900 CVE-2022-29901 |