diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2024-01-02 11:22:42 +0100 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2024-01-02 11:22:42 +0100 |
commit | 79af44ff7f5f8525f32bb6ee1f1c7096826a052c (patch) | |
tree | d9734e2d05a97147f9d75b17fa2df08cee924446 /dsa-texts | |
parent | 55ce26336dd0361ea43940f08e29338b12b8d443 (diff) |
Add remaining CVE descriptions for 5.10.205-1 fixes
Diffstat (limited to 'dsa-texts')
-rw-r--r-- | dsa-texts/5.10.205-1 | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/dsa-texts/5.10.205-1 b/dsa-texts/5.10.205-1 index 02e49bd4..742401c4 100644 --- a/dsa-texts/5.10.205-1 +++ b/dsa-texts/5.10.205-1 @@ -6,10 +6,36 @@ may lead to a privilege escalation, denial of service or information leaks. CVE-2021-44879 + + Wenqing Liu reported a NULL pointer dereference in the f2fs + implementation. An attacker able to mount a specially crafted image + can take advantage of this flaw for denial of service. + CVE-2023-5178 + + Alon Zahavi reported a use-after-free flaw in the NVMe-oF/TCP + subsystem in the queue intialization setup, which may result in + denial of service or privilege escalation. + CVE-2023-5197 + + Kevin Rich discovered a use-after-free flaw in the netfilter + subsystem which may result in denial of service or privilege + escalation for a user with the CAP_NET_ADMIN capability in any user + or network namespace. + CVE-2023-5717 + + Budimir Markovic reported a heap out-of-bounds write vulnerability + in the Linux kernel's Performance Events system caused due to + improper handling of event groups, which may result in denial of + service or privilege escalation. + CVE-2023-6121 + + Alon Zahavi reported an out-of-bounds read vulnerability in the + NVMe-oF/TCP which may result in information leak. + CVE-2023-6531 Jann Horn discovered a use-after-free flaw due to a race condition |