diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2024-01-01 09:53:25 +0100 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2024-01-01 09:53:25 +0100 |
commit | f6c4d9e6a7bb437379cf350e525e574971dff9f0 (patch) | |
tree | 45d041fc09083b7bc89672b098b085a9e2364aac /dsa-texts | |
parent | df13baafe28e8b94cf424e875dc309f0d30a8528 (diff) |
Add draft texts for some CVEs covered in the 6.1.69-1 update
Diffstat (limited to 'dsa-texts')
-rw-r--r-- | dsa-texts/6.1.69-1 | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/dsa-texts/6.1.69-1 b/dsa-texts/6.1.69-1 index 85f6b7df..df8090da 100644 --- a/dsa-texts/6.1.69-1 +++ b/dsa-texts/6.1.69-1 @@ -6,9 +6,31 @@ may lead to a privilege escalation, denial of service or information leaks. CVE-2023-6531 + + Jann Horn discovered a use-after-free flaw due to a race condition + problem when the unix garbage collector's deletion of a SKB races + with unix_stream_read_generic() on the socket that the SKB is + queued on. + CVE-2023-6622 + + Xingyuan Mo discovered a flaw in the netfilter subsystem which may + result in denial of service or privilege escalation for a user with + the CAP_NET_ADMIN capability in any user or network namespace. + CVE-2023-6817 + + Xingyuan Mo discovered that a use-after-free in Netfilter's + implementation of PIPAPO (PIle PAcket POlicies) may result in denial + of service or potential local privilege escalation for a user with + the CAP_NET_ADMIN capability in any user or network namespace. + CVE-2023-6931 + + Budimir Markovic reported a heap out-of-bounds write vulnerability + in the Linux kernel's Performance Events system which may result in + denial of service or privilege escalation. + CVE-2023-51779 CVE-2023-51780 CVE-2023-51781 |