From 835cd73cfdee73f8f75e6dcb768ef30607e84515 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Mon, 15 Aug 2022 17:23:03 +0200
Subject: Add initial drafts for some CVEs fixed in 5.10.136-1

---
 dsa-texts/5.10.136-1 | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/dsa-texts/5.10.136-1 b/dsa-texts/5.10.136-1
index 5797242a..9ba8f3d4 100644
--- a/dsa-texts/5.10.136-1
+++ b/dsa-texts/5.10.136-1
@@ -7,12 +7,32 @@ leaks.
 
 CVE-2022-2585
 
+    A use-after-free flaw in the implementation of POSIX CPU timers may
+    result in denial of service or in local privilege escalation.
+
 CVE-2022-2586
 
+    A use-after-free in the Netfilter subsystem may result in local
+    privilege escalation for a user with the CAP_NET_ADMIN capability in
+    any user or network namespace.
+
 CVE-2022-2588
 
+    Zhenpeng Lin discovered a use-after-free flaw in the cls_route
+    filter implementation which may result in local privilege escalation
+    for a user with the CAP_NET_ADMIN capability in any user or network
+    namespace.
+
 CVE-2022-26373
 
+    It was discovered that on certain processors with Intel's Enhanced
+    Indirect Branch Restricted Speculation (eIBRS) capabilities there
+    are exceptions to the documented properties in some situations,
+    which may result in information disclosure.
+
+    Intel's explanation of the issue can be found at
+    <https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/advisory-guidance/post-barrier-return-stack-buffer-predictions.html>
+
 CVE-2022-29900
 
 CVE-2022-29901
-- 
cgit v1.2.3