1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
|
# Geneate with
# bin/gen-DSA --save linux CVE-2022-39189 CVE-2022-4269 CVE-2023-1206 CVE-2023-20588 CVE-2023-2124 CVE-2023-2898 CVE-2023-3212 CVE-2023-34319 CVE-2023-3609 CVE-2023-3611 CVE-2023-3776 CVE-2023-3863 CVE-2023-4004 CVE-2023-40283 CVE-2023-4128 CVE-2023-4132 CVE-2023-4147 CVE-2023-4194 CVE-2023-4273 CVE-2023-1380 CVE-2023-2002 CVE-2023-2007 CVE-2023-21255 CVE-2023-21400 CVE-2023-2269 CVE-2023-3090 CVE-2023-31084 CVE-2023-3111 CVE-2023-3268 CVE-2023-3338 CVE-2023-3389 CVE-2023-35788
Package : linux
CVE ID : CVE-2022-4269 CVE-2022-39189 CVE-2023-1206 CVE-2023-1380
CVE-2023-2002 CVE-2023-2007 CVE-2023-2124 CVE-2023-2269
CVE-2023-2898 CVE-2023-3090 CVE-2023-3111
CVE-2023-3212 CVE-2023-3268 CVE-2023-3338 CVE-2023-3389
CVE-2023-3609 CVE-2023-3611 CVE-2023-3776 CVE-2023-3863
CVE-2023-4004 CVE-2023-4128 CVE-2023-4132 CVE-2023-4147
CVE-2023-4194 CVE-2023-4273 CVE-2023-20588 CVE-2023-21255
CVE-2023-21400 CVE-2023-31084 CVE-2023-34319 CVE-2023-35788
CVE-2023-40283
Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation, denial of service or information
leaks.
CVE-2022-4269
William Zhao discovered that a flaw in the Traffic Control (TC)
subsystem when using a specific networking configuration
(redirecting egress packets to ingress using TC action "mirred"),
may allow a local unprivileged user to cause a denial of service
(triggering a CPU soft lockup).
CVE-2022-39189
Jann Horn discovered that TLB flush operations are mishandled in the
KVM subsystem in certain KVM_VCPU_PREEMPTED situations, which may
allow an unprivileged guest user to compromise the guest kernel.
CVE-2023-1206
It was discovered that the networking stack permits attackers to
force hash collisions in the IPv6 connection lookup table, which may
result in denial of service (significant increase in the cost of
lookups, increased CPU utilization).
CVE-2023-1380
Jisoo Jang reported a heap out-of-bounds read in the brcmfmac Wi-Fi
driver. On systems using this driver, a local user could exploit
this to read sensitive information or to cause a denial of service.
CVE-2023-2002
Ruiahn Li reported an incorrect permissions check in the Bluetooth
subsystem. A local user could exploit this to reconfigure local
Bluetooth interfaces, resulting in information leaks, spoofing, or
denial of service (loss of connection).
CVE-2023-2007
Lucas Leong and Reno Robert discovered a time-of-check-to-time-of-
use flaw in the dpt_i2o SCSI controller driver. A local user with
access to a SCSI device using this driver could exploit this for
privilege escalation.
This flaw has been mitigated by removing support for the I2OUSRCMD
operation.
CVE-2023-2124
Kyle Zeng, Akshay Ajayan and Fish Wang discovered that missing
metadata validation may result in denial of service or potential
privilege escalation if a corrupted XFS disk image is mounted.
CVE-2023-2269
Zheng Zhang reported that improper handling of locking in the device
mapper implementation may result in denial of service.
CVE-2023-2898
It was discovered that missing sanitising in the f2fs file
system may result in denial of service if a malformed file
system is accessed.
CVE-2023-3090
It was discovered that missing initialization in ipvlan networking
may lead to an out-of-bounds write vulnerability, resulting in
denial of service or potentially the execution of arbitrary code.
CVE-2023-3111
The TOTE Robot tool found a flaw in the Btrfs filesystem driver that
can lead to a use-after-free. It's unclear whether an unprivileged
user can exploit this.
CVE-2023-3212
Yang Lan that missing validation in the GFS2 filesystem could result
in denial of service via a NULL pointer dereference when mounting a
malformed GFS2 filesystem.
CVE-2023-3268
It was discovered that an out-of-bounds memory access in relayfs
could result in denial of service or an information leak.
CVE-2023-3338
Davide Ornaghi discovered a flaw in the DECnet protocol
implementation which could lead to a null pointer dereference or
use-after-free. A local user can exploit this to cause a denial of service
(crash or memory corruption) and probably for privilege escalation.
This flaw has been mitigated by removing the DECnet protocol
implementation.
CVE-2023-3389
Querijn Voet discovered a use-after-free in the io_uring subsystem,
which may result in denial of service or privilege escalation.
CVE-2023-3611
It was discovered that an out-of-bounds write in the traffic control
subsystem for the Quick Fair Queueing scheduler (QFQ) may result in
denial of service or privilege escalation.
CVE-2023-3609 / CVE-2023-3776 / CVE-2023-4128
It was discovered that a use-after-free in the cls_fw, cls_u32,
cls_route and network classifiers may result in denial of service or
potential local privilege escalation.
CVE-2023-3863
It was discovered that a use-after-free in the NFC implementation
may result in denial of service, an information leak or potential
local privilege escalation.
CVE-2023-4004
It was discovered that a use-after-free in Netfilter's
implementation of PIPAPO (PIle PAcket POlicies) may result in denial
of service or potential local privilege escalation for a user with
the CAP_NET_ADMIN capability in any user or network namespace.
CVE-2023-4132
A use-after-free in the driver for Siano SMS1xxx based MDTV
receivers may result in local denial of service.
CVE-2023-4147
Kevin Rich discovered a use-after-free in Netfilter when adding a
rule with NFTA_RULE_CHAIN_ID, which may result in local privilege
escalation for a user with the CAP_NET_ADMIN capability in any user
or network namespace.
CVE-2023-4194
A type confusion in the implementation of TUN/TAP network devices
may allow a local user to bypass network filters.
CVE-2023-4273
Maxim Suhanov discovered a stack overflow in the exFAT driver, which
may result in local denial of service via a malformed file system.
CVE-2023-20588
Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Koepf and
Oleksii Oleksenko discovered that on some AMD CPUs with the Zen1
micro architecture an integer division by zero may leave stale
quotient data from a previous division, resulting in a potential
leak of sensitive data.
CVE-2023-21255
A use-after-free was discovered in the in the Android binder driver,
which may result in local privilege escalation on systems where the
binder driver is loaded.
CVE-2023-21400
Ye Zhang and Nicolas Wu discovered a double-free in the io_uring
subsystem, which may result in denial of service or privilege
escalation.
CVE-2023-31084
It was discovered that the DVB Core driver does not properly handle
locking of certain events, allowing a local user to cause a denial
of service.
CVE-2023-34319
Ross Lagerwall discovered a buffer overrun in Xen's netback driver
which may allow a Xen guest to cause denial of service to the
virtualisation host my sending malformed packets.
CVE-2023-35788
Hangyu Hua that an off-by-one in the Flower traffic classifier may
result in local of service or the execution of privilege escalation.
CVE-2023-40283
A use-after-free was discovered in Bluetooth L2CAP socket handling.
For the oldstable distribution (bullseye), these problems have been fixed
in version 5.10.191-1.
|