diff options
author | Ben Hutchings <ben@decadent.org.uk> | 2022-03-08 17:56:49 +0100 |
---|---|---|
committer | Ben Hutchings <ben@decadent.org.uk> | 2022-03-08 17:57:02 +0100 |
commit | cd8faf1130a52823e804ac079364b472ea1e3737 (patch) | |
tree | dd09783a938a64987ee33045ca042c014ab93677 /dsa-texts/4.9.303-1 | |
parent | 948638db253086ca5d564e1a519a3bb90a4c98ec (diff) |
Fill in more issue descriptions
Diffstat (limited to 'dsa-texts/4.9.303-1')
-rw-r--r-- | dsa-texts/4.9.303-1 | 21 |
1 files changed, 18 insertions, 3 deletions
diff --git a/dsa-texts/4.9.303-1 b/dsa-texts/4.9.303-1 index d345dbad9..b3654410c 100644 --- a/dsa-texts/4.9.303-1 +++ b/dsa-texts/4.9.303-1 @@ -112,15 +112,30 @@ CVE-2021-39685 CVE-2021-39686 - Description + A race condition was discovered in the Android binder driver, that + could lead to incorrect security checks. On systems where the + binder driver is loaded, a local user could exploit this for + privilege escalation. + + This driver is not enabled in Debian's official kernel + configurations. CVE-2021-39698 - Description + Linus Torvalds reported a flaw in the file polling implementation, + which could lead to a use-after-free. A local user could exploit + this for denial of service (memory corruption or crash) or + possibly for privilege escalation. CVE-2021-39714 - Description + A potential reference count overflow was found in the Android Ion + driver. On systems where the Ion driver is loaded, a local user + could exploit this for denial of service (memory corruption or + crash) or possibly for privilege escalation. + + This driver is not enabled in Debian's official kernel + configurations. CVE-2021-43976 |