diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2022-05-02 22:02:51 +0200 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2022-05-02 22:02:51 +0200 |
commit | c4669bd27eee6e68f4a89c0e044ee89c8c1b6483 (patch) | |
tree | 312939920735ce9cacbf10fef88f73abdade77b5 /dsa-texts/5.10.113-1 | |
parent | 6576c43c5a071639d669f0c9fd81bbc5393e52a1 (diff) |
Add initial drafs for linux 5.10.113-1 DSA
Diffstat (limited to 'dsa-texts/5.10.113-1')
-rw-r--r-- | dsa-texts/5.10.113-1 | 117 |
1 files changed, 117 insertions, 0 deletions
diff --git a/dsa-texts/5.10.113-1 b/dsa-texts/5.10.113-1 new file mode 100644 index 000000000..c4d7deab9 --- /dev/null +++ b/dsa-texts/5.10.113-1 @@ -0,0 +1,117 @@ +Package: linux +CVE ID: CVE-2021-4197 CVE-2022-0168 CVE-2022-1016 CVE-2022-1048 CVE-2022-1158 CVE-2022-1195 CVE-2022-1198 CVE-2022-1199 CVE-2022-1204 CVE-2022-1205 CVE-2022-1353 CVE-2022-1516 CVE-2022-26490 CVE-2022-27666 CVE-2022-28356 CVE-2022-28388 CVE-2022-28389 CVE-2022-28390 CVE-2022-29582 + +Several vulnerabilities have been discovered in the Linux kernel that +may lead to a privilege escalation, denial of service or information +leaks. + +CVE-2021-4197 + + Eric Biederman reported that incorrect permission checks in the + cgroup process migration implementation can allow a local attacker + to escalate privileges. + +CVE-2022-0168 + + A NULL pointer dereference flaw was found in the CIFS client + implementation which can allow a local attacker with CAP_SYS_ADMIN + privileges to crash the system. The security impact is negligible as + CAP_SYS_ADMIN inherently gives the ability to deny service. + +CVE-2022-1016 + + David Bouman discovered a flaw in the netfilter subsystem where the + nft_do_chain function did not initialize register data that hat + nf_tables expressions can read from and write to. A local attacker + can take advantage of this to read sensitive information. + +CVE-2022-1048 + + Hu Jiahui discovered a race condition in the sound subsystem that + can result in a use-after-free. A local user permitted to access a + PCM sound device can take advantage of this flaw to crash the + system or potentially for privilege escalation. + +CVE-2022-1158 + + Qiuhao Li, Gaoning Pan, and Yongkang Jia discovered a bug in the + KVM implementation for x86 processors. A local user with access to + /dev/kvm could cause the MMU emulator to update page table entry + flags at the wrong address. They could exploit this to cause a + denial of service (memory corruption or crash) or possibly for + privilege escalation. + +CVE-2022-1195 + + Lin Ma discovered race conditions in the 6pack and mkiss hamradio + drivers, which could lead to a use-after-free. A local user could + exploit these to cause a denial of service (memory corruption or + crash) or possibly for privilege escalation. + +CVE-2022-1198 + + Duoming Zhou discovered a race condition in the 6pack hamradio + driver, which could lead to a use-after-free. A local user could + exploit this to cause a denial of service (memory corruption or + crash) or possibly for privilege escalation. + +CVE-2022-1199, CVE-2022-1204, CVE-2022-1205 + + Duoming Zhou discovered race conditions in the AX.25 hamradio + protocol, which could lead to a use-after-free or null pointer + dereference. A local user could exploit this to cause a denial of + service (memory corruption or crash) or possibly for privilege + escalation. + +CVE-2022-1353 + + The TCS Robot tool found an information leak in the PF_KEY + subsystem. A local user can receive a netlink message when an + IPsec daemon reegisters with the kernel, and this could include + sensitive information. + +CVE-2022-1516 + + A NULL pointer dereference flaw in the implementation of the X.25 + set of standardized network protocols, which can result in denial + of service. + + This driver is not enabled in Debian's official kernel + configurations. + +CVE-2022-26490 + + Buffer overflows in the STMicroelectronics ST21NFCA core driver can + result in denial of service or privilege escalation. + + This driver is not enabled in Debian's official kernel + configurations. + +CVE-2022-27666 + + "valis" reported a possible buffer overflow in the ESP protocol + implementation. A local user can take advantage of this flaw to + cause a denial of service or for privilege escalation. + +CVE-2022-28356 + + TODO + +CVE-2022-28388 + + TODO + +CVE-2022-28389 + + TODO + +CVE-2022-28390 + + TODO + +CVE-2022-29582 + + Jayden Rivers and David Bouman discovered a user-after-free + vulnerability in the io_uring subystem due to a race condition in + io_uring timeouts. A local unprivileged user can take advantage of + this flaw for privilege escalation. |