diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2023-07-16 22:59:42 +0200 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2023-07-16 22:59:42 +0200 |
commit | 44109448e298ae2452821df29a92e19aaa59c392 (patch) | |
tree | 196106b515e91a1525da1ecf971c4da4e517108d /dsa-texts/5.10.179-2 | |
parent | 0d0f53a26d52b02ff17dd3dd482b49dd69043c0b (diff) |
Add advisory draft for linux update for 5.10.179-2
Diffstat (limited to 'dsa-texts/5.10.179-2')
-rw-r--r-- | dsa-texts/5.10.179-2 | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/dsa-texts/5.10.179-2 b/dsa-texts/5.10.179-2 new file mode 100644 index 000000000..f2a6b969e --- /dev/null +++ b/dsa-texts/5.10.179-2 @@ -0,0 +1,27 @@ +Package : linux +CVE ID : CVE-2023-2156 CVE-2023-31248 CVE-2023-35001 + +Several vulnerabilities have been discovered in the Linux kernel that +may lead to a privilege escalation, denial of service or information +leaks. + +CVE-2023-2156 + + It was discovered that a flaw in the handling of the RPL protocol + may allow an unauthenticated remote attacher to cause a denial of + service if RPL is enabled (not by default in Debian). + +CVE-2023-31248 + + Mingi Cho discovered a use-after-free flaw in the Netfilter + nf_tables implementation when using nft_chain_lookup_byid, which may + result in local privilege escalation for a user with the + CAP_NET_ADMIN capability in any user or network namespace. + +CVE-2023-35001 + + Tanguy DUBROCA discovered an out-of-bounds reads and write flaw in + the Netfilter nf_tables implementation when processing an + nft_byteorder expression, which may result in local privilege + escalation for a user with the CAP_NET_ADMIN capability in any user + or network namespace. |