diff options
| author | Moritz Muehlenhoff <jmm@debian.org> | 2023-07-05 17:22:16 +0200 |
|---|---|---|
| committer | Moritz Muehlenhoff <jmm@debian.org> | 2023-07-05 17:22:16 +0200 |
| commit | 46720c75bdf21f42af598b16d063869315d781f0 (patch) | |
| tree | 5891ffc8ff15947d9f7fd7803f1a782f5550e9fc /dsa-texts | |
| parent | 48f1e8bf5c380ed323d9abd373842ab9ee0d518a (diff) | |
Some finishing touch
Diffstat (limited to 'dsa-texts')
| -rw-r--r-- | dsa-texts/6.1.37-1 | 26 |
1 files changed, 12 insertions, 14 deletions
diff --git a/dsa-texts/6.1.37-1 b/dsa-texts/6.1.37-1 index 07776a37..e6f48629 100644 --- a/dsa-texts/6.1.37-1 +++ b/dsa-texts/6.1.37-1 @@ -1,5 +1,5 @@ Package : linux -CVE ID : CVE-2023-2124 CVE-2023-2156 CVE-2023-2269 CVE-2023-3090 CVE-2023-3141 CVE-2023-3212 CVE-2023-3268 CVE-2023-3269 CVE-2023-3390 CVE-2023-31084 CVE-2023-32250 CVE-2023-32254 CVE-2023-35788 +CVE ID : CVE-2023-2124 CVE-2023-2156 CVE-2023-2269 CVE-2023-3090 CVE-2023-3212 CVE-2023-3268 CVE-2023-3269 CVE-2023-3390 CVE-2023-31084 CVE-2023-32250 CVE-2023-32254 CVE-2023-35788 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information @@ -7,29 +7,28 @@ leaks. CVE-2023-2124 - Kyle Zeng, Akshay Ajayan and Fish Wang that missing metadata - validation may result in denial of service, or potentially privilege - escalation, if a corrupted XFS disk image is mounted. + Kyle Zeng, Akshay Ajayan and Fish Wang discoverd that missing metadata + validation may result in denial of service or potential privilege + escalation if a corrupted XFS disk image is mounted. CVE-2023-2156 - Max VA discovered that the IPv6 RPL protocol implementation in the + It was discovered that the IPv6 RPL protocol implementation in the Linux kernel did not properly handled user-supplied data, resulting - in an assertion failure. An unauthenticated remote attacker can take + in a triggerable assertion. An unauthenticated remote attacker can take advantage of this flaw for denial of service. CVE-2023-2269 - Zheng Zhang reported that improper handling of locking in the device- + Zheng Zhang reported that improper handling of locking in the device mapper implementation may result in denial of service. CVE-2023-3090 - It was discovered that missing initialization in the ipvlan - networking, leading to an out-of-bounds write vulnerability, may - result in denial of service, or execution of arbitrary code. + It was discovered that missing initialization in ipvlan networking may + lead to an out-of-bounds write vulnerability, resulting in denial of + service or potentially the execution of arbitrary code. -CVE-2023-3141 CVE-2023-3212 Yang Lan that missing validation in the GFS2 filesystem could result @@ -49,9 +48,8 @@ CVE-2023-3269 CVE-2023-3390 - A use-after-free flaw in the netfilter subsystem because of - incorrect error path handling with NFT_MSG_NEWRULE may result in - denial of service or privilege escalation. + A use-after-free flaw in the netfilter subsystem caused by incorrect + error path handling may result in denial of service or privilege escalation. CVE-2023-31084 |