diff options
| author | Salvatore Bonaccorso <carnil@debian.org> | 2023-09-09 22:07:29 +0200 |
|---|---|---|
| committer | Salvatore Bonaccorso <carnil@debian.org> | 2023-09-09 22:07:29 +0200 |
| commit | 8548f0bee6d33306aaae4304b723047711498d96 (patch) | |
| tree | 61ccf7fe135c3a6bc98ce917bb7b783d43b1ba79 /dsa-texts | |
| parent | d118a6bbba0c1c27062cf4f833080fbbec4c0ab0 (diff) | |
Add additional CVE descriptions for 6.1.52-1 update
Diffstat (limited to 'dsa-texts')
| -rw-r--r-- | dsa-texts/6.1.52-1 | 32 |
1 files changed, 24 insertions, 8 deletions
diff --git a/dsa-texts/6.1.52-1 b/dsa-texts/6.1.52-1 index 4d135471..4c7fe9d9 100644 --- a/dsa-texts/6.1.52-1 +++ b/dsa-texts/6.1.52-1 @@ -28,7 +28,9 @@ CVE-2023-1989 CVE-2023-2430 - Description + Xingyuan Mo discovered that the io_uring subsystem did not properly + handle locking when the target ring is configured with IOPOLL, which + may result in denial of service. CVE-2023-2898 @@ -44,11 +46,14 @@ CVE-2023-3611 CVE-2023-3772 - Description + Lin Ma discovered a NULL pointer dereference flaw in the XFRM + subsystem which may result in denial of service. CVE-2023-3773 - Description + Lin Ma discovered a flaw in the the XFRM subsystem, which may result + in denial of service for a user with the CAP_NET_ADMIN capability in + any user or network namespace. CVE-2023-3776, CVE-2023-4128, CVE-2023-4206, CVE-2023-4207, CVE-2023-4208 @@ -58,7 +63,10 @@ CVE-2023-3776, CVE-2023-4128, CVE-2023-4206, CVE-2023-4207, CVE-2023-4208 CVE-2023-3777 - Description + Kevin Rich discovered a use-after-free in Netfilter when flushing + table rules, which may result in local privilege escalation for a + user with the CAP_NET_ADMIN capability in any user or network + namespace. CVE-2023-3863 @@ -75,7 +83,10 @@ CVE-2023-4004 CVE-2023-4015 - Description + Kevin Rich discovered a use-after-free in Netfilter when handling + bound chain deactivation in certain circumstances, may result in + denial of service or potential local privilege escalation for a user + with the CAP_NET_ADMIN capability in any user or network namespace. CVE-2023-4132 @@ -91,7 +102,8 @@ CVE-2023-4147 CVE-2023-4155 - Description + Andy Nguyen discovered a flaw in the KVM subsystem allowing a KVM + guest using EV-ES or SEV-SNP to cause a denial of service. CVE-2023-4194 @@ -105,11 +117,15 @@ CVE-2023-4273 CVE-2023-4569 - Description + lonial con discovered flaw in the Netfilter subsystem, which may + allow a local attacher to cause a double-deactivations of catchall + elements, which results in a memory leak. CVE-2023-4622 - Description + Bing-Jhong Billy Jheng discovered a use-after-free within the Unix + domain sockets component, which may result in local privilege + escalation. CVE-2023-20588 |