diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2024-01-02 17:26:36 +0100 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2024-01-02 17:26:36 +0100 |
commit | b39b23d0262b302e00b4c049fc32779c0e6a561e (patch) | |
tree | ac787ac634b5703d70867330a57c73cc97e73d3c /dsa-texts | |
parent | abb549e4eafa65cb6c8cb2855939a43a4878fe83 (diff) |
Refine CVE description for CVE-2023-5717 and CVE-2023-6931
Diffstat (limited to 'dsa-texts')
-rw-r--r-- | dsa-texts/5.10.205-1 | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/dsa-texts/5.10.205-1 b/dsa-texts/5.10.205-1 index 6ded778f..831a3baa 100644 --- a/dsa-texts/5.10.205-1 +++ b/dsa-texts/5.10.205-1 @@ -29,7 +29,9 @@ CVE-2023-5717 Budimir Markovic reported a heap out-of-bounds write vulnerability in the Linux kernel's Performance Events system caused by improper handling of event groups, which may result in denial of service or - privilege escalation. + privilege escalation. The default settings in Debian prevent + exploitation unless more permissive settings have been applied in + the kernel.perf_event_paranoid sysctl. CVE-2023-6121 @@ -54,7 +56,9 @@ CVE-2023-6931 Budimir Markovic reported a heap out-of-bounds write vulnerability in the Linux kernel's Performance Events system which may result in - denial of service or privilege escalation. + denial of service or privilege escalation. The default settings in + Debian prevent exploitation unless more permissive settings have + been applied in the kernel.perf_event_paranoid sysctl. CVE-2023-6932 |