diff options
| author | Moritz Muehlenhoff <jmm@debian.org> | 2023-08-17 17:48:06 +0200 |
|---|---|---|
| committer | Moritz Muehlenhoff <jmm@debian.org> | 2023-08-17 17:48:06 +0200 |
| commit | f636d1b5d80c9d855f9e4337731dbb639061893d (patch) | |
| tree | 5638463461b76cb6bc19bcf7c9a850f6772eeebb /dsa-texts | |
| parent | 40d3199c1bd6c51d1f2a5c2d65258249a9ce831a (diff) | |
more advisory updates
Diffstat (limited to 'dsa-texts')
| -rw-r--r-- | dsa-texts/5.10.191-1 | 18 |
1 files changed, 10 insertions, 8 deletions
diff --git a/dsa-texts/5.10.191-1 b/dsa-texts/5.10.191-1 index 9147ca16..e3b08fe5 100644 --- a/dsa-texts/5.10.191-1 +++ b/dsa-texts/5.10.191-1 @@ -74,21 +74,23 @@ CVE-2023-3268 CVE-2023-3338 - Description - -CVE-2023-3389 + Ornaghi Davide discovered a flaw in the DECnet protocol implementation + which could lead to a null pointer dereference or use-after-free. A + local user can exploit this to cause a denial of service (crash or + memory corruption) and probably for privilege escalation. - Description + This flaw has been mitigated by removing the DECnet protocol implementation. -CVE-2023-3609 +CVE-2023-3389 - Description + Querijn Voet discovered a use-after-free in the io_uring subsystem, + which may result in denial of service or privilege escalation. CVE-2023-3611 Description -CVE-2023-3776 / CVE-2023-4128 +CVE-2023-3609 / CVE-2023-3776 / CVE-2023-4128 It was discovered that a use-after-free in the cls_fw, cls_u32, cls_route and network classifiers may result in denial of service or potential @@ -145,7 +147,7 @@ CVE-2023-21255 CVE-2023-21400 Ye Zhang and Nicolas Wu discovered a double-free in the io_uring subsystem, - which way result in denial of service or privilege escalation. + which may result in denial of service or privilege escalation. CVE-2023-31084 |