Add advisory text for 5.10.179-3

1 files changed, 32 insertions, 0 deletions

diff --git a/dsa-texts/5.10.179-3 b/dsa-texts/5.10.179-3
new file mode 100644
index 00000000..89ad084b
--- /dev/null
+++ b/dsa-texts/5.10.179-3
@@ -0,0 +1,32 @@
+Package linux
+CVE ID: CVE-2023-3390 CVE-2023-3610 CVE-2023-20593
+
+CVE-2023-3390
+
+    A use-after-free flaw in the netfilter subsystem caused by incorrect
+    error path handling may result in denial of service or privilege
+    escalation.
+
+CVE-2023-3610
+
+    A use-after-free flaw in the netfilter subsystem caused by incorrect
+    refcount handling on the table and chain destroy path may result in
+    denial of service or privilege escalation.
+
+CVE-2023-20593
+
+    Tavis Ormandy discovered that under specific microarchitectural
+    circumstances, a vector register in AMD "Zen 2" CPUs may not be
+    written to 0 correctly.  This flaw allows an attacker to leak
+    sensitive information across concurrent processes, hyper threads
+    and virtualized guests.
+
+    For details please refer to
+    <https://lock.cmpxchg8b.com/zenbleed.html> and
+    <https://github.com/google/security-research/security/advisories/GHSA-v6wh-rxpg-cmm8>.
+
+    This issue can also be mitigated by a microcode update through the
+    amd64-microcode package or a system firmware (BIOS/UEFI) update.
+    However, the initial microcode release by AMD only provides
+    updates for second generation EPYC CPUs.  Various Ryzen CPUs are
+    also affected, but no updates are available yet.