From dd0c4dda64f9dcafc0d2b127ee7a2c1ba7d2736a Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Mon, 1 Jan 2024 21:27:21 +0100 Subject: Add some DSA texts for 5.10.205-1 (replicating from 6.1.69-1) --- dsa-texts/5.10.205-1 | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) (limited to 'dsa-texts') diff --git a/dsa-texts/5.10.205-1 b/dsa-texts/5.10.205-1 index afb24ca5..d5a07765 100644 --- a/dsa-texts/5.10.205-1 +++ b/dsa-texts/5.10.205-1 @@ -11,8 +11,25 @@ CVE-2023-5197 CVE-2023-5717 CVE-2023-6121 CVE-2023-6531 + + Jann Horn discovered a use-after-free flaw due to a race condition + problem when the unix garbage collector's deletion of a SKB races + with unix_stream_read_generic() on the socket that the SKB is + queued on. + CVE-2023-6817 + + Xingyuan Mo discovered that a use-after-free in Netfilter's + implementation of PIPAPO (PIle PAcket POlicies) may result in denial + of service or potential local privilege escalation for a user with + the CAP_NET_ADMIN capability in any user or network namespace. + CVE-2023-6931 + + Budimir Markovic reported a heap out-of-bounds write vulnerability + in the Linux kernel's Performance Events system which may result in + denial of service or privilege escalation. + CVE-2023-6932 CVE-2023-25775 CVE-2023-34324 @@ -21,6 +38,16 @@ CVE-2023-45863 CVE-2023-46813 CVE-2023-46862 CVE-2023-51780 + + It was discovered that a race condition in the ATM (Asynchronous + Transfer Mode) subsystem may lead to a use-after-free. + CVE-2023-51781 + + It was discovered that a race condition in the Appletalk subsystem + may lead to a use-after-free. + CVE-2023-51782 + It was discovered that a race condition in the Amateur Radio X.25 + PLP (Rose) support may lead to a use-after-free. -- cgit v1.2.3