blob: a345e01573808438ea23b4ffe4f28db8fa63a7ed (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
|
Package : linux
CVE ID : CVE-2020-3702 CVE-2020-16119 CVE-2021-3653 CVE-2021-3656
CVE-2021-3679 CVE-2021-3732 CVE-2021-3739 CVE-2021-3743
CVE-2021-3753 CVE-2021-37576 CVE-2021-38160 CVE-2021-38166
CVE-2021-38199 CVE-2021-40490 CVE-2021-41073
Debian Bug : 993948 993978
Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation, denial of service or information
leaks.
CVE-2020-3702
Description
CVE-2020-16119
Description
CVE-2021-3653
Description
CVE-2021-3656
Description
CVE-2021-3679
Description
CVE-2021-3732
Description
CVE-2021-3739
Description
CVE-2021-3743
An out-of-bounds memory read flaw was discovered in the Qualcomm IPC
router protocol, allowing to cause a denial of service or
information leak.
CVE-2021-3753
Minh Yuan reported race condition flaw in the vt_k_ioctl in
drivers/tty/vt/vt_ioctl.c, which may cause an out of bounds
read in vt.
CVE-2021-37576
Alexey Kardashevskiy reported a buffer overflow flaw in the KVM
subsystem on the powerpc platform, which allows KVM guest OS users
to cause memory corruption on the host.
CVE-2021-38160
A flaw in the virtio_console was discovered allowing data corruption
or data loss by an untrusted device.
CVE-2021-38166
An integer overflow flaw in the BPF subsystem could allow a local
attacker able to cause a denial of service or potentially the
execution of arbitrary code. This flaw is mitigated by default in
Debian as unprivileged calls to bpf() are disabled.
CVE-2021-38199
Michael Wakabayashi reported a flaw in the NFSv4 client
subsystem where incorrect connection-setup ordering allows
operations of a remote NFSv4 server to cause a denial of service
(hanging of mounts).
CVE-2021-40490
A race condition was discovered in the ext4 subsystem when writing
to an inline_data file while its xattrs are changing, which could
result in denial of service.
CVE-2021-41073
Valentina Palmiotti discovered a flaw in io_uring allowing a local
attacker to escalate privileges by using IORING_OP_PROVIDE_BUFFERS
to trigger a free of a kernel buffer.
For the stable distribution (bullseye), these problems have been fixed in
version 5.10.46-5.
|