Merge linux changes for bullseye 11.8

2 files changed, 15 insertions, 31 deletions

diff --git a/data/CVE/list b/data/CVE/list
index ae20ab81ab..f93b9e8fd3 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -352,16 +352,19 @@ CVE-2023-3037 (Improper authorization vulnerability in HelpDezk Community affect
 CVE-2023-39194 [net: xfrm: Fix xfrm_address_filter OOB read]
 	- linux 6.4.13-1
 	[bookworm] - linux 6.1.52-1
+	[bullseye] - linux 5.10.197-1
 	NOTE: https://www.zerodayinitiative.com/advisories/ZDI-23-1492/
 	NOTE: https://git.kernel.org/linus/dfa73c17d55b921e1d4e154976de35317e43a93a (6.5-rc7)
 CVE-2023-39193 [netfilter: xt_sctp: validate the flag_info count]
 	- linux 6.5.3-1
 	[bookworm] - linux 6.1.55-1
+	[bullseye] - linux 5.10.197-1
 	NOTE: https://www.zerodayinitiative.com/advisories/ZDI-23-1491/
 	NOTE: https://git.kernel.org/linus/e99476497687ef9e850748fe6d232264f30bc8f9 (6.6-rc1)
 CVE-2023-39192 [netfilter: xt_u32: validate user space input]
 	- linux 6.5.3-1
 	[bookworm] - linux 6.1.55-1
+	[bullseye] - linux 5.10.197-1
 	NOTE: https://www.zerodayinitiative.com/advisories/ZDI-23-1490/
 	NOTE: https://git.kernel.org/linus/69c5d284f67089b4750d28ff6ac6f52ec224b330 (6.6-rc1)
 CVE-2023-39191 (An improper input validation flaw was found in the eBPF subsystem in t ...)
@@ -2185,12 +2188,14 @@ CVE-2022-48605 (Input verification vulnerability in the fingerprint module. Succ
 CVE-2023-42756 (A flaw was found in the Netfilter subsystem of the Linux kernel. A rac ...)
 	- linux <unfixed>
 	[bookworm] - linux 6.1.55-1
+	[bullseye] - linux 5.10.197-1
 	[buster] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://www.openwall.com/lists/oss-security/2023/09/27/2
 	NOTE: https://git.kernel.org/linus/7433b6d2afd512d04398c73aa984d1e285be125b (6.6-rc3)
 CVE-2023-42755 (A flaw was found in the IPv4 Resource Reservation Protocol (RSVP) clas ...)
 	- linux 6.3.7-1
 	[bookworm] - linux 6.1.55-1
+	[bullseye] - linux 5.10.197-1
 	NOTE: https://lore.kernel.org/all/CADW8OBtkAf+nGokhD9zCFcmiebL1SM8bJp_oo=pE02BknG9qnQ@mail.gmail.com/
 	NOTE: https://git.kernel.org/linus/265b4da82dbf5df04bee5a5d46b7474b1aaf326a (6.3-rc1)
 CVE-2023-40581 (yt-dlp is a youtube-dl fork with additional features and fixes. yt-dlp ...)
@@ -2762,11 +2767,13 @@ CVE-2023-4237 (A flaw was found in the Ansible Automation Platform. When creatin
 CVE-2023-42754 (A NULL pointer dereference flaw was found in the Linux kernel ipv4 sta ...)
 	- linux <unfixed>
 	[bookworm] - linux 6.1.55-1
+	[bullseye] - linux 5.10.197-1
 	NOTE: https://www.openwall.com/lists/oss-security/2023/10/02/8
 	NOTE: https://git.kernel.org/linus/0113d9c9d1ccc07f5a3710dac4aa24b6d711278c (6.6-rc3)
 CVE-2023-42753 (An array indexing vulnerability was found in the netfilter subsystem o ...)
 	- linux 6.5.3-1
 	[bookworm] - linux 6.1.55-1
+	[bullseye] - linux 5.10.197-1
 	NOTE: https://www.openwall.com/lists/oss-security/2023/09/22/10
 	NOTE: https://git.kernel.org/linus/050d91c03b28ca479df13dfb02bcd2c60dd6a878 (6.6-rc1)
 CVE-2023-42752 [integer overflows in kmalloc_reserve()]
@@ -3403,6 +3410,7 @@ CVE-2023-4527 (A flaw was found in glibc. When the getaddrinfo function is calle
 CVE-2023-4921 (A use-after-free vulnerability in the Linux kernel's net/sched: sch_qf ...)
 	- linux <unfixed>
 	[bookworm] - linux 6.1.55-1
+	[bullseye] - linux 5.10.197-1
 	NOTE: https://kernel.dance/#8fc134fee27f2263988ae38920bc03da416b03d8
 	NOTE: https://git.kernel.org/linus/8fc134fee27f2263988ae38920bc03da416b03d8 (6.6-rc1)
 CVE-2023-4918 (A flaw was found in the Keycloak package, more specifically org.keyclo ...)
@@ -4140,10 +4148,12 @@ CVE-2023-4634 (The Media Library Assistant plugin for WordPress is vulnerable to
 CVE-2023-4623 (A use-after-free vulnerability in the Linux kernel's net/sched: sch_hf ...)
 	- linux 6.5.3-1
 	[bookworm] - linux 6.1.55-1
+	[bullseye] - linux 5.10.197-1
 	NOTE: https://git.kernel.org/linus/b3d26c5702c7d6c45456326e56d2ccf3f103e60f
 CVE-2023-4622 (A use-after-free vulnerability in the Linux kernel's af_unix component ...)
 	{DSA-5492-1}
 	- linux 6.4.13-1
+	[bullseye] - linux 5.10.197-1
 	NOTE: https://kernel.dance/790c2f9d15b594350ae9bca7b236f2b1859de02c
 CVE-2023-4621
 	REJECTED
@@ -4156,6 +4166,7 @@ CVE-2023-4498 (Tenda N300 Wireless N VDSL2 Modem Router allows unauthenticated a
 CVE-2023-4244 (A use-after-free vulnerability in the Linux kernel's netfilter: nf_tab ...)
 	- linux 6.4.13-1
 	[bookworm] - linux 6.1.55-1
+	[bullseye] - linux 5.10.197-1
 	NOTE: https://lore.kernel.org/netdev/20230810070830.24064-1-pablo@netfilter.org/
 	NOTE: https://lore.kernel.org/netdev/20230815223011.7019-1-fw@strlen.de/
 	NOTE: https://kernel.dance/3e91b0ebd994635df2346353322ac51ce84ce6d8
@@ -10300,11 +10311,13 @@ CVE-2023-2626 (There exists an authentication bypass vulnerability in OpenThread
 CVE-2023-3773 (A flaw was found in the Linux kernel\u2019s IP framework for transform ...)
 	{DSA-5492-1}
 	- linux 6.4.13-1
+	[bullseye] - linux 5.10.197-1
 	[buster] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://lore.kernel.org/all/20230723074110.3705047-1-linma@zju.edu.cn/T/#u
 CVE-2023-3772 (A flaw was found in the Linux kernel\u2019s IP framework for transform ...)
 	{DSA-5492-1}
 	- linux 6.4.13-1
+	[bullseye] - linux 5.10.197-1
 	NOTE: https://lore.kernel.org/netdev/20230721145103.2714073-1-linma@zju.edu.cn/
 	NOTE: https://www.openwall.com/lists/oss-security/2023/08/10/1
 CVE-2023-37895 (Java object deserialization issue in Jackrabbit webapp/standalone on a ...)
@@ -22223,7 +22236,7 @@ CVE-2023-1990 (A use-after-free flaw was found in ndlc_remove in drivers/nfc/st-
 CVE-2023-1989 (A use-after-free flaw was found in btsdio_remove in drivers\bluetooth\ ...)
 	{DSA-5492-1 DLA-3404-1 DLA-3403-1}
 	- linux 6.3.7-1
-	[bullseye] - linux 5.10.178-1
+	[bullseye] - linux 5.10.197-1
 	NOTE: https://git.kernel.org/linus/1e9ac114c4428fdb7ff4635b45d4f46017e8916f (6.3-rc4)
 CVE-2023-1988 (A vulnerability was found in SourceCodester Online Computer and Laptop ...)
 	NOT-FOR-US: SourceCodester Online Computer and Laptop Store
@@ -63124,6 +63137,7 @@ CVE-2023-20589 (An attacker with specialized hardware and physical access to an
 CVE-2023-20588 (A division-by-zero error on some AMD processors can potentially return ...)
 	{DSA-5492-1 DSA-5480-1}
 	- linux 6.4.13-1
+	[bullseye] - linux 5.10.197-1
 	- xen <unfixed>
 	[bookworm] - xen <postponed> (Minor issue, fix along in future DSA or point release)
 	[bullseye] - xen <postponed> (Minor issue, fix along in future DSA or point release)
diff --git a/data/next-oldstable-point-update.txt b/data/next-oldstable-point-update.txt
index ad0e2596a3..8456a25724 100644
--- a/data/next-oldstable-point-update.txt
+++ b/data/next-oldstable-point-update.txt
@@ -158,36 +158,6 @@ CVE-2023-44469
 	[bullseye] - lemonldap-ng 2.0.11+ds-4+deb11u5
 CVE-2021-38185
 	[bullseye] - cpio 2.13+dfsg-7.1~deb11u1
-CVE-2023-39194
-	[bullseye] - linux 5.10.197-1
-CVE-2023-39193
-	[bullseye] - linux 5.10.197-1
-CVE-2023-39192
-	[bullseye] - linux 5.10.197-1
-CVE-2023-1989
-	[bullseye] - linux 5.10.197-1
-CVE-2023-20588
-	[bullseye] - linux 5.10.197-1
-CVE-2023-3772
-	[bullseye] - linux 5.10.197-1
-CVE-2023-3773
-	[bullseye] - linux 5.10.197-1
-CVE-2023-4244
-	[bullseye] - linux 5.10.197-1
-CVE-2023-42753
-	[bullseye] - linux 5.10.197-1
-CVE-2023-42754
-	[bullseye] - linux 5.10.197-1
-CVE-2023-42755
-	[bullseye] - linux 5.10.197-1
-CVE-2023-42756
-	[bullseye] - linux 5.10.197-1
-CVE-2023-4622
-	[bullseye] - linux 5.10.197-1
-CVE-2023-4623
-	[bullseye] - linux 5.10.197-1
-CVE-2023-4921
-	[bullseye] - linux 5.10.197-1
 CVE-2023-28322
 	[bullseye] - curl 7.74.0-1.3+deb11u9
 CVE-2023-28321