diff options
| author | Salvatore Bonaccorso <carnil@debian.org> | 2023-12-07 23:01:47 +0100 |
|---|---|---|
| committer | Salvatore Bonaccorso <carnil@debian.org> | 2023-12-07 23:04:33 +0100 |
| commit | cbd596b94dd3b1b9abc6b1ba93e2c9de2854c378 (patch) | |
| tree | 6c807240460575492384fcfee8a22de475785996 | |
| parent | 672324041829600110e573fb8ea40b45ed47a76d (diff) | |
Merge linux changes for bookworm 12.3
| -rw-r--r-- | data/CVE/list | 12 | ||||
| -rw-r--r-- | data/next-point-update.txt | 24 |
2 files changed, 12 insertions, 24 deletions
diff --git a/data/CVE/list b/data/CVE/list index e5d83892cb..1d748f3dc5 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -3170,6 +3170,7 @@ CVE-2023-6174 (SSH dissector crash in Wireshark 4.0.0 to 4.0.10 allows denial of NOTE: https://gitlab.com/wireshark/wireshark/-/issues/19369 CVE-2023-6121 (An out-of-bounds read vulnerability was found in the NVMe-oF/TCP subsy ...) - linux <unfixed> + [bookworm] - linux 6.1.64-1 NOTE: https://lore.kernel.org/linux-nvme/b58a2dc6-cc8f-4d19-9efe-e1d5b4505efc@nvidia.com/T/ NOTE: https://lore.kernel.org/linux-nvme/CAK5usQvxAyC3LJ4OnqerS1P0JpbfFr9uRZmq6Jb4QhaB7AQCoQ@mail.gmail.com/T/ NOTE: https://git.kernel.org/linus/1c22e0295a5eb571c27b53c7371f95699ef705ff (6.7-rc3) @@ -3754,6 +3755,7 @@ CVE-2023-6124 (Server-Side Request Forgery (SSRF) in GitHub repository salesagil NOT-FOR-US: suitecrm CVE-2023-6111 (A use-after-free vulnerability in the Linux kernel's netfilter: nf_tab ...) - linux 6.5.13-1 + [bookworm] - linux 6.1.64-1 [bullseye] - linux <not-affected> (Vulnerable code not present) [buster] - linux <not-affected> (Vulnerable code not present) NOTE: https://git.kernel.org/linus/93995bf4af2c5a99e2a87f0cd5ce547d31eb7630 (6.7-rc1) @@ -6342,6 +6344,7 @@ CVE-2023-5836 (A vulnerability was found in SourceCodester Task Reminder System NOT-FOR-US: SourceCodester Task Reminder System CVE-2023-46862 (An issue was discovered in the Linux kernel through 6.5.9. During a ra ...) - linux 6.5.10-1 + [bookworm] - linux 6.1.64-1 [buster] - linux <not-affected> (Vulnerable code not present) NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=218032#c4 NOTE: https://git.kernel.org/linus/7644b1a1c9a7ae8ab99175989bfc8676055edb46 @@ -6628,6 +6631,7 @@ CVE-2023-33558 (An information disclosure vulnerability in the component users-g NOT-FOR-US: OcoMon CVE-2023-46813 (An issue was discovered in the Linux kernel before 6.5.9, exploitable ...) - linux 6.5.10-1 + [bookworm] - linux 6.1.64-1 NOTE: https://git.kernel.org/linus/63e44bc52047f182601e7817da969a105aa1f721 (6.6-rc7) NOTE: https://git.kernel.org/linus/b9cb9c45583b911e0db71d09caa6b56469eb2bdf (6.6-rc7) NOTE: https://git.kernel.org/linus/a37cd2a59d0cb270b1bba568fd3a3b8668b9d3ba (6.6-rc7) @@ -6821,6 +6825,7 @@ CVE-2023-45872 NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2246067 CVE-2023-5717 (A heap out-of-bounds write vulnerability in the Linux kernel's Linux K ...) - linux 6.5.10-1 + [bookworm] - linux 6.1.64-1 NOTE: https://git.kernel.org/linus/32671e3799ca2e4590773fd0e63aaa4229e50c06 (6.6-rc7) CVE-2023-5678 (Issue summary: Generating excessively long X9.42 DH keys or checking e ...) - openssl 3.0.12-2 (bug #1055473) @@ -7659,6 +7664,7 @@ CVE-2023-46846 (SQUID is vulnerable to HTTP request smuggling, caused by chunked NOTE: https://github.com/squid-cache/squid/security/advisories/GHSA-j83v-w3p4-5cqh CVE-2023-5178 (A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` ...) - linux 6.5.8-1 + [bookworm] - linux 6.1.64-1 NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2241924 NOTE: https://git.kernel.org/linus/d920abd1e7c4884f9ecd0749d1921b7ab19ddfbd NOTE: https://www.openwall.com/lists/oss-security/2023/10/15/1 @@ -7918,6 +7924,7 @@ CVE-2023-34044 (VMware Workstation( 17.x prior to 17.5) and Fusion(13.x prior to NOT-FOR-US: VMware CVE-2023-5090 (A flaw was found in KVM. An improper check in svm_set_x2apic_msr_inter ...) - linux 6.5.8-1 + [bookworm] - linux 6.1.64-1 [bullseye] - linux <not-affected> (Vulnerable code not present) [buster] - linux <not-affected> (Vulnerable code not present) NOTE: https://git.kernel.org/linus/b65235f6e102354ccafda601eaa1c5bef5284d21 @@ -10156,6 +10163,7 @@ CVE-2023-44487 (The HTTP/2 protocol allows a denial of service (server resource NOTE: - lighttpd: https://www.openwall.com/lists/oss-security/2023/10/13/9 CVE-2023-34324 [linux/xen: Possible deadlock in Linux kernel event handling] - linux 6.5.8-1 + [bookworm] - linux 6.1.64-1 NOTE: https://xenbits.xen.org/xsa/advisory-441.html NOTE: https://git.kernel.org/linus/87797fad6cce28ec9be3c13f031776ff4f104cfc (6.6-rc6) CVE-2023-46836 [x86: BTC/SRSO fixes not fully effective] @@ -11201,6 +11209,7 @@ CVE-2023-5346 (Type confusion in V8 in Google Chrome prior to 117.0.5938.149 all [buster] - chromium <end-of-life> (see DSA 5046) CVE-2023-5345 (A use-after-free vulnerability in the Linux kernel's fs/smb/client com ...) - linux 6.5.6-1 + [bookworm] - linux 6.1.64-1 [bullseye] - linux <not-affected> (Vulnerable code not present) [buster] - linux <not-affected> (Vulnerable code not present) NOTE: https://git.kernel.org/linus/e6e43b8aa7cd3c3af686caf0c2e11819a886d705 @@ -12480,6 +12489,7 @@ CVE-2023-43040 [Improperly verified POST keys] NOTE: Fixed by: https://github.com/ceph/ceph/commit/100d81aa060f061271499f1fa28dbdc06de443fd (main) CVE-2023-5197 (A use-after-free vulnerability in the Linux kernel's netfilter: nf_tab ...) - linux 6.5.6-1 + [bookworm] - linux 6.1.64-1 [buster] - linux <not-affected> (Vulnerable code not present) NOTE: https://git.kernel.org/linus/f15f29fd4779be8a418b66e9d52979bb6d6c2325 (6.6-rc3) NOTE: https://kernel.dance/f15f29fd4779be8a418b66e9d52979bb6d6c2325 @@ -12687,6 +12697,7 @@ CVE-2023-5165 (Docker Desktop before 4.23.0 allows an unprivileged user to bypas NOT-FOR-US: Docker Desktop CVE-2023-5158 (A flaw was found in vringh_kiov_advance in drivers/vhost/vringh.c in t ...) - linux 6.5.8-1 + [bookworm] - linux 6.1.64-1 [bullseye] - linux <not-affected> (Vulnerable code not present) [buster] - linux <not-affected> (Vulnerable code not present) NOTE: https://lore.kernel.org/virtualization/20230925103057.104541-1-sgarzare@redhat.com/T/#u @@ -25773,6 +25784,7 @@ CVE-2023-35828 (An issue was discovered in the Linux kernel before 6.3.2. A use- NOTE: Only "exploitable" by removing the module which needs root privileges CVE-2023-35827 (An issue was discovered in the Linux kernel through 6.3.8. A use-after ...) - linux 6.5.8-1 + [bookworm] - linux 6.1.64-1 NOTE: https://lore.kernel.org/lkml/cca0b40b-d6f8-54c7-1e46-83cb62d0a2f1%40huawei.com/T/ CVE-2023-35826 (An issue was discovered in the Linux kernel before 6.3.2. A use-after- ...) - linux 6.3.7-1 (unimportant) diff --git a/data/next-point-update.txt b/data/next-point-update.txt index 271dc8fa77..b2b2250114 100644 --- a/data/next-point-update.txt +++ b/data/next-point-update.txt @@ -79,30 +79,6 @@ CVE-2023-30577 [bookworm] - amanda 1:3.5.1-11+deb12u1 CVE-2023-42467 [bookworm] - qemu 1:7.2+dfsg-7+deb12u3 -CVE-2023-34324 - [bookworm] - linux 6.1.64-1 -CVE-2023-35827 - [bookworm] - linux 6.1.64-1 -CVE-2023-46813 - [bookworm] - linux 6.1.64-1 -CVE-2023-46862 - [bookworm] - linux 6.1.64-1 -CVE-2023-5090 - [bookworm] - linux 6.1.64-1 -CVE-2023-5158 - [bookworm] - linux 6.1.64-1 -CVE-2023-5178 - [bookworm] - linux 6.1.64-1 -CVE-2023-5197 - [bookworm] - linux 6.1.64-1 -CVE-2023-5345 - [bookworm] - linux 6.1.64-1 -CVE-2023-5717 - [bookworm] - linux 6.1.64-1 -CVE-2023-6111 - [bookworm] - linux 6.1.64-1 -CVE-2023-6121 - [bookworm] - linux 6.1.64-1 CVE-2023-3153 [bookworm] - ovn 23.03.1-1~deb12u1 CVE-2023-43040 |