Das Debian Kernel Team informiert über Sicherheitsupdates im Linux Kernel für Debian Bookworm und Debian Bullseye. Laut DSA-5593-1 wurden 8 Lücken im Kernel 6.1.69-1 von Debian Bookworm geschlossen. Für Debian Bullseye notiert das DSA 5594-1 18 Lücken im Kernel, die mit Version 5.10.205-2 geschlossen wurden.
Linux Kernel Security DSA-5593-1 Release Notes
For the stable distribution (bookworm), these problems have been fixed in version 6.1.69-1.
CVE-2023-6531
Jann Horn discovered a use-after-free flaw due to a race condition problem when the unix garbage collector’s deletion of a SKB races with unix_stream_read_generic() on the socket that the SKB is queued on.
CVE-2023-6622
Xingyuan Mo discovered a flaw in the netfilter subsystem which may result in denial of service or privilege escalation for a user with the CAP_NET_ADMIN capability in any user or network namespace.
CVE-2023-6817
Xingyuan Mo discovered that a use-after-free in Netfilter’s implementation of PIPAPO (PIle PAcket POlicies) may result in denial of service or potential local privilege escalation for a user with the CAP_NET_ADMIN capability in any user or network namespace.
CVE-2023-6931
Budimir Markovic reported a heap out-of-bounds write vulnerability in the Linux kernel’s Performance Events system which may result in denial of service or privilege escalation.
CVE-2023-51779
It was discovered that a race condition in the Bluetooth subsystem in the bt_sock_ioctl handling may lead to a use-after-free.
CVE-2023-51780
It was discovered that a race condition in the ATM (Asynchronous Transfer Mode) subsystem may lead to a use-after-free.
CVE-2023-51781
It was discovered that a race condition in the Appletalk subsystem may lead to a use-after-free.
CVE-2023-51782
It was discovered that a race condition in the Amateur Radio X.25 PLP (Rose) support may lead to a use-after-free.
Linux Kernel Security DSA-5594-1 Release Notes
For the oldstable distribution (bullseye), these problems have been fixed in version 5.10.205-2.
CVE-2021-44879
Wenqing Liu reported a NULL pointer dereference in the f2fs implementation. An attacker able to mount a specially crafted image can take advantage of this flaw for denial of service.
CVE-2023-5178
Alon Zahavi reported a use-after-free flaw in the NVMe-oF/TCP subsystem in the queue initialization setup, which may result in denial of service or privilege escalation.
CVE-2023-5197
Kevin Rich discovered a use-after-free flaw in the netfilter subsystem which may result in denial of service or privilege escalation for a user with the CAP_NET_ADMIN capability in any user or network namespace.
CVE-2023-5717
Budimir Markovic reported a heap out-of-bounds write vulnerability in the Linux kernel’s Performance Events system caused by improper handling of event groups, which may result in denial of service or privilege escalation. The default settings in Debian prevent exploitation unless more permissive settings have been applied in the kernel.perf_event_paranoid sysctl.
CVE-2023-6121
Alon Zahavi reported an out-of-bounds read vulnerability in the NVMe-oF/TCP which may result in an information leak.
CVE-2023-6531
Jann Horn discovered a use-after-free flaw due to a race condition when the unix garbage collector’s deletion of a SKB races with unix_stream_read_generic() on the socket that the SKB is queued on.
CVE-2023-6817
Xingyuan Mo discovered that a use-after-free in Netfilter’s implementation of PIPAPO (PIle PAcket POlicies) may result in denial of service or potential local privilege escalation for a user with the CAP_NET_ADMIN capability in any user or network namespace.
CVE-2023-6931
Budimir Markovic reported a heap out-of-bounds write vulnerability in the Linux kernel’s Performance Events system which may result in denial of service or privilege escalation. The default settings in Debian prevent exploitation unless more permissive settings have been applied in the kernel.perf_event_paranoid sysctl.
CVE-2023-6932
A use-after-free vulnerability in the IPv4 IGMP implementation may result in denial of service or privilege escalation.
CVE-2023-25775
Ivan D Barrera, Christopher Bednarz, Mustafa Ismail and Shiraz Saleem discovered that improper access control in the Intel Ethernet Controller RDMA driver may result in privilege escalation.
CVE-2023-34324
Marek Marczykowski-Gorecki reported a possible deadlock in the Xen guests event channel code which may allow a malicious guest administrator to cause a denial of service.
CVE-2023-35827
Zheng Wang reported a use-after-free flaw in the Renesas Ethernet AVB support driver.
CVE-2023-45863
A race condition in library routines for handling generic kernel objects may result in an out-of-bounds write in the fill_kobj_path() function.
CVE-2023-46813
Tom Dohrmann reported that a race condition in the Secure Encrypted Virtualization (SEV) implementation when accessing MMIO registers may allow a local attacker in a SEV guest VM to cause a denial of service or potentially execute arbitrary code.
CVE-2023-46862
It was discovered that a race condition in the io_uring subsystem may result in a NULL pointer dereference, causing a denial of service.
CVE-2023-51780
It was discovered that a race condition in the ATM (Asynchronous Transfer Mode) subsystem may lead to a use-after-free.
CVE-2023-51781
It was discovered that a race condition in the Appletalk subsystem may lead to a use-after-free.
CVE-2023-51782
It was discovered that a race condition in the Amateur Radio X.25 PLP (Rose) support may lead to a use-after-free. This module is not auto-loaded on Debian systems, so this issue only affects systems where it is explicitly loaded.
Interessiert in verschiedenste IT Themen, schreibe ich in diesem Blog über Software, Hardware, Smart Home, Games und vieles mehr. Ich berichte z.B. über die Installation und Konfiguration von Software als auch von Problemen mit dieser. News sind ebenso spannend, sodass ich auch über Updates, Releases und Neuigkeiten aus der IT berichte. Letztendlich nutze ich Taste-of-IT als eigene Dokumentation und Anlaufstelle bei wiederkehrenden Themen. Ich hoffe ich kann dich ebenso informieren und bei Problemen eine schnelle Lösung anbieten. Wer meinen Aufwand unterstützen möchte, kann gerne eine Tasse oder Pod Kaffe per PayPal spenden – vielen Dank.