what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Debian Security Advisory 5257-1

Debian Security Advisory 5257-1
Posted Oct 18, 2022
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5257-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2021-4037, CVE-2022-0171, CVE-2022-1184, CVE-2022-20421, CVE-2022-2602, CVE-2022-2663, CVE-2022-3061, CVE-2022-3176, CVE-2022-3303, CVE-2022-39188, CVE-2022-39842, CVE-2022-40307, CVE-2022-41674, CVE-2022-42719
SHA-256 | 385b8e712c28212598cf6de49f53f7eb2478d700f61c475c37b978c92ef570db

Debian Security Advisory 5257-1

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5257-1 security@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
October 18, 2022 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : linux
CVE ID : CVE-2021-4037 CVE-2022-0171 CVE-2022-1184 CVE-2022-2602
CVE-2022-2663 CVE-2022-3061 CVE-2022-3176 CVE-2022-3303
CVE-2022-20421 CVE-2022-39188 CVE-2022-39842 CVE-2022-40307
CVE-2022-41674 CVE-2022-42719 CVE-2022-42720 CVE-2022-42721
CVE-2022-42722

Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation, denial of service or information
leaks.

CVE-2021-4037

Christian Brauner reported that the inode_init_owner function for
the XFS filesystem in the Linux kernel allows local users to create
files with an unintended group ownership allowing attackers to
escalate privileges by making a plain file executable and SGID.

CVE-2022-0171

Mingwei Zhang reported that a cache incoherence issue in the SEV API
in the KVM subsystem may result in denial of service.

CVE-2022-1184

A flaw was discovered in the ext4 filesystem driver which can lead
to a use-after-free. A local user permitted to mount arbitrary
filesystems could exploit this to cause a denial of service (crash
or memory corruption) or possibly for privilege escalation.

CVE-2022-2602

A race between handling an io_uring request and the Unix socket
garbage collector was discovered. An attacker can take advantage of
this flaw for local privilege escalation.

CVE-2022-2663

David Leadbeater reported flaws in the nf_conntrack_irc
connection-tracking protocol module. When this module is enabled
on a firewall, an external user on the same IRC network as an
internal user could exploit its lax parsing to open arbitrary TCP
ports in the firewall, to reveal their public IP address, or to
block their IRC connection at the firewall.

CVE-2022-3061

A flaw was discovered in the i740 driver which may result in denial
of service.

This driver is not enabled in Debian's official kernel
configurations.

CVE-2022-3176

A use-after-free flaw was discovered in the io_uring subsystem which
may result in local privilege escalation to root.

CVE-2022-3303

A race condition in the snd_pcm_oss_sync function in the sound
subsystem in the Linux kernel due to improper locking may result in
denial of service.

CVE-2022-20421

A use-after-free vulnerability was discovered in the
binder_inc_ref_for_node function in the Android binder driver. On
systems where the binder driver is loaded, a local user could
exploit this for privilege escalation.

CVE-2022-39188

Jann Horn reported a race condition in the kernel's handling of
unmapping of certain memory ranges. When a driver created a
memory mapping with the VM_PFNMAP flag, which many GPU drivers do,
the memory mapping could be removed and freed before it was
flushed from the CPU TLBs. This could result in a page use-after-
free. A local user with access to such a device could exploit
this to cause a denial of service (crash or memory corruption) or
possibly for privilege escalation.

CVE-2022-39842

An integer overflow was discovered in the pxa3xx-gcu video driver
which could lead to a heap out-of-bounds write.

This driver is not enabled in Debian's official kernel
configurations.

CVE-2022-40307

A race condition was discovered in the EFI capsule-loader driver,
which could lead to use-after-free. A local user permitted to
access this device (/dev/efi_capsule_loader) could exploit this to
cause a denial of service (crash or memory corruption) or possibly
for privilege escalation. However, this device is normally only
accessible by the root user.

CVE-2022-41674, CVE-2022-42719, CVE-2022-42720, CVE-2022-42721, CVE-2022-42722

Soenke Huster discovered several vulnerabilities in the mac80211
subsystem triggered by WLAN frames which may result in denial of
service or the execution or arbitrary code.

For the stable distribution (bullseye), these problems have been fixed in
version 5.10.149-1.

We recommend that you upgrade your linux packages.

For the detailed security status of linux please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/linux

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmNPFS5fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0Q8oBAAh2sxVENkXNYsl1xX4jU6yCJ/vLuG8HklJE+cChdxFSwjrz5fE9Y36viE
4M08WedXuAuSRKT9pCvPvvv+YNdjUaTIMHHLxCbWmWPfPboz6GRqk0RFEKABZe1t
M5W9CqEYgp9LRTPyOYFoOpMSnWQ1a3XyhLHSl2hUX9bw1GC5ovCKpUNoZ+FE0v90
v9uqM+8zdXmxe1tbAmjndCYzOoT9vaqqlU5OAaWQpqozRsa8Rv6/XiJ6mMVk8DUU
QFLoGVqoIeWRc6CYSzzNeAVOX8v4vScILk/FW1HW/WfhrqCFBwEORo4jz/2o49HN
4h/HxGlWtj/yiCUvRMR6RkQGJJOEr9vQa8Boe9z5rLzCQAPDZplp9iSu1/sdSqtV
C1wJNaTfB8di1vwEUAra/bHTty7rUwc0rPBTmKFxwnPW0IOyX4Nsb4lSsbSRtnHm
+80T8+WFWT0CMKpwOkP4GzwlZ9h7MeAKHwZpyyHc+84IS4RKl0SDkaHY/aOQ9pYB
vrl2CV+hSxw/YzpeF9w56LQ6YWzO27NmUid0nw+YFcSc0D35hvsFo+AsQ4Kkdc4p
94SkSq7zuhtdZDh1D5ZtBDfryxG2xWzgAEKcCyNTHW19iZO50K+YHzLbWzom9J6h
hI8jM/zBEGvZD8EdM3Vc710+QF6Yie1zOLNDRxNj0Zfu+0k1uXo=gJNm
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close