-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5324-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso January 23, 2023 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : linux CVE ID : CVE-2022-2873 CVE-2022-3545 CVE-2022-3623 CVE-2022-4696 CVE-2022-36280 CVE-2022-41218 CVE-2022-45934 CVE-2022-47929 CVE-2023-0179 CVE-2023-0266 CVE-2023-0394 CVE-2023-23454 CVE-2023-23455 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2022-2873 Zheyu Ma discovered that an out-of-bounds memory access flaw in the Intel iSMT SMBus 2.0 host controller driver may result in denial of service (system crash). CVE-2022-3545 It was discovered that the Netronome Flow Processor (NFP) driver contained a use-after-free flaw in area_cache_get(), which may result in denial of service or the execution of arbitrary code. CVE-2022-3623 A race condition when looking up a CONT-PTE/PMD size hugetlb page may result in denial of service or an information leak. CVE-2022-4696 A use-after-free vulnerability was discovered in the io_uring subsystem. CVE-2022-36280 An out-of-bounds memory write vulnerability was discovered in the vmwgfx driver, which may allow a local unprivileged user to cause a denial of service (system crash). CVE-2022-41218 Hyunwoo Kim reported a use-after-free flaw in the Media DVB core subsystem caused by refcount races, which may allow a local user to cause a denial of service or escalate privileges. CVE-2022-45934 An integer overflow in l2cap_config_req() in the Bluetooth subsystem was discovered, which may allow a physically proximate attacker to cause a denial of service (system crash). CVE-2022-47929 Frederick Lawler reported a NULL pointer dereference in the traffic control subsystem allowing an unprivileged user to cause a denial of service by setting up a specially crafted traffic control configuration. CVE-2023-0179 Davide Ornaghi discovered incorrect arithmetics when fetching VLAN header bits in the netfilter subsystem, allowing a local user to leak stack and heap addresses or potentially local privilege escalation to root. CVE-2023-0266 A use-after-free flaw in the sound subsystem due to missing locking may result in denial of service or privilege escalation. CVE-2023-0394 Kyle Zeng discovered a NULL pointer dereference flaw in rawv6_push_pending_frames() in the network subsystem allowing a local user to cause a denial of service (system crash). CVE-2023-23454 Kyle Zeng reported that the Class Based Queueing (CBQ) network scheduler was prone to denial of service due to interpreting classification results before checking the classification return code. CVE-2023-23455 Kyle Zeng reported that the ATM Virtual Circuits (ATM) network scheduler was prone to a denial of service due to interpreting classification results before checking the classification return code. For the stable distribution (bullseye), these problems have been fixed in version 5.10.162-1. We recommend that you upgrade your linux packages. For the detailed security status of linux please refer to its security tracker page at: https://security-tracker.debian.org/tracker/linux Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmPO6CtfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0Ra0w//fLN39l/vLOzDs++lrDvYDVGpTFS/D3CfMq6ucxI36BEoxPXk5aKyH/la red6SnuLf7lI+4CcH3vvLpo1vHreqOXRXoE/u1JdWij9vvLHyHjJKLgCkn43UlLN ukdEnmls3DCJr42apdHhV7nyjLXfBzocgOfq8+oOUHS2/K2SPYc1dqtn96Dsmogu nH/Mcorr9kHX1wjWtCPQCCSsjo3+xxRzc1WDpbdqolox979s7hFSIqZ65T74w/mV KksIg/4CJHNlwo/piiwH6/Gi419v6Tj4HPUPcJpFEJou6adnnXqrBX+aNE9WvHEe Y/Fmj2DSxBvCJ+MKzCVWNf94lfjxcb4mE8VlUxUTa6BR0BGC7/iKDz0HglYPnbue zdNMEUcsgw3pxLB9sorFmcPbKOgzquwp2WLGCPxw04UMDmK5bBTZ/zKVa1b639C9 BGeOmDCfg9+b33Er9pKvvuky/C3divGbZ3TnWKcztVPR33Y2e2E1WtvvbLtayFsO 0ezn8r7vNCu+3hBTT09wXJQzil7o1zyfb9MwtzgSuxksLoFbm/B21rw1KEzTgyCC FiQDJF2OQNmzKJokNgsmpIknx75/x1WG1UQbMeO15tZW8zSjItrDtiydw8Uyrs+8 BU0Ta3tiqtyOrlc22k+K2yDWrg16pRw9ik3iNokYgM7z/RcHwv4=7Ixp -----END PGP SIGNATURE-----