|Related CVEs||CVE-2022-2873 CVE-2022-3545 CVE-2022-3623 CVE-2022-4696 CVE-2022-36280 CVE-2022-41218 CVE-2022-45934 CVE-2022-47929 CVE-2023-0179 CVE-2023-0240 CVE-2023-0266 CVE-2023-0394 CVE-2023-23454 CVE-2023-23455 CVE-2023-23586|
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
Zheyu Ma discovered that an out-of-bounds memory access flaw in the Intel iSMT SMBus 2.0 host controller driver may result in denial of service (system crash).
It was discovered that the Netronome Flow Processor (NFP) driver contained a use-after-free flaw in area_cache_get(), which may result in denial of service or the execution of arbitrary code.
A race condition when looking up a CONT-PTE/PMD size hugetlb page may result in denial of service or an information leak.
A use-after-free vulnerability was discovered in the io_uring subsystem.
An out-of-bounds memory write vulnerability was discovered in the vmwgfx driver, which may allow a local unprivileged user to cause a denial of service (system crash).
Hyunwoo Kim reported a use-after-free flaw in the Media DVB core subsystem caused by refcount races, which may allow a local user to cause a denial of service or escalate privileges.
An integer overflow in l2cap_config_req() in the Bluetooth subsystem was discovered, which may allow a physically proximate attacker to cause a denial of service (system crash).
Frederick Lawler reported a NULL pointer dereference in the traffic control subsystem allowing an unprivileged user to cause a denial of service by setting up a specially crafted traffic control configuration.
Davide Ornaghi discovered incorrect arithmetics when fetching VLAN header bits in the netfilter subsystem, allowing a local user to leak stack and heap addresses or potentially local privilege escalation to root.
A flaw was discovered in the io_uring subsystem that could lead to a use-after-free. A local user could exploit this to cause a denial of service (crash or memory corruption) or possibly for privilege escalation.
A use-after-free flaw in the sound subsystem due to missing locking may result in denial of service or privilege escalation.
Kyle Zeng discovered a NULL pointer dereference flaw in rawv6_push_pending_frames() in the network subsystem allowing a local user to cause a denial of service (system crash).
Kyle Zeng reported that the Class Based Queueing (CBQ) network scheduler was prone to denial of service due to interpreting classification results before checking the classification return code.
Kyle Zeng reported that the ATM Virtual Circuits (ATM) network scheduler was prone to a denial of service due to interpreting classification results before checking the classification return code.
A flaw was discovered in the io_uring subsystem that could lead to an information leak. A local user could exploit this to obtain sensitive information from the kernel or other users.
This update also fixes Debian bugs #825141, #1008501, #1027430, and #1027483, and includes many more bug fixes from stable updates 5.10.159-5.10.162 inclusive.
For Debian 9 stretch, these problems have been fixed in version 5.10.162-1~deb9u1.
We recommend that you upgrade your linux-5.10 packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.