ELA-864-1 linux-5.10 security update

linux kernel update

Version5.10.179-1~deb9u1 (stretch)
Related CVEs CVE-2023-0386 CVE-2023-31436 CVE-2023-32233

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.


It was discovered that under certain conditions the overlayfs
filesystem implementation did not properly handle copy up
operations. A local user permitted to mount overlay mounts in user
namespaces can take advantage of this flaw for local privilege


Gwangun Jung reported a a flaw causing heap out-of-bounds
read/write errors in the traffic control subsystem for the Quick
Fair Queueing scheduler (QFQ) which may result in information
leak, denial of service or privilege escalation.


Patryk Sondej and Piotr Krysiuk discovered a use-after-free flaw
in the Netfilter nf_tables implementation when processing batch
requests, which may result in local privilege escalation for a
user with the CAP_NET_ADMIN capability in any user or network

For Debian 9 stretch, these problems have been fixed in version 5.10.179-1~deb9u1.

We recommend that you upgrade your linux-5.10 packages.

Further information about Extended LTS security advisories can be found in the dedicated section of our website.