diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2022-10-18 23:25:53 +0200 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2022-10-18 23:25:53 +0200 |
commit | 14dc35433e84892c56180711901654664b40b57c (patch) | |
tree | 20d9da472daa5cdd6b0720347c7fb1cd85bd5d20 /dsa-texts | |
parent | 741661716d77deb0ec2abd874d2589b0b40c5585 (diff) |
Sync with used advisory text version
Diffstat (limited to 'dsa-texts')
-rw-r--r-- | dsa-texts/5.10.149-1 | 15 |
1 files changed, 7 insertions, 8 deletions
diff --git a/dsa-texts/5.10.149-1 b/dsa-texts/5.10.149-1 index 9a54df80..ebb991fb 100644 --- a/dsa-texts/5.10.149-1 +++ b/dsa-texts/5.10.149-1 @@ -11,10 +11,10 @@ leaks. CVE-2021-4037 - Christian Brauner reported the inode_init_owner function for the XFS - filesystem the Linux kernel allows local users to create files with - an unintended group ownership allowing attackers to escalate - privileges by making a plain file executable and SGID. + Christian Brauner reported that the inode_init_owner function for + the XFS filesystem in the Linux kernel allows local users to create + files with an unintended group ownership allowing attackers to + escalate privileges by making a plain file executable and SGID. CVE-2022-0171 @@ -30,10 +30,9 @@ CVE-2022-1184 CVE-2022-2602 - It was discovered that a race condition in the handling of - processing io_uring requests on a registered file and the Unix - socket Garbage Collection running may result in a use-after-free, - which may result in local privilege escalation. + A race between handling an io_uring request and the Unix socket + garbage collector was discovered. An attacker can take advantage of + this flaw for local privilege escalation. CVE-2022-2663 |