diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2023-05-13 09:26:19 +0200 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2023-05-13 09:26:59 +0200 |
commit | 32d5eeef308f310ee8c2ad6306330f1d65626c8d (patch) | |
tree | c81cc80bd3e92b93610435cfced5fa0a92045071 /dsa-texts | |
parent | 3e5d9bf2a9087e89641de0168213e3ade12ec69f (diff) |
Add initial advisory text template for 5.10.179-1 update
Diffstat (limited to 'dsa-texts')
-rw-r--r-- | dsa-texts/5.10.179-1 | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/dsa-texts/5.10.179-1 b/dsa-texts/5.10.179-1 new file mode 100644 index 00000000..a9a0e894 --- /dev/null +++ b/dsa-texts/5.10.179-1 @@ -0,0 +1,29 @@ +Package : linux +CVE ID : CVE-2023-0386 CVE-2023-31436 CVE-2023-32233 + +Several vulnerabilities have been discovered in the Linux kernel that +may lead to a privilege escalation, denial of service or information +leaks. + +CVE-2023-0386 + + It was discovered that under certain conditions the overlayfs + filesystem implementation did not properly handle copy up + operations. A local user permitted to mount overlay mounts in user + namespaces can take advantage of this flaw for local privilege + escalation. + +CVE-2023-31436 + + Gwangun Jung reported a heap out-of-bounds read/write errors in the + traffic control subsystem for the Quick Fair Queueing scheduler + (QFQ) which may result in information leak, denial of service or + privilege escalation. + +CVE-2023-32233 + + Patryk Sondej and Piotr Krysiuk discovered a use-after-free flaw in + the Netfilter nf_tables implementation when processing batch + requests which may result in local privilege escalation for a user + with the CAP_NET_ADMIN capability in any user namespace. + |