Add initial advisory text template for 5.10.179-1 update

author: Salvatore Bonaccorso <carnil@debian.org> 2023-05-13 09:26:19 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2023-05-13 09:26:59 +0200
commit: 32d5eeef308f310ee8c2ad6306330f1d65626c8d (patch)
tree: c81cc80bd3e92b93610435cfced5fa0a92045071 /dsa-texts
parent: 3e5d9bf2a9087e89641de0168213e3ade12ec69f (diff)
1 files changed, 29 insertions, 0 deletions
diff --git a/dsa-texts/5.10.179-1 b/dsa-texts/5.10.179-1
new file mode 100644
index 00000000..a9a0e894
--- /dev/null
+++ b/dsa-texts/5.10.179-1
@@ -0,0 +1,29 @@
+Package        : linux
+CVE ID         : CVE-2023-0386 CVE-2023-31436 CVE-2023-32233
+
+Several vulnerabilities have been discovered in the Linux kernel that
+may lead to a privilege escalation, denial of service or information
+leaks.
+
+CVE-2023-0386
+
+    It was discovered that under certain conditions the overlayfs
+    filesystem implementation did not properly handle copy up
+    operations. A local user permitted to mount overlay mounts in user
+    namespaces can take advantage of this flaw for local privilege
+    escalation.
+
+CVE-2023-31436
+
+    Gwangun Jung reported a heap out-of-bounds read/write errors in the
+    traffic control subsystem for the Quick Fair Queueing scheduler
+    (QFQ) which may result in information leak, denial of service or
+    privilege escalation.
+
+CVE-2023-32233
+
+    Patryk Sondej and Piotr Krysiuk discovered a use-after-free flaw in
+    the Netfilter nf_tables implementation when processing batch
+    requests which may result in local privilege escalation for a user
+    with the CAP_NET_ADMIN capability in any user namespace.
+
author	Salvatore Bonaccorso <carnil@debian.org>	2023-05-13 09:26:19 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2023-05-13 09:26:59 +0200
commit	32d5eeef308f310ee8c2ad6306330f1d65626c8d (patch)
tree	c81cc80bd3e92b93610435cfced5fa0a92045071 /dsa-texts
parent	3e5d9bf2a9087e89641de0168213e3ade12ec69f (diff)