diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2022-10-18 15:11:17 +0200 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2022-10-18 15:11:17 +0200 |
commit | 68fd5116bba8e6f805d31a205e8ae72e94e48a63 (patch) | |
tree | 1361e98783f23df5891c77cc37c03b97d6ea9495 /dsa-texts | |
parent | a53c2b661cbee330fa9d8b73126989bfd8418f48 (diff) |
Add additional CVE descriptions
Diffstat (limited to 'dsa-texts')
-rw-r--r-- | dsa-texts/5.10.148-1 | 33 |
1 files changed, 25 insertions, 8 deletions
diff --git a/dsa-texts/5.10.148-1 b/dsa-texts/5.10.148-1 index 57f2168c..d00a84d6 100644 --- a/dsa-texts/5.10.148-1 +++ b/dsa-texts/5.10.148-1 @@ -14,6 +14,9 @@ CVE-2021-4037 CVE-2022-0171 + Mingwei Zhang reported that a cache incoherence issue in the SEV API + in the KVM subsystem may result in denial of service. + CVE-2022-1184 A flaw was discovered in the ext4 filesystem driver which can lead @@ -23,6 +26,11 @@ CVE-2022-1184 CVE-2022-20421 + A use-after-free vulnerability was discovered in the + binder_inc_ref_for_node function in the Android binder driver. On + systems where the binder driver is loaded, a local user could + exploit this for privilege escalation. + CVE-2022-2663 David Leadbeater reported flaws in the nf_conntrack_irc @@ -34,10 +42,23 @@ CVE-2022-2663 CVE-2022-3061 + A flaw was discovered in the i740 driver which may result in denial + of service. + + This driver is not enabled in Debian's official kernel + configurations. + CVE-2022-3176 + A use-after-free flaw was discovered in the io_uring subsystem which + may result in local privilege escalation to root. + CVE-2022-3303 + A race condition in the snd_pcm_oss_sync function in the sound + subsystem in the Linux kernel due to improper locking may result in + denial of service. + CVE-2022-39188 Jann Horn reported a race condition in the kernel's handling of @@ -66,12 +87,8 @@ CVE-2022-40307 for privilege escalation. However, this device is normally only accessible by the root user. -CVE-2022-41674 - -CVE-2022-42719 - -CVE-2022-42720 - -CVE-2022-42721 +CVE-2022-41674, CVE-2022-42719, CVE-2022-42720, CVE-2022-42721, CVE-2022-42722 -CVE-2022-42722 + Soenke Huster discovered several vulnerabilities in the mac80211 + subsystem triggered by WLAN frames which may result in denial of + service or the execution or arbitrary code. |