diff options
author | Ben Hutchings <ben@decadent.org.uk> | 2022-03-08 17:56:49 +0100 |
---|---|---|
committer | Ben Hutchings <ben@decadent.org.uk> | 2022-03-08 17:57:02 +0100 |
commit | cd8faf1130a52823e804ac079364b472ea1e3737 (patch) | |
tree | dd09783a938a64987ee33045ca042c014ab93677 /dsa-texts | |
parent | 948638db253086ca5d564e1a519a3bb90a4c98ec (diff) |
Fill in more issue descriptions
Diffstat (limited to 'dsa-texts')
-rw-r--r-- | dsa-texts/4.19.232-1 | 29 | ||||
-rw-r--r-- | dsa-texts/4.9.303-1 | 21 | ||||
-rw-r--r-- | dsa-texts/5.10.103-1 | 4 |
3 files changed, 45 insertions, 9 deletions
diff --git a/dsa-texts/4.19.232-1 b/dsa-texts/4.19.232-1 index 09dde1abd..9a09d5267 100644 --- a/dsa-texts/4.19.232-1 +++ b/dsa-texts/4.19.232-1 @@ -153,7 +153,11 @@ CVE-2021-20322 CVE-2021-22600 - Description + The syzbot tool found a flaw in the packet socket (AF_PACKET) + implementation which could lead to incorrectly freeing memory. A + local user with CAP_NET_RAW capability (in any user namespace) + could exploit this for denial of service (memory corruption or + crash) or possibly for privilege escalation. CVE-2021-28711, CVE-2021-28712, CVE-2021-28713 (XSA-391) @@ -170,7 +174,13 @@ CVE-2021-28714, CVE-2021-28715 (XSA-392) CVE-2021-38300 - Description + Piotr Krysiuk discovered a flaw in the classic BPF (cBPF) JIT + compiler for MIPS architectures. A local user could exploit + this to excute arbitrary code in the kernel. + + This issue is mitigated by setting sysctl + net.core.bpf_jit_enable=0, which is the default. It is *not* + mitigated by disabling unprivileged use of eBPF. CVE-2021-39685 @@ -180,15 +190,24 @@ CVE-2021-39685 CVE-2021-39686 - Description + A race condition was discovered in the Android binder driver, that + could lead to incorrect security checks. On systems where the + binder driver is loaded, a local user could exploit this for + privilege escalation. CVE-2021-39698 - Description + Linus Torvalds reported a flaw in the file polling implementation, + which could lead to a use-after-free. A local user could exploit + this for denial of service (memory corruption or crash) or + possibly for privilege escalation. CVE-2021-39713 - Description + The syzbot tool found a race condition in the network scheduling + subsystem which could lead to a use-after-free. A local user + could exploit this for denial of service (memory corruption or + crash) or possibly for privilege escalation. CVE-2021-41864 diff --git a/dsa-texts/4.9.303-1 b/dsa-texts/4.9.303-1 index d345dbad9..b3654410c 100644 --- a/dsa-texts/4.9.303-1 +++ b/dsa-texts/4.9.303-1 @@ -112,15 +112,30 @@ CVE-2021-39685 CVE-2021-39686 - Description + A race condition was discovered in the Android binder driver, that + could lead to incorrect security checks. On systems where the + binder driver is loaded, a local user could exploit this for + privilege escalation. + + This driver is not enabled in Debian's official kernel + configurations. CVE-2021-39698 - Description + Linus Torvalds reported a flaw in the file polling implementation, + which could lead to a use-after-free. A local user could exploit + this for denial of service (memory corruption or crash) or + possibly for privilege escalation. CVE-2021-39714 - Description + A potential reference count overflow was found in the Android Ion + driver. On systems where the Ion driver is loaded, a local user + could exploit this for denial of service (memory corruption or + crash) or possibly for privilege escalation. + + This driver is not enabled in Debian's official kernel + configurations. CVE-2021-43976 diff --git a/dsa-texts/5.10.103-1 b/dsa-texts/5.10.103-1 index 8992ede99..235524912 100644 --- a/dsa-texts/5.10.103-1 +++ b/dsa-texts/5.10.103-1 @@ -19,7 +19,9 @@ leaks. CVE-2020-36310 - Description + A flaw was discovered in the KVM implementation for AMD processors, + which could lead to an infinite loop. A malicious VM guest could + exploit this to cause a denial of service. CVE-2022-0001 |