From 55ce26336dd0361ea43940f08e29338b12b8d443 Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Tue, 2 Jan 2024 11:05:26 +0100 Subject: Add additional CVE descriptions --- dsa-texts/5.10.205-1 | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) (limited to 'dsa-texts') diff --git a/dsa-texts/5.10.205-1 b/dsa-texts/5.10.205-1 index d5a07765..02e49bd4 100644 --- a/dsa-texts/5.10.205-1 +++ b/dsa-texts/5.10.205-1 @@ -31,12 +31,46 @@ CVE-2023-6931 denial of service or privilege escalation. CVE-2023-6932 + + A use-after-free vulnerability in the IPv4 IGMP implementation may + result in denial of service or privilege escalation. + CVE-2023-25775 + + Ivan D Barrera, Christopher Bednarz, Mustafa Ismail and Shiraz + Saleem discovered that improper access control in the Intel Ethernet + Controller RDMA driver may result in privilege escalation. + CVE-2023-34324 + + Marek Marczykowski-Gorecki reported a possible deadlock in the Xen + guests event channel code which may allow a malicious guest + administrator to cause a denial of service. + CVE-2023-35827 + + Zheng Wang reported a use-after-free flaw in the Renesas Ethernet + AVB support driver. + CVE-2023-45863 + + A race condition in library routines for handling generic kernel + objects may result in an out-of-bounds write in the + fill_kobj_path() function. + CVE-2023-46813 + + Tom Dohrmann reported that a race condition in the Secure Encrypted + Virtualization (SEV) implementation when accessing MMIO registers + may allow a local attacker in a SEV guest VM to cause a denial of + service or potentially execute arbitrary code. + CVE-2023-46862 + + It was discovered that a race condition in the io_uring + subsystem may result in a NULL pointer dereference, causing a + denial of service. + CVE-2023-51780 It was discovered that a race condition in the ATM (Asynchronous -- cgit v1.2.3