blob: a0fe54750b419d4c6927c6003441bad81c7e3be0 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
|
# Geneate with
# bin/gen-DSA --save linux CVE-2022-39189 CVE-2022-4269 CVE-2023-1206 CVE-2023-20588 CVE-2023-2124 CVE-2023-2898 CVE-2023-3212 CVE-2023-34319 CVE-2023-3609 CVE-2023-3611 CVE-2023-3776 CVE-2023-3863 CVE-2023-4004 CVE-2023-40283 CVE-2023-4128 CVE-2023-4132 CVE-2023-4147 CVE-2023-4194 CVE-2023-4273 CVE-2023-1380 CVE-2023-2002 CVE-2023-2007 CVE-2023-21255 CVE-2023-21400 CVE-2023-2269 CVE-2023-3090 CVE-2023-31084 CVE-2023-3111 CVE-2023-3141 CVE-2023-3268 CVE-2023-3338 CVE-2023-3389 CVE-2023-34256 CVE-2023-35788 CVE-2023-35823 CVE-2023-35824 CVE-2023-35828 CVE-2023-35829
Package : linux
CVE ID : CVE-2022-4269 CVE-2022-39189 CVE-2023-1206 CVE-2023-1380
CVE-2023-2002 CVE-2023-2007 CVE-2023-2124 CVE-2023-2269
CVE-2023-2898 CVE-2023-3090 CVE-2023-3111 CVE-2023-3141
CVE-2023-3212 CVE-2023-3268 CVE-2023-3338 CVE-2023-3389
CVE-2023-3609 CVE-2023-3611 CVE-2023-3776 CVE-2023-3863
CVE-2023-4004 CVE-2023-4128 CVE-2023-4132 CVE-2023-4147
CVE-2023-4194 CVE-2023-4273 CVE-2023-20588 CVE-2023-21255
CVE-2023-21400 CVE-2023-31084 CVE-2023-34319 CVE-2023-35788
CVE-2023-40283
Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation, denial of service or information
leaks.
CVE-2022-4269
Description
CVE-2022-39189
Description
CVE-2023-1206
Description
CVE-2023-1380
Description
CVE-2023-2002
Description
CVE-2023-2007
Description
CVE-2023-2124
Description
CVE-2023-2269
Description
CVE-2023-2898
Description
CVE-2023-3090
Description
CVE-2023-3111
Description
CVE-2023-3141
Description
CVE-2023-3212
Description
CVE-2023-3268
Description
CVE-2023-3338
Description
CVE-2023-3389
Description
CVE-2023-3609
Description
CVE-2023-3611
Description
CVE-2023-3776
Description
CVE-2023-3863
Description
CVE-2023-4004
Description
CVE-2023-4128
Description
CVE-2023-4132
Description
CVE-2023-4147
Kevin Rich discovered a use-after-free in Netfilter when adding
a rule with NFTA_RULE_CHAIN_ID, which may result in local privilege
escalation for a user with the CAP_NET_ADMIN capability in any user
or network namespace.
CVE-2023-4194
A type confusion in the implementation of TUN/TAP network devices may
allow a local user to bypass network filters.
CVE-2023-4273
Maxim Suhanov discovered a stack overflow in the exFAT driver, which may
result in local denial of service via a malformed file system.
CVE-2023-20588
Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Koepf and Oleksii Oleksenko
discovered that on some AMD CPUs with the Zen1 micro architecture an integer
division by zero may leave stale quotient data from a previous division, resulting
in a potential leak of sensitive data.
CVE-2023-21255
A use-after-free was discovered in the in the Android binder driver, which
may result in local privilege escalation on systems where the binder driver
is loaded.
CVE-2023-21400
Ye Zhang and Nicolas Wu discovered a double-free in the io_uring subsystem,
which way result in denial of service or privilege escalation.
CVE-2023-31084
It was discovered that the DVB Core driver does not properly handle
locking of certain events, allowing a local user to cause a denial
of service.
CVE-2023-34319
Ross Lagerwall discovered a buffer overrun in Xen's netback driver
which may allow a Xen guest to cause denial of service to the
virtualisation host my sending malformed packets.
CVE-2023-35788
Hangyu Hua that an off-by-onein the Flower traffic classifier
may result in local of service or the execution of privilege
escalation.
CVE-2023-40283
A use-after-free was discovered in Bluetooth L2CAP socket handling.
For the oldstable distribution (bullseye), these problems have been fixed
in version 5.10.191-1.
|
