|Category:||Debian Local Security Checks|
|Title:||Debian LTS: Security Advisory for linux-4.19 (DLA-2690-1)|
|Summary:||The remote host is missing an update for the 'linux-4.19'; package(s) announced via the DLA-2690-1 advisory.|
The remote host is missing an update for the 'linux-4.19'
package(s) announced via the DLA-2690-1 advisory.
Several vulnerabilities have been discovered in the Linux kernel that
may lead to the execution of arbitrary code, privilege escalation,
denial of service, or information leaks.
CVE-2020-24586, CVE-2020-24587, CVE-2020-26147
Mathy Vanhoef discovered that many Wi-Fi implementations,
including Linux's mac80211, did not correctly implement reassembly
of fragmented packets. In some circumstances, an attacker within
range of a network could exploit these flaws to forge arbitrary
packets and/or to access sensitive data on that network.
Mathy Vanhoef discovered that most Wi-Fi implementations,
including Linux's mac80211, did not authenticate the 'is
aggregated' packet header flag. An attacker within range of a
network could exploit this to forge arbitrary packets on that
CVE-2020-25670, CVE-2020-25671, CVE-2021-23134
kiyin of TenCent discovered several reference counting bugs
in the NFC LLCP implementation which could lead to use-after-free.
A local user could exploit these for denial of service (crash or
memory corruption) or possibly for privilege escalation.
Nadav Markus and Or Cohen of Palo Alto Networks discovered that
the original fixes for these introduced a new bug that could
result in use-after-free and double-free. This has also been
kiyin of TenCent discovered a memory leak in the NFC LLCP
implementation. A local user could exploit this for denial of
service (memory exhaustion).
Mathy Vanhoef discovered that a bug in some Wi-Fi implementations,
including Linux's mac80211. When operating in AP mode, they would
forward EAPOL frames from one client to another while the sender
was not yet authenticated. An attacker within range of a network
could use this for denial of service or as an aid to exploiting
Researchers at ANSSI discovered vulnerabilities in the Bluetooth
Passkey authentication method, and in Linux's implementation of
it. An attacker within range of two Bluetooth devices while they
pair using Passkey authentication could exploit this to obtain the
shared secret (Passkey) and then impersonate either of the devices
to each other.
Jann Horn of Google reported a flaw in Linux's virtual memory
management. A parent and child process initially share all their
memory, but when either writes to a shared page, the page is
duplicated and unshared (copy-on-write). However, in case an
operation such as vmsplice() required the kernel to take an
additional reference to a shared page, and a copy-on-write occurs
during this operation, the kernel might have accessed the wrong ...
Description truncated. Please see the references for more information.
'linux-4.19' package(s) on Debian Linux.
For Debian 9 stretch, these problems have been fixed in version
deb9u1. This update additionally fixes Debian bug
#986949, #988352, and #989451, and includes many more bug fixes from
stable updates 4.19.182-4.19.194 inclusive.
We recommend that you upgrade your linux-4.19 packages.
Common Vulnerability Exposure (CVE) ID: CVE-2021-0129|
Common Vulnerability Exposure (CVE) ID: CVE-2021-3483
Common Vulnerability Exposure (CVE) ID: CVE-2021-3506
Common Vulnerability Exposure (CVE) ID: CVE-2021-3564
Common Vulnerability Exposure (CVE) ID: CVE-2021-3573
Common Vulnerability Exposure (CVE) ID: CVE-2021-3587
|Copyright||Copyright (C) 2021 Greenbone Networks GmbH|
|This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.