| Description: | Summary:
The remote host is missing an update for the Debian 'linux' package(s) announced via the DSA-5492-1 advisory.
Vulnerability Insight:
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
CVE-2023-1206
It was discovered that the networking stack permits attackers to force hash collisions in the IPv6 connection lookup table, which may result in denial of service (significant increase in the cost of lookups, increased CPU utilization).
CVE-2023-1989
Zheng Wang reported a race condition in the btsdio Bluetooth adapter driver that can lead to a use-after-free. An attacker able to insert and remove SDIO devices can use this to cause a denial of service (crash or memory corruption) or possibly to run arbitrary code in the kernel.
CVE-2023-2430
Xingyuan Mo discovered that the io_uring subsystem did not properly handle locking when the target ring is configured with IOPOLL, which may result in denial of service.
CVE-2023-2898
It was discovered that missing sanitising in the f2fs file system may result in denial of service if a malformed file system is accessed.
CVE-2023-3611
It was discovered that an out-of-bounds write in the traffic control subsystem for the Quick Fair Queueing scheduler (QFQ) may result in denial of service or privilege escalation.
CVE-2023-3772
Lin Ma discovered a NULL pointer dereference flaw in the XFRM subsystem which may result in denial of service.
CVE-2023-3773
Lin Ma discovered a flaw in the XFRM subsystem, which may result in denial of service for a user with the CAP_NET_ADMIN capability in any user or network namespace.
CVE-2023-3776, CVE-2023-4206, CVE-2023-4207, CVE-2023-4208 It was discovered that a use-after-free in the cls_fw, cls_u32 and cls_route network classifiers may result in denial of service or potential local privilege escalation.
CVE-2023-3777
Kevin Rich discovered a use-after-free in Netfilter when flushing table rules, which may result in local privilege escalation for a user with the CAP_NET_ADMIN capability in any user or network namespace.
CVE-2023-3863
It was discovered that a use-after-free in the NFC implementation may result in denial of service, an information leak or potential local privilege escalation.
CVE-2023-4004
It was discovered that a use-after-free in Netfilter's implementation of PIPAPO (PIle PAcket POlicies) may result in denial of service or potential local privilege escalation for a user with the CAP_NET_ADMIN capability in any user or network namespace.
CVE-2023-4015
Kevin Rich discovered a use-after-free in Netfilter when handling bound chain deactivation in certain circumstances, may result in denial of service or potential local privilege escalation for a user with the CAP_NET_ADMIN capability in any user or network namespace.
CVE-2023-4132
A use-after-free in the driver for Siano SMS1xxx based MDTV receivers may result in local denial of service.
CVE-2023-4147
Kevin Rich discovered a use-after-free in Netfilter when ... [Please see the references for more information on the vulnerabilities]
Affected Software/OS:
'linux' package(s) on Debian 12.
Solution:
Please install the updated package(s).
CVSS Score:
6.8
CVSS Vector:
AV:L/AC:L/Au:S/C:C/I:C/A:C
|
