Debian Security Advisory DSA-5593-1 security@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
January 01, 2024 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : linux
CVE ID : CVE-2023-6531 CVE-2023-6622 CVE-2023-6817 CVE-2023-6931
CVE-2023-51779 CVE-2023-51780 CVE-2023-51781 CVE-2023-51782
Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation, denial of service or information
leaks.
CVE-2023-6531
Jann Horn discovered a use-after-free flaw due to a race condition
problem when the unix garbage collector's deletion of a SKB races
with unix_stream_read_generic() on the socket that the SKB is
queued on.
CVE-2023-6622
Xingyuan Mo discovered a flaw in the netfilter subsystem which may
result in denial of service or privilege escalation for a user with
the CAP_NET_ADMIN capability in any user or network namespace.
CVE-2023-6817
Xingyuan Mo discovered that a use-after-free in Netfilter's
implementation of PIPAPO (PIle PAcket POlicies) may result in denial
of service or potential local privilege escalation for a user with
the CAP_NET_ADMIN capability in any user or network namespace.
CVE-2023-6931
Budimir Markovic reported a heap out-of-bounds write vulnerability
in the Linux kernel's Performance Events system which may result in
denial of service or privilege escalation.
CVE-2023-51779
It was discovered that a race condition in the Bluetooth subsystem
in the bt_sock_ioctl handling may lead to a use-after-free.
CVE-2023-51780
It was discovered that a race condition in the ATM (Asynchronous
Transfer Mode) subsystem may lead to a use-after-free.
CVE-2023-51781
It was discovered that a race condition in the Appletalk subsystem
may lead to a use-after-free.
CVE-2023-51782
It was discovered that a race condition in the Amateur Radio X.25
PLP (Rose) support may lead to a use-after-free.
For the stable distribution (bookworm), these problems have been fixed in
version 6.1.69-1.
We recommend that you upgrade your linux packages.
For the detailed security status of linux please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/linux
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230
Linux Security Update ( Bookworm )
-
- df -h | participant
- Posts: 342
- Joined: 2021-08-06 12:45
- Has thanked: 34 times
- Been thanked: 31 times
Linux Security Update ( Bookworm )
ASUS GL753VD / X550LD / K54HR / X751LAB ( x2 )
Bookworm12.5_Cinnamon / Calamares Single Boot installations
Firefox ESR / DuckDuckGo / Thunderbird / LibreOffice / GIMP / eID Software
https://cdimage.debian.org/debian-cd/cu ... so-hybrid/
Bookworm12.5_Cinnamon / Calamares Single Boot installations
Firefox ESR / DuckDuckGo / Thunderbird / LibreOffice / GIMP / eID Software
https://cdimage.debian.org/debian-cd/cu ... so-hybrid/