• [SECURITY] [DSA 5092-1] linux security update

    From Salvatore Bonaccorso@21:1/5 to All on Mon Mar 7 14:00:02 2022
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-5092-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso
    March 07, 2022 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : linux
    CVE ID : CVE-2021-43976 CVE-2022-0330 CVE-2022-0435 CVE-2022-0516
    CVE-2022-0847 CVE-2022-22942 CVE-2022-24448 CVE-2022-24959
    CVE-2022-25258 CVE-2022-25375

    Several vulnerabilities have been discovered in the Linux kernel that
    may lead to a privilege escalation, denial of service or information


    Zekun Shen and Brendan Dolan-Gavitt discovered a flaw in the
    mwifiex_usb_recv() function of the Marvell WiFi-Ex USB Driver. An
    attacker able to connect a crafted USB device can take advantage of
    this flaw to cause a denial of service.


    Sushma Venkatesh Reddy discovered a missing GPU TLB flush in the
    i915 driver, resulting in denial of service or privilege escalation.


    Samuel Page and Eric Dumazet reported a stack overflow in the
    networking module for the Transparent Inter-Process Communication
    (TIPC) protocol, resulting in denial of service or potentially the
    execution of arbitrary code.


    It was discovered that an insufficient check in the KVM subsystem
    for s390x could allow unauthorized memory read or write access.


    Max Kellermann discovered a flaw in the handling of pipe buffer
    flags. An attacker can take advantage of this flaw for local
    privilege escalation.


    It was discovered that wrong file file descriptor handling in the
    VMware Virtual GPU driver (vmwgfx) could result in information leak
    or privilege escalation.


    Lyu Tao reported a flaw in the NFS implementation in the Linux
    kernel when handling requests to open a directory on a regular file,
    which could result in a information leak.


    A memory leak was discovered in the yam_siocdevprivate() function of
    the YAM driver for AX.25, which could result in denial of service.


    Szymon Heidrich reported the USB Gadget subsystem lacks certain
    validation of interface OS descriptor requests, resulting in memory


    Szymon Heidrich reported that the RNDIS USB gadget lacks validation
    of the size of the RNDIS_MSG_SET command, resulting in information
    leak from kernel memory.

    For the stable distribution (bullseye), these problems have been fixed in version 5.10.92-2.

    We recommend that you upgrade your linux packages.

    For the detailed security status of linux please refer to its security
    tracker page at:

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org

    iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmImAChfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0TlAw/+MoL+9zYTlpPOcWp0YMuOkEUJU3WS7udSyTSZLNZsWuQTVmPQ6ed7Fxw/ b0j6OCX9HbrIl4nJdx+7D53ujWC6hS29TLgHCb8d/TEeluXPVI2+4Nt1FcZbSXTJ 6hBNIVVIiDUV9Wco8JUVbvk+y8VCsHxqDEePpEOTZVYLyDUUdti4V7+3ZyO8XQ4/ ePeCX8QQba5FApsz4jG7CkBCxBxyley6YswPV3Zz1FF6L/hGjgluYiKFbO4mLTlX vqwv/UIAZl2rutHzzxyBE5hIlPGXfgksPI7jTmSMRkWI99cIlJWTlziecYLQUiid 2NwOyu2vrut6ZVbtmI5WbTy64Aa9EKguQLd+SbBMuK790nfTLRySaZnU52/1j1MW 1/3Nwq+pDbZ/yAAeV/TS9oKl3mG3XVOO34EGpr9A5aZzCPetyb1TQj0jR5+mjCxy RTxYZuCrisnFvVXXRZLPc1vPcZW+ULXrPQFWEEvd2WKRa6iIkDHf5ef8pHRm36mk 9Yt0x6UmmVWLRRZp7UCbD03NB5p3oJKi+i1h3d+19jQGwU2bEhfOEADCADqlZLwc /6vFZ7TrA/74LXM8MOc5+VQbxL8nGetenPSHuxNwoeXw1ry4+x9KV6YHMqeqQ/qW jFpIOfWS1HQ9vC9t46V2eE0sfrOu2Jvdm4MixwRbXhjzs/REYTY=
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)