1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 5593-1] linux security update

    From Salvatore Bonaccorso@21:1/5 to All on Mon Jan 1 14:30:01 2024
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-5593-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso January 01, 2024 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : linux
    CVE ID : CVE-2023-6531 CVE-2023-6622 CVE-2023-6817 CVE-2023-6931
    CVE-2023-51779 CVE-2023-51780 CVE-2023-51781 CVE-2023-51782

    Several vulnerabilities have been discovered in the Linux kernel that
    may lead to a privilege escalation, denial of service or information
    leaks.

    CVE-2023-6531

    Jann Horn discovered a use-after-free flaw due to a race condition
    problem when the unix garbage collector's deletion of a SKB races
    with unix_stream_read_generic() on the socket that the SKB is
    queued on.

    CVE-2023-6622

    Xingyuan Mo discovered a flaw in the netfilter subsystem which may
    result in denial of service or privilege escalation for a user with
    the CAP_NET_ADMIN capability in any user or network namespace.

    CVE-2023-6817

    Xingyuan Mo discovered that a use-after-free in Netfilter's
    implementation of PIPAPO (PIle PAcket POlicies) may result in denial
    of service or potential local privilege escalation for a user with
    the CAP_NET_ADMIN capability in any user or network namespace.

    CVE-2023-6931

    Budimir Markovic reported a heap out-of-bounds write vulnerability
    in the Linux kernel's Performance Events system which may result in
    denial of service or privilege escalation.

    CVE-2023-51779

    It was discovered that a race condition in the Bluetooth subsystem
    in the bt_sock_ioctl handling may lead to a use-after-free.

    CVE-2023-51780

    It was discovered that a race condition in the ATM (Asynchronous
    Transfer Mode) subsystem may lead to a use-after-free.

    CVE-2023-51781

    It was discovered that a race condition in the Appletalk subsystem
    may lead to a use-after-free.

    CVE-2023-51782

    It was discovered that a race condition in the Amateur Radio X.25
    PLP (Rose) support may lead to a use-after-free.

    For the stable distribution (bookworm), these problems have been fixed in version 6.1.69-1.

    We recommend that you upgrade your linux packages.

    For the detailed security status of linux please refer to its security
    tracker page at:
    https://security-tracker.debian.org/tracker/linux

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org
    -----BEGIN PGP SIGNATURE-----

    iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmWSuDJfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0Q7/g//Ski3EY0dL0SNhIWCSVOA01f4rZbW8e+65GpQofJtckBb2Wk1ZyMb+eLv U5aRfscn7DC2J0BiX+/JjaboTx880WcUQw5csbSzb2bEGhsHBwHkCG31qaTs5ekG XH654gBja/FmGZOvQ+YwoglDMCbCiSrUs7fwe3kPhlr3XRHs2ZdezKrOQ3m2bo7g xnA7UwB+5xwbbnweYkmKxtowM+x4XUDsr43/YR+mbeULzprGQGbyxsi8txKJQ8d+ xqyxCl5zki3dF/baBhBLPMH26GUs6fGsplhht9ecUcKXiNeyYLBX6Aepb4YDEgKN o0tBDPVundFPxyQzr8qMfdB0w6+4U2z+QavV/OCziNIKXbnrNUMpjF6Pks+geneY R+ut1KWHVkOJsAgI3mGrLd+tjPSEsdUB2EJhlFWpF9XJnBD3KV9xPVOBN3ZjL1+o t/ow/5XV+LZTihUQ37stcJRnl5U1CGWlBWbUonc++eGbCAvFNaV6gTfADWyz+/6W z5eKFZpj678AFr5RbkgF2earJUT0iC3vgtKMTiEsxNoRMZgVOu8iiekX+gpWBkdt 2w+dAAu8VFixQ5/Sl8LDYCFkP8xrtf31XiNBsrMZzxJDfMtNYMi++iQXSW8LyoL/ JqbEQibQU57ls29SbvoweKCnK1GgBfhrqqGAk7/Pnax0yuK4z4M=
    =9GI7
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)