Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 439
Alerts This Week
Warning Icon 1 439

Debian Bullseye DSA-5092-1 Critical: Fixes for Privilege Escalation and DoS

debian
Calendar Grey March 7, 2022
Debian Logo
The Ubuntu Security Notice USN-5012-1 outlines significant patches that tackle vulnerabilities that may lead to unauthorized access and system downtime.
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks

Summary

CVE-2021-43976

Zekun Shen and Brendan Dolan-Gavitt discovered a flaw in the
mwifiex_usb_recv() function of the Marvell WiFi-Ex USB Driver. An
attacker able to connect a crafted USB device can take advantage of
this flaw to cause a denial of service.

CVE-2022-0330

Sushma Venkatesh Reddy discovered a missing GPU TLB flush in the
i915 driver, resulting in denial of service or privilege escalation.

CVE-2022-0435

Samuel Page and Eric Dumazet reported a stack overflow in the
networking module for the Transparent Inter-Process Communication
(TIPC) protocol, resulting in denial of service or potentially the
execution of arbitrary code.

CVE-2022-0516

It was discovered that an insufficient check in the KVM subsystem
for s390x could allow unauthorized memory read or write access.

CVE-2022-0847

Max Kellermann discovered a flaw in the handling of pipe buffer
flags. An attacker can take advantage of this flaw for local
privilege escalation.

CVE-2022-22942

...

Read the Full Advisory

Severity
critical
Lowest
Low
Medium
High
Critical

Package: linux
CVE ID: CVE-2021-43976 CVE-2022-0330 CVE-2022-0435 CVE-2022-0516

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.