Debian: DSA-5448-1 Critical: Linux Kernel Privilege Escalation and DoS
debian
July 5, 2023
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks
Summary
CVE-2023-2124
Kyle Zeng, Akshay Ajayan and Fish Wang discovered that missing
metadata validation may result in denial of service or potential
privilege escalation if a corrupted XFS disk image is mounted.
CVE-2023-2156
It was discovered that the IPv6 RPL protocol implementation in the
Linux kernel did not properly handled user-supplied data, resulting
in a triggerable assertion. An unauthenticated remote attacker can
take advantage of this flaw for denial of service.
CVE-2023-2269
Zheng Zhang reported that improper handling of locking in the device
mapper implementation may result in denial of service.
CVE-2023-3090
It was discovered that missing initialization in ipvlan networking
may lead to an out-of-bounds write vulnerability, resulting in
denial of service or potentially the execution of arbitrary code.
CVE-2023-3212
Yang Lan that missing validation in the GFS2 filesystem could result
in denial of service via a NULL pointer dereference when...
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Package: linux
CVE ID: CVE-2023-2124 CVE-2023-2156 CVE-2023-2269 CVE-2023-3090
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!