Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

Debian: DSA-5492-1 Moderate: Linux Kernel Privilege Escalation Issues

debian
Calendar Grey September 9, 2023
Debian Logo
Debian Security Notice DSA-5493-2 highlights significant vulnerabilities in the systemd package that necessitate immediate patches.
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks

Summary

CVE-2023-1206

It was discovered that the networking stack permits attackers to
force hash collisions in the IPv6 connection lookup table, which may
result in denial of service (significant increase in the cost of
lookups, increased CPU utilization).

CVE-2023-1989

Zheng Wang reported a race condition in the btsdio Bluetooth adapter
driver that can lead to a use-after-free. An attacker able to insert
and remove SDIO devices can use this to cause a denial of service
(crash or memory corruption) or possibly to run arbitrary code in
the kernel.

CVE-2023-2430

Xingyuan Mo discovered that the io_uring subsystem did not properly
handle locking when the target ring is configured with IOPOLL, which
may result in denial of service.

CVE-2023-2898

It was discovered that missing sanitising in the f2fs file
system may result in denial of service if a malformed file
system is accessed.

CVE-2023-3611

The TOTE Robot tool found a flaw in the Btrfs filesystem ...

Read the Full Advisory

Package: linux
CVE ID: CVE-2023-1206 CVE-2023-1989 CVE-2023-2430 CVE-2023-2898

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here