Debian LTS: DLA-2843-1 Moderate: Multiple Kernel Issues Security Fix
debian lts
December 16, 2021
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service, or information leaks
Summary
A flaw was found in the driver for Atheros IEEE 802.11n family of
chipsets (ath9k) allowing information disclosure.
CVE-2020-16119
Hadar Manor reported a use-after-free in the DCCP protocol
implementation in the Linux kernel. A local attacker can take
advantage of this flaw to cause a denial of service or potentially
to execute arbitrary code.
CVE-2021-0920
A race condition was discovered in the local sockets (AF_UNIX)
subsystem, which could lead to a use-after-free. A local user
could exploit this for denial of service (memory corruption or
crash), or possibly for privilege escalation.
CVE-2021-3612
Murray McAllister reported a flaw in the joystick input subsystem.
A local user permitted to access a joystick device could exploit
this to read and write out-of-bounds in the kernel, which could
be used for privilege escalation.
CVE-2021-3653
Maxim Levitsky discovered a vulnerability in the KVM hypervisor
PREVIOUS
NEXT
-------------------------------------------------------------------------Package: linux
Version: 4.9.290-1
CVE ID: CVE-2020-3702 CVE-2020-16119 CVE-2021-0920 CVE-2021-3612
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!