Debian Buster: DLA-3349-1 Critical: Linux Kernel Privilege Escalation
debian lts
March 2, 2023
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
Summary
Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation, denial of service or information
leaks.
CVE-2022-2873
Zheyu Ma discovered that an out-of-bounds memory access flaw in
the Intel iSMT SMBus 2.0 host controller driver may result in
denial of service (system crash).
CVE-2022-3545
It was discovered that the Netronome Flow Processor (NFP) driver
contained a use-after-free flaw in area_cache_get(), which may
result in denial of service or the execution of arbitrary code.
CVE-2022-3623
A race condition when looking up a CONT-PTE/PMD size hugetlb page
may result in denial of service or an information leak.
CVE-2022-4696
A use-after-free vulnerability was discovered in the io_uring
subsystem.
CVE-2022-36280
An out-of-bounds memory write vulnerability was discovered in the
vmwgfx driver, which may allow a local unprivileged user to cause
a denial of service (system crash).
CVE-2022-41218
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Package: linux-5.10
Version: 5.10.162-1~deb10u1
CVE ID: CVE-2022-2873 CVE-2022-3545 CVE-2022-3623 CVE-2022-4696
Debian Bug: 825141 1008501 1027430 1027483
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!