Alerts This Week
Warning Icon 1 1,154
Alerts This Week
Warning Icon 1 1,154

Debian 10 LTS: DLA-3711-1 Critical: linux-5.10 Privilege Escalation

debian lts
Calendar Grey January 11, 2024
Dist Debian Esm H88
Serious security flaws in linux-5.10 necessitate immediate updates for Debian installations. Act swiftly to safeguard your systems.

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

Summary

Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation, denial of service or information
leaks.

CVE-2021-44879

Wenqing Liu reported a NULL pointer dereference in the f2fs
implementation. An attacker able to mount a specially crafted image
can take advantage of this flaw for denial of service.

CVE-2023-5178

Alon Zahavi reported a use-after-free flaw in the NVMe-oF/TCP
subsystem in the queue initialization setup, which may result in
denial of service or privilege escalation.

CVE-2023-5197

Kevin Rich discovered a use-after-free flaw in the netfilter
subsystem which may result in denial of service or privilege
escalation for a user with the CAP_NET_ADMIN capability in any user
or network namespace.

CVE-2023-5717

Budimir Markovic reported a heap out-of-bounds write vulnerability
in the Linux kernel's Performance Events system caused by improper

Read the Full Advisory


Severity
critical
Lowest
Low
Medium
High
Critical

Package: linux-5.10
Version: 5.10.205-2~deb10u1
CVE ID: CVE-2021-44879 CVE-2023-5178 CVE-2023-5197 CVE-2023-5717
Debian Bug: 1032104 1035587 1052304

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here