DSA-5095-1 linux -- linuxID: oval:org.secpod.oval:def:88340 | Date: (C)2023-03-28 (M)2024-04-17 |
Class: PATCH | Family: unix |
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2020-36310 A flaw was discovered in the KVM implementation for AMD processors, which could lead to an infinite loop. A malicious VM guest could exploit this to cause a denial of service. CVE-2022-0001 Researchers at VUSec discovered that the Branch History Buffer in Intel processors can be exploited to create information side- channels with speculative execution. This issue is similar to Spectre variant 2, but requires additional mitigations on some processors. This can be exploited to obtain sensitive information from a different security context, such as from user-space to the kernel, or from a KVM guest to the kernel. CVE-2022-0002 This is a similar issue to CVE-2022-0001, but covers exploitation within a security context, such as from JIT-compiled code in a sandbox to hosting code in the same process. This is partly mitigated by disabling eBPF for unprivileged users with the sysctl: kernel.unprivileged_bpf_disabled=2. This is already the default in Debian 11 bullseye. CVE-2022-0487 A use-after-free was discovered in the MOXART SD/MMC Host Controller support driver. This flaw does not impact the Debian binary packages as CONFIG_MMC_MOXART is not set. CVE-2022-0492 Yiqi Sun and Kevin Wang reported that the cgroup-v1 subsystem does not properly restrict access to the release-agent feature. A local user can take advantage of this flaw for privilege escalation and bypass of namespace isolation. CVE-2022-0617 butt3rflyh4ck discovered a NULL pointer dereference in the UDF filesystem. A local user that can mount a specially crafted UDF image can use this flaw to crash the system. CVE-2022-25636 Nick Gregory reported a heap out-of-bounds write flaw in the netfilter subsystem. A user with the CAP_NET_ADMIN capability could use this for denial of service or possibly for privilege escalation.
Product: |
linux-image-5.10 |
linux-headers-5.10 |
bpftool |
hyperv-daemons |
libcpupower-dev |
libcpupower1 |
usbip |