ALT-PU-2023-1267-1
Package kernel-image-mp updated to version 6.1.12-alt1 for branch sisyphus in task 315322.
Closed vulnerabilities
BDU:2023-00383
Уязвимость компонентa netfilter ядра операционной системы Linux, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации и повысить свои привилегии.
BDU:2023-00747
Уязвимость драйвера drivers/hid/hid-bigbenff.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2023-01205
Уязвимость функции rds_rm_zerocopy_callback() в модуле net/rds/message.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2023-01572
Уязвимость функции stat() подсистемы OverlayFS ядра операционных систем Linux, позволяющая нарушителю повысить свои привилегии
BDU:2023-02624
Уязвимость реализации сетевого протокола NET/ROM ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность данных.
Modified: 2024-11-21
CVE-2023-0179
A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. This issue could allow the leakage of both stack and heap addresses, and potentially allow Local Privilege Escalation to the root user via arbitrary code execution.
- http://packetstormsecurity.com/files/171601/Kernel-Live-Patch-Security-Notice-LNS-0093-1.html
- http://packetstormsecurity.com/files/171601/Kernel-Live-Patch-Security-Notice-LNS-0093-1.html
- https://bugzilla.redhat.com/show_bug.cgi?id=2161713
- https://bugzilla.redhat.com/show_bug.cgi?id=2161713
- https://seclists.org/oss-sec/2023/q1/20
- https://seclists.org/oss-sec/2023/q1/20
- https://security.netapp.com/advisory/ntap-20230511-0003/
- https://security.netapp.com/advisory/ntap-20230511-0003/
Modified: 2025-02-26
CVE-2023-0386
A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system.
- http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSN-0095-1.html
- http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSN-0095-1.html
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4f11ada10d0a
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4f11ada10d0a
- [debian-lts-announce] 20230605 [SECURITY] [DLA 3446-1] linux-5.10 security update
- [debian-lts-announce] 20230605 [SECURITY] [DLA 3446-1] linux-5.10 security update
- [debian-lts-announce] 20240627 [SECURITY] [DLA 3840-1] linux security update
- [debian-lts-announce] 20240627 [SECURITY] [DLA 3840-1] linux security update
- https://security.netapp.com/advisory/ntap-20230420-0004/
- https://security.netapp.com/advisory/ntap-20230420-0004/
- DSA-5402
- DSA-5402
Modified: 2024-11-21
CVE-2023-1078
A flaw was found in the Linux Kernel in RDS (Reliable Datagram Sockets) protocol. The rds_rm_zerocopy_callback() uses list_entry() on the head of a list causing a type confusion. Local user can trigger this with rds_message_put(). Type confusion leads to `struct rds_msg_zcopy_info *info` actually points to something else that is potentially controlled by local user. It is known how to trigger this, which causes an out of bounds access, and a lock corruption.
- [oss-security] 20231105 CVE-2023-1078: Linux: rds_rm_zerocopy_callback() bugs
- [oss-security] 20231105 CVE-2023-1078: Linux: rds_rm_zerocopy_callback() bugs
- https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=f753a68980cf4b59a80fe677619da2b1804f526d
- https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=f753a68980cf4b59a80fe677619da2b1804f526d
- [debian-lts-announce] 20230502 [SECURITY] [DLA 3404-1] linux-5.10 security update
- [debian-lts-announce] 20230502 [SECURITY] [DLA 3404-1] linux-5.10 security update
- [debian-lts-announce] 20230503 [SECURITY] [DLA 3403-1] linux security update
- [debian-lts-announce] 20230503 [SECURITY] [DLA 3403-1] linux security update
- https://security.netapp.com/advisory/ntap-20230505-0004/
- https://security.netapp.com/advisory/ntap-20230505-0004/
Modified: 2024-11-21
CVE-2023-25012
The Linux kernel through 6.1.9 has a Use-After-Free in bigben_remove in drivers/hid/hid-bigbenff.c via a crafted USB device because the LED controllers remain registered for too long.
- [oss-security] 20230202 Re: Linux Kernel: hid: Use-After-Free in bigben_set_led()
- [oss-security] 20230202 Re: Linux Kernel: hid: Use-After-Free in bigben_set_led()
- [oss-security] 20231105 CVE-2023-1078: Linux: rds_rm_zerocopy_callback() bugs
- [oss-security] 20231105 CVE-2023-1078: Linux: rds_rm_zerocopy_callback() bugs
- https://bugzilla.suse.com/show_bug.cgi?id=1207560
- https://bugzilla.suse.com/show_bug.cgi?id=1207560
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=27d2a2fd844ec7da70d19fabb482304fd1e0595b
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=27d2a2fd844ec7da70d19fabb482304fd1e0595b
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=76ca8da989c7d97a7f76c75d475fe95a584439d7
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=76ca8da989c7d97a7f76c75d475fe95a584439d7
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9fefb6201c4f8dd9f58c581b2a66e5cde2895ea2
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9fefb6201c4f8dd9f58c581b2a66e5cde2895ea2
- [debian-lts-announce] 20230502 [SECURITY] [DLA 3404-1] linux-5.10 security update
- [debian-lts-announce] 20230502 [SECURITY] [DLA 3404-1] linux-5.10 security update
- https://lore.kernel.org/all/20230125-hid-unregister-leds-v1-1-9a5192dcef16%40diag.uniroma1.it/
- https://lore.kernel.org/all/20230125-hid-unregister-leds-v1-1-9a5192dcef16%40diag.uniroma1.it/
- https://seclists.org/oss-sec/2023/q1/53
- https://seclists.org/oss-sec/2023/q1/53
Modified: 2024-11-21
CVE-2023-32269
An issue was discovered in the Linux kernel before 6.1.11. In net/netrom/af_netrom.c, there is a use-after-free because accept is also allowed for a successfully connected AF_NETROM socket. However, in order for an attacker to exploit this, the system must have netrom routing configured or the attacker must have the CAP_NET_ADMIN capability.