Protect yourself against future threats.
=========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2024.2306 linux security update 15 April 2024 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: linux Publisher: Debian Operating System: Debian GNU/Linux Resolution: Patch/Upgrade CVE Names: CVE-2023-6270 CVE-2024-1151 CVE-2024-23850 CVE-2024-23851 CVE-2024-26585 CVE-2024-26586 CVE-2024-26593 CVE-2024-26603 CVE-2024-26622 CVE-2023-7042 CVE-2023-52616 CVE-2023-52617 CVE-2023-52618 CVE-2023-52619 CVE-2023-52620 CVE-2023-52621 CVE-2023-52622 CVE-2023-52623 CVE-2023-52630 CVE-2023-52631 CVE-2023-52632 CVE-2023-52633 CVE-2023-52635 CVE-2023-52637 CVE-2023-52638 CVE-2023-52639 CVE-2023-52640 CVE-2023-52641 CVE-2024-0841 CVE-2024-22099 CVE-2024-24857 CVE-2024-24858 CVE-2024-26582 CVE-2024-26583 CVE-2024-26584 CVE-2024-26590 CVE-2024-26606 CVE-2024-26621 CVE-2024-26626 CVE-2024-26629 CVE-2024-26639 CVE-2024-26640 CVE-2024-26641 CVE-2024-26642 CVE-2024-26643 CVE-2024-26651 CVE-2024-26654 CVE-2024-26659 CVE-2023-52604 CVE-2024-26660 CVE-2024-26627 CVE-2024-26601 CVE-2024-26663 CVE-2023-52607 CVE-2024-26664 CVE-2023-52602 CVE-2024-26665 CVE-2023-52599 CVE-2023-52603 CVE-2024-26667 CVE-2024-26581 CVE-2023-52600 CVE-2024-26671 CVE-2023-52584 CVE-2024-26625 CVE-2023-52606 CVE-2024-26679 CVE-2024-26680 CVE-2023-52597 CVE-2024-26698 CVE-2024-26700 CVE-2023-52595 CVE-2024-26687 CVE-2024-26706 CVE-2024-26689 CVE-2024-26695 CVE-2024-26696 CVE-2024-26697 CVE-2023-52601 CVE-2023-52593 CVE-2024-26702 CVE-2024-26704 CVE-2023-52587 CVE-2024-26707 CVE-2024-26726 CVE-2024-26712 CVE-2024-26714 CVE-2024-26715 CVE-2024-26717 CVE-2023-52598 CVE-2024-26720 CVE-2024-26722 CVE-2024-26723 CVE-2023-52583 CVE-2023-52589 CVE-2024-26731 CVE-2024-26733 CVE-2023-52594 CVE-2023-52588 CVE-2024-26737 CVE-2024-26600 CVE-2024-26741 CVE-2024-26602 CVE-2024-26742 CVE-2024-26743 CVE-2024-26747 CVE-2024-26748 CVE-2024-26744 CVE-2024-26750 CVE-2024-26751 CVE-2024-26752 CVE-2024-26753 CVE-2024-26745 CVE-2024-26735 CVE-2023-28746 CVE-2024-26761 CVE-2024-26763 CVE-2024-26764 CVE-2024-26765 CVE-2024-26766 CVE-2024-26769 CVE-2024-26771 CVE-2024-26772 CVE-2024-26773 CVE-2024-26774 CVE-2024-26775 CVE-2024-26776 CVE-2024-26749 CVE-2024-26778 CVE-2024-26779 CVE-2024-26780 CVE-2024-26781 CVE-2024-26782 CVE-2024-26787 CVE-2024-26788 CVE-2024-26789 CVE-2024-26790 CVE-2024-26791 CVE-2023-47233 CVE-2024-26736 CVE-2024-26795 CVE-2024-26798 CVE-2024-26800 CVE-2024-26801 CVE-2024-26802 CVE-2024-26803 CVE-2024-26804 CVE-2024-26805 CVE-2024-26809 CVE-2024-26810 CVE-2024-26811 CVE-2024-26812 CVE-2024-26754 CVE-2024-26814 CVE-2024-26815 CVE-2024-26816 CVE-2024-27437 CVE-2024-26759 CVE-2024-0340 CVE-2024-26760 CVE-2024-26777 CVE-2023-52434 CVE-2023-52435 CVE-2024-2201 CVE-2023-2176 CVE-2024-26792 CVE-2024-26793 CVE-2024-26710 CVE-2024-26727 CVE-2024-26813 CVE-2024-26673 CVE-2024-26718 CVE-2024-26675 CVE-2024-26676 CVE-2024-26681 CVE-2024-26684 CVE-2024-26685 CVE-2024-26686 CVE-2024-26688 CVE-2023-52429 Original Bulletin: https://lists.debian.org/debian-security-announce/2024/msg00066.html Comment: CVSS (Max): 8.0 CVE-2023-52434 (CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) CVSS Source: OpenAnolis, Red Hat, [NIST], Intel Corporation Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5658-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso April 13, 2024 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : linux CVE ID : CVE-2023-2176 CVE-2023-6270 CVE-2023-7042 CVE-2023-28746 CVE-2023-47233 CVE-2023-52429 CVE-2023-52434 CVE-2023-52435 CVE-2023-52583 CVE-2023-52584 CVE-2023-52587 CVE-2023-52588 CVE-2023-52589 CVE-2023-52593 CVE-2023-52594 CVE-2023-52595 CVE-2023-52597 CVE-2023-52598 CVE-2023-52599 CVE-2023-52600 CVE-2023-52601 CVE-2023-52602 CVE-2023-52603 CVE-2023-52604 CVE-2023-52606 CVE-2023-52607 CVE-2023-52616 CVE-2023-52617 CVE-2023-52618 CVE-2023-52619 CVE-2023-52620 CVE-2023-52621 CVE-2023-52622 CVE-2023-52623 CVE-2023-52630 CVE-2023-52631 CVE-2023-52632 CVE-2023-52633 CVE-2023-52635 CVE-2023-52637 CVE-2023-52638 CVE-2023-52639 CVE-2023-52640 CVE-2023-52641 CVE-2024-0340 CVE-2024-0841 CVE-2024-1151 CVE-2024-2201 CVE-2024-22099 CVE-2024-23850 CVE-2024-23851 CVE-2024-24857 CVE-2024-24858 CVE-2024-26581 CVE-2024-26582 CVE-2024-26583 CVE-2024-26584 CVE-2024-26585 CVE-2024-26586 CVE-2024-26590 CVE-2024-26593 CVE-2024-26600 CVE-2024-26601 CVE-2024-26602 CVE-2024-26603 CVE-2024-26606 CVE-2024-26621 CVE-2024-26622 CVE-2024-26625 CVE-2024-26626 CVE-2024-26627 CVE-2024-26629 CVE-2024-26639 CVE-2024-26640 CVE-2024-26641 CVE-2024-26642 CVE-2024-26643 CVE-2024-26651 CVE-2024-26654 CVE-2024-26659 CVE-2024-26660 CVE-2024-26663 CVE-2024-26664 CVE-2024-26665 CVE-2024-26667 CVE-2024-26671 CVE-2024-26673 CVE-2024-26675 CVE-2024-26676 CVE-2024-26679 CVE-2024-26680 CVE-2024-26681 CVE-2024-26684 CVE-2024-26685 CVE-2024-26686 CVE-2024-26687 CVE-2024-26688 CVE-2024-26689 CVE-2024-26695 CVE-2024-26696 CVE-2024-26697 CVE-2024-26698 CVE-2024-26700 CVE-2024-26702 CVE-2024-26704 CVE-2024-26706 CVE-2024-26707 CVE-2024-26710 CVE-2024-26712 CVE-2024-26714 CVE-2024-26715 CVE-2024-26717 CVE-2024-26718 CVE-2024-26720 CVE-2024-26722 CVE-2024-26723 CVE-2024-26726 CVE-2024-26727 CVE-2024-26731 CVE-2024-26733 CVE-2024-26735 CVE-2024-26736 CVE-2024-26737 CVE-2024-26741 CVE-2024-26742 CVE-2024-26743 CVE-2024-26744 CVE-2024-26745 CVE-2024-26747 CVE-2024-26748 CVE-2024-26749 CVE-2024-26750 CVE-2024-26751 CVE-2024-26752 CVE-2024-26753 CVE-2024-26754 CVE-2024-26759 CVE-2024-26760 CVE-2024-26761 CVE-2024-26763 CVE-2024-26764 CVE-2024-26765 CVE-2024-26766 CVE-2024-26769 CVE-2024-26771 CVE-2024-26772 CVE-2024-26773 CVE-2024-26774 CVE-2024-26775 CVE-2024-26776 CVE-2024-26777 CVE-2024-26778 CVE-2024-26779 CVE-2024-26780 CVE-2024-26781 CVE-2024-26782 CVE-2024-26787 CVE-2024-26788 CVE-2024-26789 CVE-2024-26790 CVE-2024-26791 CVE-2024-26792 CVE-2024-26793 CVE-2024-26795 CVE-2024-26798 CVE-2024-26800 CVE-2024-26801 CVE-2024-26802 CVE-2024-26803 CVE-2024-26804 CVE-2024-26805 CVE-2024-26809 CVE-2024-26810 CVE-2024-26811 CVE-2024-26812 CVE-2024-26813 CVE-2024-26814 CVE-2024-26815 CVE-2024-26816 CVE-2024-27437 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. For the stable distribution (bookworm), these problems have been fixed in version 6.1.85-1. We recommend that you upgrade your linux packages. For the detailed security status of linux please refer to its security tracker page at: https://security-tracker.debian.org/tracker/linux Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmYaIyZfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0RN3A/9HbzpFDgN8uqJJVEHYgDh38m+h/8maSC2qL3G9ZPEckWX6MLBm+yBWcJ0 l/DesFcqc5Lh25bgWSO2jJ4TY4+dbTRFzFcJ/aTnbOKGoGCUQt0W9ZHFVwmkPKQN tbZm1W1K3u/5dz8qow1ntsQuBarD0uDpImbhOZdrk+n88yKVB4lqAqNgel6EPt03 6SYAz/A3S1A3cgTEwz9udrA6du7yX/2vFwd9g4CO96VflHBgsHSnWAnmJZScZjIA MT8jWGEXUw0zPg78w6AieLWhXTRe/bRxzhPRtYMOwXu1rX3wcPO8cbF9+hgbdj9w VD+qKTP3PWzP7nxJ3KLRUf8NvHjOI5CvVJFR3UFVlOE+BtYO//POTZI9eUv9tU3x vqXXTuHN+uXHkOtvRImx0Hf6FxjQbdh6IuvK6ipb/YH6IE2jZOw94AYi75UkDkgf VBbQf7eShv81Z05tZQo1rFHQMYBbGjtpudJllQ8/zmbv+hM9WuL4NCkw6EQytFPU 51lVn/8Cqx1wt0IAmKr4FQ3hz/d766jgQvByFQWhqs1ZD7vQy2SxbzzTsKT1Zlha GsRB5LNZXvIwZi/A4ls7+4YM4urbRljMFgU7sUaNl+nbhqcw0y/AoLcUGO+7vl6L S/9Mmm8mnmXvTTYCgw9tuLo/wCP9UlF5PTEsZTQyslJYVxu/bvQ= =IM/D -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT---------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. ===========================================================================