Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2878 linux security update 13 June 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: linux Publisher: Debian Operating System: Debian GNU/Linux Resolution: Patch/Upgrade CVE Names: CVE-2022-28893 CVE-2022-21499 CVE-2022-1975 CVE-2022-1974 CVE-2022-1972 CVE-2022-1966 CVE-2022-1852 CVE-2022-1789 CVE-2022-1786 CVE-2022-1729 CVE-2022-1012 CVE-2022-0854 CVE-2022-0494 Original Bulletin: https://lists.debian.org/debian-security-announce/2022/msg00129.html Comment: CVSS (Max): 8.2 CVE-2022-1012 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H) CVSS Source: NVD, [Red Hat], SUSE Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - - ------------------------------------------------------------------------- Debian Security Advisory DSA-5161-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso June 11, 2022 https://www.debian.org/security/faq - - ------------------------------------------------------------------------- Package : linux CVE ID : CVE-2022-0494 CVE-2022-0854 CVE-2022-1012 CVE-2022-1729 CVE-2022-1786 CVE-2022-1789 CVE-2022-1852 CVE-2022-1966 CVE-2022-1972 CVE-2022-1974 CVE-2022-1975 CVE-2022-21499 CVE-2022-28893 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2022-0494 The scsi_ioctl() was susceptible to an information leak only exploitable by users with CAP_SYS_ADMIN or CAP_SYS_RAWIO capabilities. CVE-2022-0854 Ali Haider discovered a potential information leak in the DMA subsystem. On systems where the swiotlb feature is needed, this might allow a local user to read sensitive information. CVE-2022-1012 The randomisation when calculating port offsets in the IP implementation was enhanced. CVE-2022-1729 Norbert Slusarek discovered a race condition in the perf subsystem which could result in local privilege escalation to root. The default settings in Debian prevent exploitation unless more permissive settings have been applied in the kernel.perf_event_paranoid sysctl. CVE-2022-1786 Kyle Zeng discovered a use-after-free in the io_uring subsystem which way result in local privilege escalation to root. CVE-2022-1789 / CVE-2022-1852 Yongkang Jia, Gaoning Pan and Qiuhao Li discovered two NULL pointer dereferences in KVM's CPU instruction handling, resulting in denial of service. CVE-2022-1966 Aaron Adams discovered a use-after-free in Netfilter which may result in local privilege escalation to root. CVE-2022-1972 Ziming Zhang discovered an out-of-bound write in Netfilter which may result in local privilege escalation to root. CVE-2022-1974 / CVE-2022-1975 Duoming Zhou discovered that the NFC netlink interface was suspectible to denial of service. CVE-2022-21499 It was discovered that the kernel debugger could be used to bypass UEFI Secure Boot restrictions. CVE-2022-28893 Felix Fu discovered a use-after-free in the implementation of the Remote Procedure Call (SunRPC) protocol, which could in denial of service or an information leak. For the stable distribution (bullseye), these problems have been fixed in version 5.10.120-1. We recommend that you upgrade your linux packages. For the detailed security status of linux please refer to its security tracker page at: https://security-tracker.debian.org/tracker/linux Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org - -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmKkWHlfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0R99w//T94sBtctj4AfiOkHI2Bp6+frX++VBeSQa2Kzgi4mzN7K+NCf527O135f eKPt5LBSjItdcB4TZFVeVjeGWjve96i/jZuRD66WmEr+15bVcE9UjeS//cSUEiRD FBkZm/cYeNJo69+VwolkzJaySoN3EuFseu6fQ++IZJsrItzhUpU+OPap+uWxJPCj MSVfrI/qCIm0TY1tetdnh9IIPdAxFu5RBMGG+QDZHdB8bLaLJOlQwzfUFEYy4qTL 8J/ntbvjiZXBvAG0ZEnVyTqU6jmjJS1NtIYEAwror4yRoCGROT8AAGP3jywrVIg/ MG58s50aMN42nbdBPGYw1KYaltfVIEZWk+OAfRUzojj0hvatKsJjAXkp/r+Rx2JC 6cfCzo9zYY5yb3OAmMobl59L6JdrPjyyPfMBErOBtZMdFAUHd2xynszZ+IVfJibQ rXkPHN3l2V08wOV9NGXEbarFTfu8lOXetEiPiRbIX5ntR7DcKEu28o/QeXC4EcKJ qRAm7U2GIrNC8ES669/84kdcg53yxehWcW0Vp+2JhS7+NAQP1sPWnpWwnFgTm11C RPWKoxTIj9U7yQg3Oc99sHzMEhsBHx21E+EzfLoGb8W3hX89yjNbKThNW/4Ow9UE ALezdpKlIQ5wFsRdsyBClJSqjFlBmShwf9VYyg7dLv+VmPINTvM= =SLnt - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYqais8kNZI30y1K9AQg4UA//R5YrEFxjv5tmLcq6TuQq4YKsg+CRrAXD SJzNM/KJlusMMqy+bsy3cKdaG1PJqJUri3GujaPtADz6SlJ4Fgb/8chlPkTfcOIV zys4oudqT3+HbUIgQtK8HwymuYqRvNq7J91sk3t9AlLfut8zN6PinzXy7LoZrM1u pLaIZV89Xkqhj7Ub3ANDwvZPSynEPgCGmJxPflEPrtiqeuiIH+a1sps+yFaciqFd eQepODxL62jtL6ZtucGL/b0pz7uhCf8P9lYskoIuFql5jJ/0PU+vP+zMFJsxNOCX 26fDGTqGX4M/SZwvFxgzfPmytGQYkV9tJbzLUt5ITf9yeQur0SfoJ1pPUTd2Fm71 qWqvrlD7Be3DsAR67LBqkwX+zJRYZBz4qItjfCsjm4/ZzuzR7Jl7h3hzJPqrOsEy /Iatv1yjjnCsxm/dvZs3iMSyXFcemwuFE4cIB97ISeuGky28SCWfc3ApkVsxtJ/u HO30DqrFLZHNj3b/4RiGjrsAFoIp1DsMwkDES3smgxVj0Cr6UBCELEUlY9U8uXV9 dDzZCUb2WAb2n55/BImNMa3Pl5Z6kTm6yJdAyJhgPHOK16BCLLOAUncPze66mXG2 iu86zgyTfEsdVHsRo0t98w+dmaV3Q2UHaml4Zw5zySCSicczoc9dbweN9mDY8+2/ UkNuLc3jBtg= =PjMq -----END PGP SIGNATURE-----