Lucene search

K
debianDebianDEBIAN:DLA-3102-1:8DD52
HistorySep 11, 2022 - 7:35 p.m.

[SECURITY] [DLA 3102-1] linux-5.10 new package

2022-09-1119:35:03
lists.debian.org
45

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

1.7 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:S/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

12.9%


Debian LTS Advisory DLA-3102-1 [email protected]
https://www.debian.org/lts/security/ Ben Hutchings
September 11, 2022 https://wiki.debian.org/LTS

Package : linux-5.10
Version : 5.10.136-1~deb10u3
CVE ID : CVE-2022-2585 CVE-2022-2586 CVE-2022-2588 CVE-2022-26373
CVE-2022-29900 CVE-2022-29901 CVE-2022-36879 CVE-2022-36946

Linux 5.10 has been packaged for Debian 10 as linux-5.10. This
provides a supported upgrade path for systems that currently use
kernel packages from the "buster-backports" suite.

There is no need to upgrade systems using Linux 4.19, as that kernel
version will also continue to be supported in the LTS period.

The "apt full-upgrade" command will not automatically install the
updated kernel packages. You should explicitly install one of the
following metapackages first, as appropriate for your system:

linux-image-5.10-686
linux-image-5.10-686-pae
linux-image-5.10-amd64
linux-image-5.10-arm64
linux-image-5.10-armmp
linux-image-5.10-armmp-lpae
linux-image-5.10-cloud-amd64
linux-image-5.10-cloud-arm64
linux-image-5.10-rt-686-pae
linux-image-5.10-rt-amd64
linux-image-5.10-rt-arm64
linux-image-5.10-rt-armmp

For example, if the command "uname -r" currently shows
"5.10.0-0.deb10.16-amd64", you should install linux-image-5.10-amd64.

This backport does not include the following binary packages:

bpftool hyperv-daemons libcpupower-dev libcpupower1
linux-compiler-gcc-8-arm linux-compiler-gcc-8-x86 linux-cpupower
linux-libc-dev usbip

Older versions of most of those are built from the linux source
package in Debian 10.

Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation, denial of service or information
leaks.

CVE-2022-2585

A use-after-free flaw in the implementation of POSIX CPU timers
may result in denial of service or in local privilege escalation.

CVE-2022-2586

A use-after-free in the Netfilter subsystem may result in local
privilege escalation for a user with the CAP_NET_ADMIN capability
in any user or network namespace.

CVE-2022-2588

Zhenpeng Lin discovered a use-after-free flaw in the cls_route
filter implementation which may result in local privilege
escalation for a user with the CAP_NET_ADMIN capability in any
user or network namespace.

CVE-2022-26373

It was discovered that on certain processors with Intel's Enhanced
Indirect Branch Restricted Speculation (eIBRS) capabilities there
are exceptions to the documented properties in some situations,
which may result in information disclosure.

Intel's explanation of the issue can be found at
https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/advisory-guidance/post-barrier-return-stack-buffer-predictions.html

CVE-2022-29900

Johannes Wikner and Kaveh Razavi reported that for AMD/Hygon
processors, mis-trained branch predictions for return instructions
may allow arbitrary speculative code execution under certain
microarchitecture-dependent conditions.

A list of affected AMD CPU types can be found at
https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1037

CVE-2022-29901

Johannes Wikner and Kaveh Razavi reported that for Intel
processors (Intel Core generation 6, 7 and 8), protections against
speculative branch target injection attacks were insufficient in
some circumstances, which may allow arbitrary speculative code
execution under certain microarchitecture-dependent conditions.

More information can be found at
https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/advisory-guidance/return-stack-buffer-underflow.html

CVE-2022-36879

A flaw was discovered in xfrm_expand_policies in the xfrm
subsystem which can cause a reference count to be dropped twice.

CVE-2022-36946

Domingo Dirutigliano and Nicola Guerrera reported a memory
corruption flaw in the Netfilter subsystem which may result in
denial of service.

For Debian 10 buster, these problems have been fixed in version
5.10.136-1~deb10u3. This update additionally includes many more bug
fixes from stable updates 5.10.128-5.10.136 inclusive.

We recommend that you upgrade your linux-5.10 packages.

For the detailed security status of linux-5.10 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/linux-5.10

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
Attachment:
signature.asc
Description: PGP signature

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

1.7 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:S/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

12.9%