Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debianDebianDEBIAN:DSA-5593-1:15910
HistoryJan 01, 2024 - 1:25 p.m.

[SECURITY] [DSA 5593-1] linux security update

2024-01-0113:25:47
lists.debian.org
8
kernel
vulnerabilities
denial of service
privilege escalation
linux
information leaks

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.7 High

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:S/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

5.2%

JSON

Debian Security Advisory DSA-5593-1 [email protected]
https://www.debian.org/security/ Salvatore Bonaccorso
January 01, 2024 https://www.debian.org/security/faq

Package : linux
CVE ID : CVE-2023-6531 CVE-2023-6622 CVE-2023-6817 CVE-2023-6931
CVE-2023-51779 CVE-2023-51780 CVE-2023-51781 CVE-2023-51782

Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation, denial of service or information
leaks.

CVE-2023-6531

Jann Horn discovered a use-after-free flaw due to a race condition
problem when the unix garbage collector's deletion of a SKB races
with unix_stream_read_generic() on the socket that the SKB is
queued on.

CVE-2023-6622

Xingyuan Mo discovered a flaw in the netfilter subsystem which may
result in denial of service or privilege escalation for a user with
the CAP_NET_ADMIN capability in any user or network namespace.

CVE-2023-6817

Xingyuan Mo discovered that a use-after-free in Netfilter's
implementation of PIPAPO (PIle PAcket POlicies) may result in denial
of service or potential local privilege escalation for a user with
the CAP_NET_ADMIN capability in any user or network namespace.

CVE-2023-6931

Budimir Markovic reported a heap out-of-bounds write vulnerability
in the Linux kernel's Performance Events system which may result in
denial of service or privilege escalation.

CVE-2023-51779

It was discovered that a race condition in the Bluetooth subsystem
in the bt_sock_ioctl handling may lead to a use-after-free.

CVE-2023-51780

It was discovered that a race condition in the ATM (Asynchronous
Transfer Mode) subsystem may lead to a use-after-free.

CVE-2023-51781

It was discovered that a race condition in the Appletalk subsystem
may lead to a use-after-free.

CVE-2023-51782

It was discovered that a race condition in the Amateur Radio X.25
PLP (Rose) support may lead to a use-after-free.

For the stable distribution (bookworm), these problems have been fixed in
version 6.1.69-1.

We recommend that you upgrade your linux packages.

For the detailed security status of linux please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/linux

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]

OSVersionArchitecturePackageVersionFilename
Debianbookwormallata-modules-6.1.0-17-5kc-malta-di< 6.1.69-1ata-modules-6.1.0-17-5kc-malta-di_6.1.69-1_all.deb
Debianbookwormalllinux-headers-6.1.0-20-s390x< 6.1.69-1linux-headers-6.1.0-20-s390x_6.1.69-1_all.deb
Debianbookwormalllinux-headers-6.1.0-12-octeon< 6.1.69-1linux-headers-6.1.0-12-octeon_6.1.69-1_all.deb
Debianbookwormallmmc-core-modules-6.1.0-20-loongson-3-di< 6.1.69-1mmc-core-modules-6.1.0-20-loongson-3-di_6.1.69-1_all.deb
Debianbookwormallaffs-modules-6.1.0-21-5kc-malta-di< 6.1.69-1affs-modules-6.1.0-21-5kc-malta-di_6.1.69-1_all.deb
Debianbookwormallinput-modules-6.1.0-20-marvell-di< 6.1.69-1input-modules-6.1.0-20-marvell-di_6.1.69-1_all.deb
Debianbookwormallscsi-nic-modules-6.1.0-20-mips32r2el-di< 6.1.69-1scsi-nic-modules-6.1.0-20-mips32r2el-di_6.1.69-1_all.deb
Debianbookwormallfat-modules-6.1.0-17-octeon-di< 6.1.69-1fat-modules-6.1.0-17-octeon-di_6.1.69-1_all.deb
Debianbookwormallcrypto-dm-modules-6.1.0-12-4kc-malta-di< 6.1.69-1crypto-dm-modules-6.1.0-12-4kc-malta-di_6.1.69-1_all.deb
Debianbookwormallcrypto-dm-modules-6.1.0-17-marvell-di< 6.1.69-1crypto-dm-modules-6.1.0-17-marvell-di_6.1.69-1_all.deb
Rows per page:
1-10 of 19761

Related

openvas 31
osv 29
nessus 64
ubuntu 22
photon 2
debian 2
ubuntucve 7
cbl_mariner 8
debiancve 8
prion 8
redhatcve 6
cve 8
cnvd 2
fedora 2
openvas
openvas
Debian: Security Advisory (DSA-5593-1)
2024-01-12 00:00:00
Ubuntu: Security Advisory (USN-6639-1)
2024-02-16 00:00:00
Ubuntu: Security Advisory (USN-6606-1)
2024-01-26 00:00:00
osv
osv
linux - security update
2024-01-01 00:00:00
linux-oem-6.1 vulnerabilities
2024-02-15 03:33:26
linux-oem-6.1 vulnerabilities
2024-01-25 22:11:29
nessus
nessus
SUSE SLES15 Security Update : kernel RT (Live Patch 8 for SLE 15 SP5) (SUSE-SU-2024:0991-1)
2024-03-28 00:00:00
SUSE SLES15 Security Update : kernel (Live Patch 33 for SLE 15 SP3) (SUSE-SU-2024:1017-1)
2024-03-28 00:00:00
SUSE SLES15 Security Update : kernel (Live Patch 20 for SLE 15 SP4) (SUSE-SU-2024:1072-1)
2024-03-30 00:00:00
ubuntu
ubuntu
Linux kernel (OEM) vulnerabilities
2024-01-25 00:00:00
Linux kernel (OEM) vulnerabilities
2024-02-15 00:00:00
Linux kernel vulnerabilities
2024-02-21 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2024-3.0-0713
2024-01-16 00:00:00
Important Photon OS Security Update - PHSA-2024-4.0-0548
2024-01-13 00:00:00
debian
debian
[SECURITY] [DSA 5594-1] linux security update
2024-01-02 21:05:08
[SECURITY] [DLA 3711-1] linux-5.10 security update
2024-01-11 18:40:41
ubuntucve
ubuntucve
CVE-2023-51781
2024-01-11 00:00:00
CVE-2023-51782
2024-01-11 00:00:00
CVE-2023-51779
2024-01-02 00:00:00
cbl_mariner
cbl_mariner
CVE-2023-51781 affecting package kernel for versions less than 5.15.148.1-1
2024-02-25 03:00:06
CVE-2023-51782 affecting package kernel for versions less than 5.15.148.1-1
2024-02-25 03:00:06
CVE-2023-51780 affecting package kernel for versions less than 5.15.148.1-1
2024-02-25 03:00:06
debiancve
debiancve
CVE-2023-51782
2024-01-11 19:15:12
CVE-2023-51781
2024-01-11 19:15:12
CVE-2023-6622
2023-12-08 18:15:07
prion
prion
Race condition
2024-01-11 19:15:00
Race condition
2024-01-11 19:15:00
Race condition
2024-02-29 01:42:00
redhatcve
redhatcve
CVE-2023-51781
2024-01-10 13:35:57
CVE-2023-51779
2024-01-04 16:33:57
CVE-2023-6622
2023-12-08 12:58:01
cve
cve
CVE-2023-51781
2024-01-11 19:15:12
CVE-2023-51780
2024-01-11 19:15:12
CVE-2023-51779
2024-02-29 01:42:05
cnvd
cnvd
Linux kernel nft_dynset_init function denial of service vulnerability
2023-12-13 00:00:00
Linux kernel memory misreference vulnerability (CNVD-2023-9933644)
2023-12-20 00:00:00
fedora
fedora
[SECURITY] Fedora 39 Update: kernel-6.6.7-200.fc39
2023-12-21 04:03:35
[SECURITY] Fedora 38 Update: kernel-6.6.7-100.fc38
2023-12-22 01:31:00

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.7 High

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:S/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

5.2%

JSON
Related for DEBIAN:DSA-5593-1:15910
openvas31osv29nessus64ubuntu22photon2debian2ubuntucve7cbl_mariner8debiancve8prion8redhatcve6cve8cnvd2fedora2