Debian update for linux



Published: 2022-03-10 | Updated: 2022-10-19
Risk High
Patch available YES
Number of vulnerabilities 52
CVE-ID CVE-2020-29374
CVE-2020-36322
CVE-2021-20317
CVE-2021-20321
CVE-2021-20322
CVE-2021-22600
CVE-2021-28711
CVE-2021-28712
CVE-2021-28713
CVE-2021-28714
CVE-2021-28715
CVE-2021-28950
CVE-2021-3640
CVE-2021-3744
CVE-2021-3752
CVE-2021-3760
CVE-2021-3764
CVE-2021-3772
CVE-2021-38300
CVE-2021-39685
CVE-2021-39686
CVE-2021-39698
CVE-2021-39713
CVE-2021-4002
CVE-2021-4083
CVE-2021-4135
CVE-2021-4155
CVE-2021-41864
CVE-2021-4202
CVE-2021-4203
CVE-2021-42739
CVE-2021-43389
CVE-2021-43975
CVE-2021-43976
CVE-2021-44733
CVE-2021-45095
CVE-2021-45469
CVE-2021-45480
CVE-2022-0001
CVE-2022-0002
CVE-2022-0322
CVE-2022-0330
CVE-2022-0435
CVE-2022-0487
CVE-2022-0492
CVE-2022-0617
CVE-2022-0644
CVE-2022-22942
CVE-2022-24448
CVE-2022-24959
CVE-2022-25258
CVE-2022-25375
CWE-ID CWE-362
CWE-404
CWE-665
CWE-330
CWE-415
CWE-400
CWE-834
CWE-416
CWE-401
CWE-345
CWE-94
CWE-119
CWE-254
CWE-200
CWE-264
CWE-787
CWE-129
CWE-20
CWE-125
CWE-704
CWE-121
CWE-476
CWE-617
CWE-909
CWE-668
Exploitation vector Network
Public exploit Vulnerability #6 is being exploited in the wild.
Public exploit code for vulnerability #20 is available.
Public exploit code for vulnerability #35 is available.
Public exploit code for vulnerability #44 is available.
Public exploit code for vulnerability #45 is available.
Public exploit code for vulnerability #52 is available.
Vulnerable software
Subscribe
Debian Linux
Operating systems & Components / Operating system

linux (Debian package)
Operating systems & Components / Operating system package or component

Vendor Debian

Security Bulletin

This security bulletin contains information about 52 vulnerabilities.

1) Race condition

EUVDB-ID: #VU63812

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2020-29374

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to a race condition in the mm/gup.c and mm/huge_memory.c in Linux kernel. A local user can exploit the race and gain unauthorized access to sensitive information.

Mitigation

Update linux package to version 4.19.232-1.

Vulnerable software versions

Debian Linux: All versions

linux (Debian package): before 4.19.232-1


CPE2.3 External links

http://www.debian.org/security/2022/dsa-5096

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

2) Improper Resource Shutdown or Release

EUVDB-ID: #VU59473

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2020-36322

CWE-ID: CWE-404 - Improper Resource Shutdown or Release

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists in the FUSE filesystem implementation in the Linux kernel due to fuse_do_getattr() calls make_bad_inode() in inappropriate situations. A local user can run a specially crafted program to trigger kernel crash.

Note, the vulnerability exists due to incomplete fix for #VU58207 (CVE-2021-28950).

Mitigation

Update linux package to version 4.19.232-1.

Vulnerable software versions

Debian Linux: All versions

linux (Debian package): before 4.19.232-1


CPE2.3 External links

http://www.debian.org/security/2022/dsa-5096

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

3) Improper Initialization

EUVDB-ID: #VU58208

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-20317

CWE-ID: CWE-665 - Improper Initialization

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper initialization the Linux kernel. A corrupted timer tree causes the task wakeup to be missing in the timerqueue_add function in lib/timerqueue.c. A local user can run a specially crafted application to crash the kernel.

Mitigation

Update linux package to version 4.19.232-1.

Vulnerable software versions

Debian Linux: All versions

linux (Debian package): before 4.19.232-1


CPE2.3 External links

http://www.debian.org/security/2022/dsa-5096

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

4) Race condition

EUVDB-ID: #VU59084

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-20321

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attacks.

The vulnerability exists due to a race condition when accessing file object in the Linux kernel OverlayFS subsystem. A local user can rename files in specific way with OverlayFS and perform a denial of service (DoS) attack.

Mitigation

Update linux package to version 4.19.232-1.

Vulnerable software versions

Debian Linux: All versions

linux (Debian package): before 4.19.232-1


CPE2.3 External links

http://www.debian.org/security/2022/dsa-5096

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

5) Use of insufficiently random values

EUVDB-ID: #VU63839

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2021-20322

CWE-ID: CWE-330 - Use of Insufficiently Random Values

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to an error when processing received ICMP errors. A remote attacker can effectively bypass the source port UDP randomization to gain access to sensitive information.

Mitigation

Update linux package to version 4.19.232-1.

Vulnerable software versions

Debian Linux: All versions

linux (Debian package): before 4.19.232-1


CPE2.3 External links

http://www.debian.org/security/2022/dsa-5096

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

6) Double Free

EUVDB-ID: #VU63766

Risk: High

CVSSv3.1:

CVE-ID: CVE-2021-22600

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error in the packet_set_ring() function in net/packet/af_packet.c. A local user can pass specially crafted data to the application, trigger double free error and escalate privileges on the system.

Note, the vulnerability is being actively exploited in the wild against Android users.

Mitigation

Update linux package to version 4.19.232-1.

Vulnerable software versions

Debian Linux: All versions

linux (Debian package): before 4.19.232-1


CPE2.3 External links

http://www.debian.org/security/2022/dsa-5096

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

7) Resource exhaustion

EUVDB-ID: #VU63563

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-28711

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper limits for number of events driver domains could send to other guest VMs. A local user can trigger resource exhaustion and perform a denial of service (DoS) attack.

Mitigation

Update linux package to version 4.19.232-1.

Vulnerable software versions

Debian Linux: All versions

linux (Debian package): before 4.19.232-1


CPE2.3 External links

http://www.debian.org/security/2022/dsa-5096

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

8) Resource exhaustion

EUVDB-ID: #VU63564

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-28712

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper limits for number of events driver domains could send to other guest VMs. A local user can trigger resource exhaustion and perform a denial of service (DoS) attack.

Mitigation

Update linux package to version 4.19.232-1.

Vulnerable software versions

Debian Linux: All versions

linux (Debian package): before 4.19.232-1


CPE2.3 External links

http://www.debian.org/security/2022/dsa-5096

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

9) Resource exhaustion

EUVDB-ID: #VU63565

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-28713

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper limits for number of events driver domains could send to other guest VMs. A local user can trigger resource exhaustion and perform a denial of service (DoS) attack.

Mitigation

Update linux package to version 4.19.232-1.

Vulnerable software versions

Debian Linux: All versions

linux (Debian package): before 4.19.232-1


CPE2.3 External links

http://www.debian.org/security/2022/dsa-5096

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

10) Improper Resource Shutdown or Release

EUVDB-ID: #VU63583

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2021-28714

CWE-ID: CWE-404 - Improper Resource Shutdown or Release

Exploit availability: No

Description

The vulnerability allows a remote user to perform a denial of service (DoS) attack.

The vulnerability exists due to incoming data packets for a guest in the Linux kernel's netback driver are buffered until the guest is ready to process them. A remote user can use a UDP connection on a fast interface to trigger resource exhaustion and perform a denial of service (DoS) attack.

Mitigation

Update linux package to version 4.19.232-1.

Vulnerable software versions

Debian Linux: All versions

linux (Debian package): before 4.19.232-1


CPE2.3 External links

http://www.debian.org/security/2022/dsa-5096

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

11) Improper Resource Shutdown or Release

EUVDB-ID: #VU63584

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2021-28715

CWE-ID: CWE-404 - Improper Resource Shutdown or Release

Exploit availability: No

Description

The vulnerability allows a remote user to perform a denial of service (DoS) attack.

The vulnerability exists due to incoming data packets for a guest in the Linux kernel's netback driver are buffered until the guest is ready to process them. A remote user can use a UDP connection on a fast interface to trigger resource exhaustion and perform a denial of service (DoS) attack.

Mitigation

Update linux package to version 4.19.232-1.

Vulnerable software versions

Debian Linux: All versions

linux (Debian package): before 4.19.232-1


CPE2.3 External links

http://www.debian.org/security/2022/dsa-5096

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

12) Excessive Iteration

EUVDB-ID: #VU58207

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-28950

CWE-ID: CWE-834 - Excessive Iteration

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to excessive iteration in fs/fuse/fuse_i.h in the Linux kernel. A local user can run a specially crafted program to perform a denial of service attack.

Mitigation

Update linux package to version 4.19.232-1.

Vulnerable software versions

Debian Linux: All versions

linux (Debian package): before 4.19.232-1


CPE2.3 External links

http://www.debian.org/security/2022/dsa-5096

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

13) Use-after-free

EUVDB-ID: #VU63769

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-3640

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error in sco_sock_sendmsg() function of the Linux kernel HCI subsystem. A privileged local user can call ioct UFFDIO_REGISTER or other way trigger race condition to escalate privileges on the system.

Mitigation

Update linux package to version 4.19.232-1.

Vulnerable software versions

Debian Linux: All versions

linux (Debian package): before 4.19.232-1


CPE2.3 External links

http://www.debian.org/security/2022/dsa-5096

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

14) Memory leak

EUVDB-ID: #VU63813

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-3744

CWE-ID: CWE-401 - Improper Release of Memory Before Removing Last Reference ('Memory Leak')

Exploit availability: No

Description

The vulnerability allows a local user to perform DoS attack on the target system.

The vulnerability exists due memory leak in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c. A local user can force the application to leak memory and perform denial of service attack.

Mitigation

Update linux package to version 4.19.232-1.

Vulnerable software versions

Debian Linux: All versions

linux (Debian package): before 4.19.232-1


CPE2.3 External links

http://www.debian.org/security/2022/dsa-5096

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

15) Use-after-free

EUVDB-ID: #VU63767

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-3752

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to escalate privileges on the system.

The vulnerability exists due to a use-after-free error in the Linux kernel’s Bluetooth subsystem when a user calls connect to the socket and disconnect simultaneously. A local user can escalate privileges on the system.

Mitigation

Update linux package to version 4.19.232-1.

Vulnerable software versions

Debian Linux: All versions

linux (Debian package): before 4.19.232-1


CPE2.3 External links

http://www.debian.org/security/2022/dsa-5096

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

16) Use-after-free

EUVDB-ID: #VU63816

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-3760

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error in the NFC stack. A local user can trigger use-after-free error to escalate privileges on the system.

Mitigation

Update linux package to version 4.19.232-1.

Vulnerable software versions

Debian Linux: All versions

linux (Debian package): before 4.19.232-1


CPE2.3 External links

http://www.debian.org/security/2022/dsa-5096

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

17) Memory leak

EUVDB-ID: #VU63817

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2021-3764

CWE-ID: CWE-401 - Improper Release of Memory Before Removing Last Reference ('Memory Leak')

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak error in the ccp_run_aes_gcm_cmd() function in Linux kernel. A local user can trigger a memory leak error and perform a denial of service (DoS) attack.

Mitigation

Update linux package to version 4.19.232-1.

Vulnerable software versions

Debian Linux: All versions

linux (Debian package): before 4.19.232-1


CPE2.3 External links

http://www.debian.org/security/2022/dsa-5096

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

18) Insufficient verification of data authenticity

EUVDB-ID: #VU63835

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2021-3772

CWE-ID: CWE-345 - Insufficient Verification of Data Authenticity

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service attack (DoS) on the target system.

The vulnerability exists due to insufficient verification of data authenticity in the Linux SCTP stack. A remote attacker can exploit this vulnerability to perform a denial of service attack.

Mitigation

Update linux package to version 4.19.232-1.

Vulnerable software versions

Debian Linux: All versions

linux (Debian package): before 4.19.232-1


CPE2.3 External links

http://www.debian.org/security/2022/dsa-5096

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

19) Code Injection

EUVDB-ID: #VU63840

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-38300

CWE-ID: CWE-94 - Improper Control of Generation of Code ('Code Injection')

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code on the target system.

The vulnerability exists due to improper input validation in the arch/mips/net/bpf_jit.c in the Linux kernel. A local user can send a specially crafted request and execute arbitrary code on the target system.

Mitigation

Update linux package to version 4.19.232-1.

Vulnerable software versions

Debian Linux: All versions

linux (Debian package): before 4.19.232-1


CPE2.3 External links

http://www.debian.org/security/2022/dsa-5096

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

20) Buffer overflow

EUVDB-ID: #VU61095

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-39685

CWE-ID: CWE-119 - Memory corruption

Exploit availability: Yes

Description

The vulnerability allows a malicious host to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the USB subsystem in Linux kernel. A malicious USB device can trigger memory corruption and execute arbitrary code on the system.

Mitigation

Update linux package to version 4.19.232-1.

Vulnerable software versions

Debian Linux: All versions

linux (Debian package): before 4.19.232-1


CPE2.3 External links

http://www.debian.org/security/2022/dsa-5096

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

21) Race condition

EUVDB-ID: #VU61096

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-39686

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition in the binder implementation in Linux kernel. A local user can exploit the race and gain unauthorized access to sensitive information and escalate privileges on the system.

Mitigation

Update linux package to version 4.19.232-1.

Vulnerable software versions

Debian Linux: All versions

linux (Debian package): before 4.19.232-1


CPE2.3 External links

http://www.debian.org/security/2022/dsa-5096

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

22) Use-after-free

EUVDB-ID: #VU61097

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-39698

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error in Linux kernel. A local user can run a specially crafted program to trigger the use-after-free error and execute arbitrary code with elevated privileges.

Mitigation

Update linux package to version 4.19.232-1.

Vulnerable software versions

Debian Linux: All versions

linux (Debian package): before 4.19.232-1


CPE2.3 External links

http://www.debian.org/security/2022/dsa-5096

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

23) Security features bypass

EUVDB-ID: #VU63350

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-39713

CWE-ID: CWE-254 - Security Features

Exploit availability: No

Description

The vulnerability allows a local application to escalate privileges on the system.

The vulnerability exists due to multiple issues in Qdisc implementation related to rcu read lock. A local application can execute arbitrary code with elevated privileges.

Mitigation

Update linux package to version 4.19.232-1.

Vulnerable software versions

Debian Linux: All versions

linux (Debian package): before 4.19.232-1


CPE2.3 External links

http://www.debian.org/security/2022/dsa-5096

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

24) Memory leak

EUVDB-ID: #VU63836

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-4002

CWE-ID: CWE-401 - Improper Release of Memory Before Removing Last Reference ('Memory Leak')

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due memory leak in the Linux kernel's hugetlbfs memory usage. A local user can force the application to leak memory and gain access to sensitive information.

Mitigation

Update linux package to version 4.19.232-1.

Vulnerable software versions

Debian Linux: All versions

linux (Debian package): before 4.19.232-1


CPE2.3 External links

http://www.debian.org/security/2022/dsa-5096

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

25) Use-after-free

EUVDB-ID: #VU61246

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-4083

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the Linux kernel's garbage collection for Unix domain socket file handlers. A local user can call close() and fget() simultaneously and can potentially trigger a race condition, which in turn leads to a use-after-free error and allows privilege escalation.

Mitigation

Update linux package to version 4.19.232-1.

Vulnerable software versions

Debian Linux: All versions

linux (Debian package): before 4.19.232-1


CPE2.3 External links

http://www.debian.org/security/2022/dsa-5096

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

26) Information disclosure

EUVDB-ID: #VU63566

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-4135

CWE-ID: CWE-200 - Information Exposure

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to simulated networking device driver for the Linux kernel does not properly initialize memory in certain situations. A local user can gain unauthorized access to sensitive information (kernel memory).

Mitigation

Update linux package to version 4.19.232-1.

Vulnerable software versions

Debian Linux: All versions

linux (Debian package): before 4.19.232-1


CPE2.3 External links

http://www.debian.org/security/2022/dsa-5096

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

27) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU59812

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-4155

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local user to bypass implemented security restrictions.

The vulnerability exists due to the OS kernel does not impose correctly security restrictions. A local user can gain access to sensitive information on the system.

Mitigation

Update linux package to version 4.19.232-1.

Vulnerable software versions

Debian Linux: All versions

linux (Debian package): before 4.19.232-1


CPE2.3 External links

http://www.debian.org/security/2022/dsa-5096

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

28) Out-of-bounds write

EUVDB-ID: #VU63855

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-41864

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error when processing untrusted input. A local user can gain access to out-of-bounds memory leading to a system crash or a leak of internal kernel information.

Mitigation

Update linux package to version 4.19.232-1.

Vulnerable software versions

Debian Linux: All versions

linux (Debian package): before 4.19.232-1


CPE2.3 External links

http://www.debian.org/security/2022/dsa-5096

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

29) Use-after-free

EUVDB-ID: #VU63764

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-4202

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error in the nci_request() function in net/nfc/nci/core.c in NFC Controller Interface (NCI) in the Linux kernel. A local user can cause a data race problem while the device is getting removed and escalate privileges on the system.

Mitigation

Update linux package to version 4.19.232-1.

Vulnerable software versions

Debian Linux: All versions

linux (Debian package): before 4.19.232-1


CPE2.3 External links

http://www.debian.org/security/2022/dsa-5096

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

30) Use-after-free

EUVDB-ID: #VU63838

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-4203

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error in sock_getsockopt() function in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() function (and connect() function) in the Linux kernel. A local user can exploit the use-after-free error and crash the system or escalate privileges on the system.

Mitigation

Update linux package to version 4.19.232-1.

Vulnerable software versions

Debian Linux: All versions

linux (Debian package): before 4.19.232-1


CPE2.3 External links

http://www.debian.org/security/2022/dsa-5096

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

31) Buffer overflow

EUVDB-ID: #VU59474

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-42739

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary within the firewire subsystem in the Linux kernel in drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c files. A local privileged user can run a specially crafted program tat calls avc_ca_pmt() function to trigger memory corruption and execute arbitrary code with elevated privileges.

Mitigation

Update linux package to version 4.19.232-1.

Vulnerable software versions

Debian Linux: All versions

linux (Debian package): before 4.19.232-1


CPE2.3 External links

http://www.debian.org/security/2022/dsa-5096

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

32) Improper Validation of Array Index

EUVDB-ID: #VU63385

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-43389

CWE-ID: CWE-129 - Improper Validation of Array Index

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code with elevated privileges.

The vulnerability exists due to improper validation of array index in the ISDN CAPI implementation within detach_capi_ctr() function in drivers/isdn/capi/kcapi.c. local user can send specially crafted data to the system and execute arbitrary code with elevated privileges.

Mitigation

Update linux package to version 4.19.232-1.

Vulnerable software versions

Debian Linux: All versions

linux (Debian package): before 4.19.232-1


CPE2.3 External links

http://www.debian.org/security/2022/dsa-5096

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

33) Out-of-bounds write

EUVDB-ID: #VU62485

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-43975

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the hw_atl_utils_fw_rpc_wait() function in drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c in Linux kernel. A local user can attach a specially crafted device to the system, trigger an out-of-bounds write and execute arbitrary code with elevated privileges.

Mitigation

Update linux package to version 4.19.232-1.

Vulnerable software versions

Debian Linux: All versions

linux (Debian package): before 4.19.232-1


CPE2.3 External links

http://www.debian.org/security/2022/dsa-5096

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

34) Input validation error

EUVDB-ID: #VU61215

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-43976

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows an attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input within the mwifiex_usb_recv() function in drivers/net/wireless/marvell/mwifiex/usb.c in Linux kernel. An attacker with physical access to the system can insert a specially crafted USB device and perform a denial of service (DoS) attack.

Mitigation

Update linux package to version 4.19.232-1.

Vulnerable software versions

Debian Linux: All versions

linux (Debian package): before 4.19.232-1


CPE2.3 External links

http://www.debian.org/security/2022/dsa-5096

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

35) Use-after-free

EUVDB-ID: #VU59100

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-44733

CWE-ID: CWE-416 - Use After Free

Exploit availability: Yes

Description

The vulnerability allows a local user to elevate privileges on the system.

The vulnerability exists due to a use-after-free error in the drivers/tee/tee_shm.c file within the TEE subsystem in the Linux kernel. A local user can trigger a race condition in tee_shm_get_from_id during an attempt to free a shared memory object and execute arbitrary code with elevated privileges.

Mitigation

Update linux package to version 4.19.232-1.

Vulnerable software versions

Debian Linux: All versions

linux (Debian package): before 4.19.232-1


CPE2.3 External links

http://www.debian.org/security/2022/dsa-5096

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

36) Information disclosure

EUVDB-ID: #VU61579

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-45095

CWE-ID: CWE-200 - Information Exposure

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to a refcount leak within the pep_sock_accept() function in net/phonet/pep.c in the Linux kernel. A local user can gain unauthorized access to sensitive information on the system.

Mitigation

Update linux package to version 4.19.232-1.

Vulnerable software versions

Debian Linux: All versions

linux (Debian package): before 4.19.232-1


CPE2.3 External links

http://www.debian.org/security/2022/dsa-5096

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

37) Out-of-bounds read

EUVDB-ID: #VU63578

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-45469

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to a boundary condition in the __f2fs_setxattr() function in fs/f2fs/xattr.c in the Linux kernel when an inode has an invalid last xattr entry. A local user can create a specially crafted f2fs image, trigger an out-of-bounds read error, and perform a denial of service attack or possibly execute arbitrary code.

Mitigation

Update linux package to version 4.19.232-1.

Vulnerable software versions

Debian Linux: All versions

linux (Debian package): before 4.19.232-1


CPE2.3 External links

http://www.debian.org/security/2022/dsa-5096

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

38) Memory leak

EUVDB-ID: #VU63568

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-45480

CWE-ID: CWE-401 - Improper Release of Memory Before Removing Last Reference ('Memory Leak')

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the __rds_conn_create() function in net/rds/connection.c. A local user can perform a denial of service attack.

Mitigation

Update linux package to version 4.19.232-1.

Vulnerable software versions

Debian Linux: All versions

linux (Debian package): before 4.19.232-1


CPE2.3 External links

http://www.debian.org/security/2022/dsa-5096

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

39) Information disclosure

EUVDB-ID: #VU61198

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-0001

CWE-ID: CWE-200 - Information Exposure

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to non-transparent sharing of branch predictor selectors between contexts. A local user can gain unauthorized access to sensitive information on the system.

Mitigation

Update linux package to version 4.19.232-1.

Vulnerable software versions

Debian Linux: All versions

linux (Debian package): before 4.19.232-1


CPE2.3 External links

http://www.debian.org/security/2022/dsa-5096

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

40) Information disclosure

EUVDB-ID: #VU61199

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-0002

CWE-ID: CWE-200 - Information Exposure

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to non-transparent sharing of branch predictor within a context. A local user can gain unauthorized access to sensitive information on the system.

Mitigation

Update linux package to version 4.19.232-1.

Vulnerable software versions

Debian Linux: All versions

linux (Debian package): before 4.19.232-1


CPE2.3 External links

http://www.debian.org/security/2022/dsa-5096

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

41) Type conversion

EUVDB-ID: #VU63856

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-0322

CWE-ID: CWE-704 - Incorrect Type Conversion or Cast (Type Conversion)

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service attack.

The vulnerability exists due to a type conversion error in the sctp_make_strreset_req() function in net/sctp/sm_make_chunk.c in the SCTP network protocol in the Linux kernel. A local user can perform a denial of service attack.

Mitigation

Update linux package to version 4.19.232-1.

Vulnerable software versions

Debian Linux: All versions

linux (Debian package): before 4.19.232-1


CPE2.3 External links

http://www.debian.org/security/2022/dsa-5096

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

42) Buffer overflow

EUVDB-ID: #VU60988

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-0330

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a random memory access flaw caused by a missing TLB flush in Linux kernel GPU i915 kernel driver functionality. A local user can execute arbitrary code on the system with elevated privileges.

Mitigation

Update linux package to version 4.19.232-1.

Vulnerable software versions

Debian Linux: All versions

linux (Debian package): before 4.19.232-1


CPE2.3 External links

http://www.debian.org/security/2022/dsa-5096

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

43) Stack-based buffer overflow

EUVDB-ID: #VU61216

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-0435

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the Linux kernel networking module for the Transparent Inter-Process Communication (TIPC) protocol. A remote unauthenticated attacker can send specially crafted traffic to the system, trigger a stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system but requires that the TIPC bearer is set up.

Mitigation

Update linux package to version 4.19.232-1.

Vulnerable software versions

Debian Linux: All versions

linux (Debian package): before 4.19.232-1


CPE2.3 External links

http://www.debian.org/security/2022/dsa-5096

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

44) Use-after-free

EUVDB-ID: #VU61181

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-0487

CWE-ID: CWE-416 - Use After Free

Exploit availability: Yes

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to a use-after-free error in rtsx_usb_ms_drv_remove in drivers/memstick/host/rtsx_usb_ms.c in memstick in the Linux kernel. A local user can trigger a use-after-free error and gain access to sensitive information.

Mitigation

Update linux package to version 4.19.232-1.

Vulnerable software versions

Debian Linux: All versions

linux (Debian package): before 4.19.232-1


CPE2.3 External links

http://www.debian.org/security/2022/dsa-5096

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

45) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU61245

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-0492

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: Yes

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a logic error within the cgroup_release_agent_write() function in  kernel/cgroup/cgroup-v1.c. A local user can use the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation.

Mitigation

Update linux package to version 4.19.232-1.

Vulnerable software versions

Debian Linux: All versions

linux (Debian package): before 4.19.232-1


CPE2.3 External links

http://www.debian.org/security/2022/dsa-5096

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

46) NULL pointer dereference

EUVDB-ID: #VU61210

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-0617

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in the Linux kernel UDF file system functionality. A local user can supply a malicious UDF image to the udf_file_write_iter() function and perform a denial of service (DoS) attack.

Mitigation

Update linux package to version 4.19.232-1.

Vulnerable software versions

Debian Linux: All versions

linux (Debian package): before 4.19.232-1


CPE2.3 External links

http://www.debian.org/security/2022/dsa-5096

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

47) Reachable Assertion

EUVDB-ID: #VU63860

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-0644

CWE-ID: CWE-617 - Reachable Assertion

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a reachable assertion error in the Linux kernel’s kernel_read_file_from_fd in the filesystem. A local user can attempt to read a file without read access/permission to perform a denial of service (DoS) attack.

Mitigation

Update linux package to version 4.19.232-1.

Vulnerable software versions

Debian Linux: All versions

linux (Debian package): before 4.19.232-1


CPE2.3 External links

http://www.debian.org/security/2022/dsa-5096

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

48) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU61217

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-22942

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to an error in the vmwgfx driver in Linux kernel. A local unprivileged user can gain access to files opened by other processes on the system through a dangling 'file' pointer.

Exploiting this vulnerability requires an attacker to have access to either /dev/dri/card0 or /dev/dri/rendererD128 and be able to issue an ioctl() on the resulting file descriptor.

Mitigation

Update linux package to version 4.19.232-1.

Vulnerable software versions

Debian Linux: All versions

linux (Debian package): before 4.19.232-1


CPE2.3 External links

http://www.debian.org/security/2022/dsa-5096

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

49) Missing initialization of resource

EUVDB-ID: #VU61211

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-24448

CWE-ID: CWE-909 - Missing initialization of resource

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to missing initialization of resource within the fs/nfs/dir.c in the Linux kernel. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should occur, but the server instead returns uninitialized data in the file descriptor.

Mitigation

Update linux package to version 4.19.232-1.

Vulnerable software versions

Debian Linux: All versions

linux (Debian package): before 4.19.232-1


CPE2.3 External links

http://www.debian.org/security/2022/dsa-5096

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

50) Memory leak

EUVDB-ID: #VU62482

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-24959

CWE-ID: CWE-401 - Improper Release of Memory Before Removing Last Reference ('Memory Leak')

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the yam_siocdevprivate() function in drivers/net/hamradio/yam.c. A local user can perform a denial of service attack.

Mitigation

Update linux package to version 4.19.232-1.

Vulnerable software versions

Debian Linux: All versions

linux (Debian package): before 4.19.232-1


CPE2.3 External links

http://www.debian.org/security/2022/dsa-5096

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

51) NULL pointer dereference

EUVDB-ID: #VU61270

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-25258

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error drivers/usb/gadget/composite.c in the Linux kernel. The USB Gadget subsystem lacks certain validation of interface OS descriptor requests (ones with a large array index and ones associated with NULL function pointer retrieval). A local user can run a specially crafted program to trigger memory corruption and perform a denial of service (DoS) attack.

Mitigation

Update linux package to version 4.19.232-1.

Vulnerable software versions

Debian Linux: All versions

linux (Debian package): before 4.19.232-1


CPE2.3 External links

http://www.debian.org/security/2022/dsa-5096

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

52) Exposure of Resource to Wrong Sphere

EUVDB-ID: #VU61269

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-25375

CWE-ID: CWE-668 - Exposure of resource to wrong sphere

Exploit availability: Yes

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to improper access restrictions in drivers/usb/gadget/function/rndis.c in the Linux kernel. The RNDIS USB gadget lacks validation of the size of the RNDIS_MSG_SET command. A local user can run a specially crafted program to gain access to kernel memory.

Mitigation

Update linux package to version 4.19.232-1.

Vulnerable software versions

Debian Linux: All versions

linux (Debian package): before 4.19.232-1


CPE2.3 External links

http://www.debian.org/security/2022/dsa-5096

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###