[Debian] High CVE: CVE-2023-3090/CVE-2023-3212/CVE-2023-35788/CVE-2023-3141/CVE-2023-3111/CVE-2023-3338/CVE-2023-2124/CVE-2023-3609: kernel: multiple CVEs
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
StarlingX |
Fix Released
|
High
|
Peng Zhang |
Bug Description
CVE-2023-3609: https:/
A use-after-free vulnerability in the Linux kernel's net/sched: cls_u32 component can be exploited to achieve local privilege escalation. If tcf_change_indev() fails, u32_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf_bind_filter(). If an attacker can control the reference counter and set it to zero, they can cause the reference to be freed, leading to a use-after-free vulnerability. We recommend upgrading past commit 04c55383fa56893
CVE-2023-3090: https:/
A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation.
The out-of-bounds write is caused by missing skb->cb initialization in the ipvlan network driver. The vulnerability is reachable if CONFIG_IPVLAN is enabled.
We recommend upgrading past commit 90cbed5247439a9
CVE-2023-3212: https:/
A NULL pointer dereference issue was found in the gfs2 file system in the Linux kernel. It occurs on corrupt gfs2 file systems when the evict code tries to reference the journal descriptor structure after it has been freed and set to NULL. A privileged local user could use this flaw to cause a kernel panic.
CVE-2023-35788: https:/
An issue was discovered in fl_set_geneve_opt in net/sched/
CVE-2023-3141: https:/
A use-after-free flaw was found in r592_remove in drivers/
CVE-2023-3111: https:/
A use after free vulnerability was found in prepare_to_relocate in fs/btrfs/
CVE-2023-2124: https:/
An out-of-bounds memory access flaw was found in the Linux kernel's XFS file system in how a user restores an XFS image after failure (with a dirty log journal). This flaw allows a local user to crash or potentially escalate their privileges on the system.
CVE-2023-3338: https:/
A flaw null pointer dereference in the Linux kernel DECnet networking protocol was found. A remote user could use this flaw to crash the system.
Base Score: High
References:
Upgrade Yocto linux_5.10.185
tags: | added: stx.9.0 |
tags: | added: stx.security |
summary: |
[Debian] High CVE: - CVE-2023-35788/CVE-2023-3141/CVE-2023-3111/CVE-2023-2124: kernel: - multiple CVEs + CVE-2023-35788/CVE-2023-3141/CVE-2023-3111/CVE-2023-3338/CVE-2023-2124: + kernel: multiple CVEs |
description: | updated |
summary: |
[Debian] High CVE: - CVE-2023-35788/CVE-2023-3141/CVE-2023-3111/CVE-2023-3338/CVE-2023-2124: + CVE-2023-3212/CVE-2023-35788/CVE-2023-3141/CVE-2023-3111/CVE-2023-3338/CVE-2023-2124: kernel: multiple CVEs |
summary: |
[Debian] High CVE: - CVE-2023-3212/CVE-2023-35788/CVE-2023-3141/CVE-2023-3111/CVE-2023-3338/CVE-2023-2124: + CVE-2023-3090/CVE-2023-3212/CVE-2023-35788/CVE-2023-3141/CVE-2023-3111/CVE-2023-3338/CVE-2023-2124: kernel: multiple CVEs |
description: | updated |
summary: |
[Debian] High CVE: - CVE-2023-3090/CVE-2023-3212/CVE-2023-35788/CVE-2023-3141/CVE-2023-3111/CVE-2023-3338/CVE-2023-2124: + CVE-2023-3090/CVE-2023-3212/CVE-2023-35788/CVE-2023-3141/CVE-2023-3111/CVE-2023-3338/CVE-2023-2124/CVE-2023-3609: kernel: multiple CVEs |
description: | updated |
Changed in starlingx: | |
assignee: | nobody → Peng Zhang (pzhang2) |
status: | Triaged → In Progress |
Reviewed: https:/ /review. opendev. org/c/starlingx /kernel/ +/890277 /opendev. org/starlingx/ kernel/ commit/ 481ad14aa4bdb9e 29aa8e2921f45d1 80c72b5cc3
Committed: https:/
Submitter: "Zuul (22348)"
Branch: master
commit 481ad14aa4bdb9e 29aa8e2921f45d1 80c72b5cc3
Author: Peng Zhang <email address hidden>
Date: Wed Aug 2 14:47:22 2023 +0800
Update kernel to v5.10.185
This commit updates kernel to 5.10.185 to fix following CVE issues: /nvd.nist. gov/vuln/ detail/ CVE-2023- 3609 /nvd.nist. gov/vuln/ detail/ CVE-2023- 3090 /nvd.nist. gov/vuln/ detail/ CVE-2023- 3212 /nvd.nist. gov/vuln/ detail/ CVE-2023- 35788 /nvd.nist. gov/vuln/ detail/ CVE-2023- 3141 /nvd.nist. gov/vuln/ detail/ CVE-2023- 3111 /nvd.nist. gov/vuln/ detail/ CVE-2023- 2124 /nvd.nist. gov/vuln/ detail/ CVE-2023- 3338
CVE-2023-3609: https:/
CVE-2023-3090: https:/
CVE-2023-3212: https:/
CVE-2023-35788: https:/
CVE-2023-3141: https:/
CVE-2023-3111: https:/
CVE-2023-2124: https:/
CVE-2023-3338: https:/
None of our source patches requires refresh against the new kernel
source.
Verification:
- Build kernel and out of tree modules success for rt and std.
- Build iso success for rt and std.
- Install success onto a AIO-DX lab with rt kernel.
- Boot up successfully in the lab.
- The sanity testing was run including kernel and applications
by our test team.
- The cyclictest benchmark was also run on the starlingx lab, the
result is "samples: 259199999 avg: 1649 max: 9363 99.9999th
percentile: 8579 overflows: 0", It is not big difference with
5.10.180 for avg and max.
Closes-Bug: 2025123 c6f03a4c5f53104 db5903f41ae
Change-Id: Ia4d825573e03a8
Signed-off-by: Peng Zhang <email address hidden>