| Description: | Summary:
The remote host is missing an update for the Debian 'linux' package(s) announced via the DSA-5096-1 advisory.
Vulnerability Insight:
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
CVE-2020-29374
Jann Horn of Google reported a flaw in Linux's virtual memory management. A parent and child process initially share all their memory, but when either writes to a shared page, the page is duplicated and unshared (copy-on-write). However, in case an operation such as vmsplice() required the kernel to take an additional reference to a shared page, and a copy-on-write occurs during this operation, the kernel might have accessed the wrong process's memory. For some programs, this could lead to an information leak or data corruption.
This issue was already fixed for most architectures, but not on MIPS and System z. This update corrects that.
CVE-2020-36322, CVE-2021-28950 The syzbot tool found that the FUSE (filesystem-in-user-space) implementation did not correctly handle a FUSE server returning invalid attributes for a file. A local user permitted to run a FUSE server could use this to cause a denial of service (crash). The original fix for this introduced a different potential denial of service (infinite loop in kernel space), which has also been fixed.
CVE-2021-3640
Lin Ma discovered a race condition in the Bluetooth protocol implementation that can lead to a use-after-free. A local user could exploit this to cause a denial of service (memory corruption or crash) or possibly for privilege escalation.
CVE-2021-3744, CVE-2021-3764 minihanshen reported bugs in the ccp driver for AMD Cryptographic Coprocessors that could lead to a resource leak. On systems using this driver, a local user could exploit this to cause a denial of service.
CVE-2021-3752
Likang Luo of NSFOCUS Security Team discovered a flaw in the Bluetooth L2CAP implementation that can lead to a user-after-free. A local user could exploit this to cause a denial of service (memory corruption or crash) or possibly for privilege escalation.
CVE-2021-3760, CVE-2021-4202 Lin Ma discovered race conditions in the NCI (NFC Controller Interface) driver, which could lead to a use-after-free. A local user could exploit this to cause a denial of service (memory corruption or crash) or possibly for privilege escalation. This driver is not enabled in Debian's official kernel configurations.
CVE-2021-3772
A flaw was found in the SCTP protocol implementation, which would allow a networked attacker to break an SCTP association. The attacker would only need to know or guess the IP addresses and ports for the association.
CVE-2021-4002
It was discovered that hugetlbfs, the virtual filesystem used by applications to allocate huge pages in RAM, did not flush the CPU's TLB in one case where it was necessary. In some circumstances a local user would be able to read and write huge pages after they are freed and reallocated to a different process. This could lead to ... [Please see the references for more information on the vulnerabilities]
Affected Software/OS:
'linux' package(s) on Debian 10.
Solution:
Please install the updated package(s).
CVSS Score:
9.0
CVSS Vector:
AV:N/AC:L/Au:S/C:C/I:C/A:C
|
