CVE-2022-4379 CVE-2023-0045 CVE-2023-0458 CVE-2023-0459 CVE-2023-0461 CVE-2023-1073 CVE-2023-1074 CVE-2023-1076 CVE-2023-1077 CVE-2023-1078 CVE-2023-1079 CVE-2023-1118 CVE-2023-1281 CVE-2023-1513 CVE-2023-1611 CVE-2023-1670 CVE-2023-1829 CVE-2023-1855 CVE-2023-1859 CVE-2023-1872 CVE-2023-1989 CVE-2023-1990 CVE-2023-1998 CVE-2023-2162 CVE-2023-2194 CVE-2023-22998 CVE-2023-23004 CVE-2023-23559 CVE-2023-25012 CVE-2023-26545 CVE-2023-28328 CVE-2023-28466 CVE-2023-30456 Debian Bug : 989705 993612 1022126 1031753
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service, or information leak.
CVE-2022-2196
A regression was discovered the KVM implementation for Intel CPUs,
affecting Spectre v2 mitigation for nested virtualisation. When
KVM was used as the L0 hypervisor, an L2 guest could exploit this
to leak sensitive information from its L1 hypervisor.
CVE-2022-3424
Zheng Wang and Zhuorao Yang reported a flaw in the SGI GRU driver
which could lead to a use-after-free. On systems where this driver
is used, a local user can explit this for denial of service (crash
or memory corruption) or possibly for privilege escalation.
This driver is not enabled in Debian's official kernel
configurations.
CVE-2022-3707
Zheng Wang reported a flaw in the i915 graphics driver's
virtualisation (GVT-g) support that could lead to a double-free.
On systems where this feature is used, a guest can exploit this
for denial of service (crash or memory corruption) or possibly for
privilege escalation.
CVE-2022-4129
Haowei Yan reported a race condition in the L2TP protocol
implementation which could lead to a null pointer dereference. A
local user could exploit this for denial of service (crash).
CVE-2022-4379...
5.10.178-3~deb10u1