mickmick.net

Debian Linux Kernel Multiple Vulnerabilities

Release Date: 14 Jun 2022

RISK: Medium Risk

TYPE: Operating Systems - Linux

Multiple vulnerabilities were identified in Debian Linux Kernel. A attacker could exploit some of these vulnerabilities to trigger denial of service condition, elevation of privilege, remote code execution, sensitive information disclosure and security restriction bypass on the targeted system.

---

Impact

• Denial of Service
• Elevation of Privilege
• Remote Code Execution
• Information Disclosure
• Security Restriction Bypass

---

System / Technologies affected

• Debian Stable Distribution (bullseye) prior to 5.10.120-1 

---

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Apply fixes issued by the vendor:

• https://lists.debian.org/debian-security-announce/2022/msg00129.html

---

Vulnerability Identifier

• CVE-2022-0494
• CVE-2022-0854
• CVE-2022-1012
• CVE-2022-1729
• CVE-2022-1786
• CVE-2022-1789
• CVE-2022-1852
• CVE-2022-1966
• CVE-2022-1972
• CVE-2022-1974
• CVE-2022-1975
• CVE-2022-21499
• CVE-2022-28893

---

Source

• AusCERT
• Debian

---

Related Link

• https://www.auscert.org.au/bulletins/ESB-2022.2878
• https://lists.debian.org/debian-security-announce/2022/msg00129.html