Multiple Security Vulnerabilities in Linux Kernel

Advisory ID: NCC-CSIRT-0401-001

Summary:  Multiple vulnerabilities were identified in Debian Linux Kernel.

Threat Type:  

• Vulnerability 

Product :  Linux 

Version:   

Debian 10 buster versions prior to 4.19.269-1

Debian 10 buster versions prior to 5.10.158-2~deb10u1

Description: Multiple vulnerabilities were identified in Debian Linux Kernel. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, elevation of privilege, remote code execution and sensitive information disclosure on the targeted system.

Consquences: 

• Denial of Service
• Elevation of Privilege
• Remote Code Execution
• Information Disclosure

Impact/Probability: Meduim/ Meduim

Solution :  

Before installation of the software, please visit the vendor website for more details.

Apply fixes issued by the vendor:

• https://www.debian.org/lts/security/2022/dla-3245
• https://www.debian.org/lts/security/2022/dla-3244

References:

• Debian Linux Kernel Multiple Vulnerabilities (hkcert.org)
• Multiple Security Vulnerabilities in Linux Kernel - NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks. (nsfocusglobal.com)