Debian 10225 Published by

A linux-5.10 new package has been released for Debian GNU/Linux 10.



DLA 3102-1: linux-5.10 new package


-------------------------------------------------------------------------
Debian LTS Advisory DLA-3102-1 debian-lts@lists.debian.org
  https://www.debian.org/lts/security/ Ben Hutchings
September 11, 2022   https://wiki.debian.org/LTS
-------------------------------------------------------------------------

Package : linux-5.10
Version : 5.10.136-1~deb10u3
CVE ID : CVE-2022-2585 CVE-2022-2586 CVE-2022-2588 CVE-2022-26373
CVE-2022-29900 CVE-2022-29901 CVE-2022-36879 CVE-2022-36946

Linux 5.10 has been packaged for Debian 10 as linux-5.10. This
provides a supported upgrade path for systems that currently use
kernel packages from the "buster-backports" suite.

There is no need to upgrade systems using Linux 4.19, as that kernel
version will also continue to be supported in the LTS period.

The "apt full-upgrade" command will *not* automatically install the
updated kernel packages. You should explicitly install one of the
following metapackages first, as appropriate for your system:

linux-image-5.10-686
linux-image-5.10-686-pae
linux-image-5.10-amd64
linux-image-5.10-arm64
linux-image-5.10-armmp
linux-image-5.10-armmp-lpae
linux-image-5.10-cloud-amd64
linux-image-5.10-cloud-arm64
linux-image-5.10-rt-686-pae
linux-image-5.10-rt-amd64
linux-image-5.10-rt-arm64
linux-image-5.10-rt-armmp

For example, if the command "uname -r" currently shows
"5.10.0-0.deb10.16-amd64", you should install linux-image-5.10-amd64.

This backport does not include the following binary packages:

bpftool hyperv-daemons libcpupower-dev libcpupower1
linux-compiler-gcc-8-arm linux-compiler-gcc-8-x86 linux-cpupower
linux-libc-dev usbip

Older versions of most of those are built from the linux source
package in Debian 10.

Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation, denial of service or information
leaks.

CVE-2022-2585

A use-after-free flaw in the implementation of POSIX CPU timers
may result in denial of service or in local privilege escalation.

CVE-2022-2586

A use-after-free in the Netfilter subsystem may result in local
privilege escalation for a user with the CAP_NET_ADMIN capability
in any user or network namespace.

CVE-2022-2588

Zhenpeng Lin discovered a use-after-free flaw in the cls_route
filter implementation which may result in local privilege
escalation for a user with the CAP_NET_ADMIN capability in any
user or network namespace.

CVE-2022-26373

It was discovered that on certain processors with Intel's Enhanced
Indirect Branch Restricted Speculation (eIBRS) capabilities there
are exceptions to the documented properties in some situations,
which may result in information disclosure.

Intel's explanation of the issue can be found at
  https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/advisory-guidance/post-barrier-return-stack-buffer-predictions.html

CVE-2022-29900

Johannes Wikner and Kaveh Razavi reported that for AMD/Hygon
processors, mis-trained branch predictions for return instructions
may allow arbitrary speculative code execution under certain
microarchitecture-dependent conditions.

A list of affected AMD CPU types can be found at
  https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1037

CVE-2022-29901

Johannes Wikner and Kaveh Razavi reported that for Intel
processors (Intel Core generation 6, 7 and 8), protections against
speculative branch target injection attacks were insufficient in
some circumstances, which may allow arbitrary speculative code
execution under certain microarchitecture-dependent conditions.

More information can be found at
  https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/advisory-guidance/return-stack-buffer-underflow.html

CVE-2022-36879

A flaw was discovered in xfrm_expand_policies in the xfrm
subsystem which can cause a reference count to be dropped twice.

CVE-2022-36946

Domingo Dirutigliano and Nicola Guerrera reported a memory
corruption flaw in the Netfilter subsystem which may result in
denial of service.

For Debian 10 buster, these problems have been fixed in version
5.10.136-1~deb10u3. This update additionally includes many more bug
fixes from stable updates 5.10.128-5.10.136 inclusive.

We recommend that you upgrade your linux-5.10 packages.

For the detailed security status of linux-5.10 please refer to
its security tracker page at:
  https://security-tracker.debian.org/tracker/linux-5.10

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at:   https://wiki.debian.org/LTS