by 
The Debian Project kicked off 2024 with two important Linux kernel security updates for its supported Debian GNU/Linux 12 “Bookworm” and Debian GNU/Linux 11 “Bullseye” operating system series addressing multiple security vulnerabilities.
For Debian GNU/Linux 12 “Bookworm”, the new Linux security update patches CVE-2023-6531, a use-after-free flaw discovered by Google Project Zero’s Jann Horn, as well as CVE-2023-6622 and CVE-2023-6817, two flaws discovered by Xingyuan Mo in the netfilter subsystem that could lead to denial of service or privilege escalation for a user with the CAP_NET_ADMIN capability in any user or network namespace.
The new Linux security update for Debian Bookworm also patches CVE-2023-6931, a heap out-of-bounds write vulnerability discovered by Budimir Markovic in the Linux kernel’s Performance Events system that could lead to denial of service or privilege escalation.
Other security vulnerabilities patched in this update are four race conditions discovered in the Bluetooth subsystem (CVE-2023-51779), ATM (Asynchronous Transfer Mode) subsystem (CVE-2023-51780), Appletalk subsystem (CVE-2023-51781), and Amateur Radio X.25 PLP (Rose) support (CVE-2023-51782). These flaws were also patched for Debian Bullseye and could lead to use-after-free flaws.
For Debian GNU/Linux 11 “Bullseye”, the new Linux security update addresses CVE-2023-5717, a heap out-of-bounds write vulnerability discovered by Budimir Markovic the Linux kernel’s Performance Events system that could lead to denial of service or privilege escalation. However, the Debian Project notes the fact that the default settings in Debian prevent exploitation of this flaw unless more permissive settings have been applied in the kernel.perf_event_paranoid sysctl.
Also patched for Debian Bullseye is CVE-2021-44879, a NULL pointer dereference discovered by Wenqing Liu in the F2FS file system implementation allowing an attacker to cause a denial of service by mounting a specially crafted image, as well as CVE-2023-5178 and CVE-2023-6121, two flaws discovered by Alon Zahavi in the NVMe-oF/TCP subsystem, which could lead to denial of service, privilege escalation, or information leak.
The same goes for CVE-2023-5197, a use-after-free flaw discovered by Kevin Rich in the netfilter subsystem that could lead to denial of service or privilege escalation for a user with the CAP_NET_ADMIN capability in any user or network namespace, and CVE-2023-25775, a flaw discovered by Ivan D Barrera, Christopher Bednarz, Mustafa Ismail, and Shiraz Saleem in the Intel Ethernet Controller RDMA driver that could lead to privilege escalation.
Debian Bullseye users are now also patched against CVE-2023-46813, a race condition discovered by Tom Dohrmann in the Secure Encrypted Virtualization (SEV) implementation that could allow a local attacker in a SEV guest virtual machine to cause a denial of service or execute arbitrary code, and CVE-2023-35827, a use-after-free flaw discovered by Zheng Wang in the Renesas Ethernet AVB support driver.
Two other race conditions were patched as well for Debian Bullseye, namely CVE-2023-45863, a race condition discovered in the library routines for handling generic kernel objects, which could lead to an out-of-bounds write in the fill_kobj_path() function, and CVE-2023-46862, a race condition discovered in the io_uring subsystem that could lead to a NULL pointer dereference and cause a denial of service.
Last but not least, the new Linux security update for Debian Bullseye addresses CVE-2023-6932, a use-after-free vulnerability discovered in the IPv4 IGMP implementation that could lead to denial of service or privilege escalation, and CVE-2023-34324, a possible deadlock discovered by Marek Marczykowski-Gorecki in the Xen guests event channel code that could allow a malicious guest administrator to cause a denial of service.
The Debian Project urges Debian GNU/Linux 12 “Bookworm” and Debian GNU/Linux 11 “Bullseye” users to update their installations to Linux kernel 6.1.69-1 and Linux kernel 5.10.205-2 respectively. Please perform a reboot after installing the new Linux kernel security updates for Debian Bookworm and Bullseye.
Image credits: Debian Project
