New Debian GNU/Linux 11 “Bullseye” Kernel Security Update Fixes 9 Vulnerabilities

Debian Security Vulnerabilities

The Debian Project released a new Linux kernel security update for its Debian GNU/Linux 11 “Bullseye” stable operating system series to address several security vulnerabilities that could lead to privilege escalation, denial of service, or information leaks.

The new Debian GNU/Linux 11 Linux kernel security update comes one and a half months after the previous kernel security update and it’s here to fix a total of nine security vulnerabilities in the Linux 5.10 LTS kernel, which is the default kernel for Debian Bullseye users.

Patched in this new kernel update is CVE-2021-33655, a security issue that could allow a user with access to a framebuffer console driver to cause a memory out-of-bounds write through the FBIOPUT_VSCREENINFO ioctl, and CVE-2022-2318, a use-after-free vulnerability found in the Amateur Radio X.25 PLP (Rose) support that may result in a denial of service attack.

Also patched is CVE-2022-33743, a security issue discovered by Jan Beulich in the Xen network backend that may lead to a denial of service attack, CVE-2022-33744, a security flaw discovered by Oleksandr Tyshchenko in the ARM Xen guests that can lead to a denial of service attack to the Dom0 via paravirtual devices, as well as CVE-2022-34918, a heap buffer overflow discovered by Arthur Mongodin in the Netfilter subsystem, which may result in local privilege escalation.

Last but not least, the new Debian GNU/Linux 11 Linux kernel security update addresses a series of security vulnerabilities, namely CVE-2022-26365, CVE-2022-33740, CVE-2022-33741, and CVE-2022-33742, discovered by Roger Pau Monne in the Xen block and network PV device frontends, which may result in information disclosure. Additionally, it was discovered that the granularity of the grant table doesn’t allow sharing less than a 4k page, which could also lead to information disclosure.

The Debian Project urges all Debian GNU/Linux 11 “Bullseye” users to update their installations to Linux kernel 5.10.127-2, which addresses the security issues mentioned above. To update your installations, run the sudo apt update && sudo apt full-upgrade command in a terminal emulator or use a graphical package manager like Synaptic Package Manager. Don’t forget to reboot your installations after installing the new kernel version!

Image credits: Debian Project (edited by Marius Nestor)

Last updated 5 months ago