Why You Shouldn't Use Microsoft Windows11.

...

LMDE5 - Linux Mint Debian Edition.

LMDE5 -...

Why Should I Not Use Windows10?

Here are a...

Debian 11 Linux, LMDE5 Kernel Update 5.10.149-1

English

Debian 11 Linux, LMDE5 Kernel Update 5.10.149-1.

The Linux Kernel is responsible for hardware and drivers support, with each update more are added together with bug fixes and added security.

New kernel release for Debian 11 "Bullseye" and LMDE5 users.

Previous version: 5.10.140-1

Update available in Update Manager.

Note that this update "will not remove" your existing kernel.

You will still be able to boot with the current kernel by choosing the advanced options in your boot menu. Please be cautious though.. kernel regressions can affect your ability to connect to the Internet or to log in graphically.

DKMS modules are compiled for the most recent kernels installed on your computer. If you are using proprietary drivers and you want to use an older kernel, you will need to remove the new one first.

Note: No changelog available but, this is what have been fixed.

Some of the new fixes:

Several vulnerabilities that was discovered in the Linux kernel, may lead to privilege escalation, denial of service or information leaks.

This update affects the following installed packages:

  • linux-compiler-gcc-10-x86
  • linux-headers-amd64
  • linux-image-amd64
  • linux-kbuild-5.10
  • linux-libc-dev

Total size: 2 MB

Here is what has been fixed:

CVE ID: CVE-2021-4037,CVE-2022-0171,CVE-2022-1184,CVE-2022-2602,CVE-2022-2663,CVE-2022-3061,CVE-2022-3176,CVE-2022-3303,CVE-2022-20421,CVE-2022-39188,CVE-2022-39842, CVE-2022-40307,CVE-2022-41674,CVE-2022-42719,CVE-2022-42720,CVE-2022-42721,CVE-2022-42722.

CVE-2021-4037:
Christian Brauner reported that the inode_init_owner function for the XFS filesystem in the Linux kernel allows local users to create files with an unintended group ownership allowing attackers to escalate privileges by making a plain file executable and SGID.

CVE-2022-0171:
Mingwei Zhang reported that a cache incoherence issue in the SEV API in the KVM subsystem may result in denial of service.

CVE-2022-1184:
A flaw was discovered in the ext4 filesystem driver which can lead to a use-after-free. A local user permitted to mount arbitrary filesystems could exploit this to cause a denial of service (crash or memory corruption) or possibly for privilege escalation.

CVE-2022-2602:
A race between handling an io_uring request and the Unix socket garbage collector was discovered. An attacker can take advantage of this flaw for local privilege escalation.

CVE-2022-2663:
David Leadbeater reported flaws in the nf_conntrack_irc connection-tracking protocol module. When this module is enabled on a firewall, an external user on the same IRC network as an internal user could exploit its lax parsing to open arbitrary TCP ports in the firewall, to reveal their public IP address, or to block their IRC connection at the firewall.

CVE-2022-3061:
A flaw was discovered in the i740 driver which may result in denial of service. This driver is not enabled in Debian's official kernel configurations.

CVE-2022-3176:
A use-after-free flaw was discovered in the io_uring subsystem which may result in local privilege escalation to root.

CVE-2022-3303:
A race condition in the snd_pcm_oss_sync function in the sound subsystem in the Linux kernel due to improper locking may result in denial of service.

CVE-2022-20421:
A use-after-free vulnerability was discovered in the binder_inc_ref_for_node function in the Android binder driver. On systems where the binder driver is loaded, a local user could exploit this for privilege escalation.

CVE-2022-39188:
Jann Horn reported a race condition in the kernel's handling of unmapping of certain memory ranges. When a driver created a memory mapping with the VM_PFNMAP flag, which many GPU drivers do, the memory mapping could be removed and freed before it was flushed from the CPU TLBs. This could result in a page use-after-free. A local user with access to such a device could exploit this to cause a denial of service (crash or memory corruption) or possibly for privilege escalation.

CVE-2022-39842:
An integer overflow was discovered in the pxa3xx-gcu video driver which could lead to a heap out-of-bounds write. This driver is not enabled in Debian's official kernel configurations.

CVE-2022-40307:
A race condition was discovered in the EFI capsule-loader driver, which could lead to use-after-free. A local user permitted to access this device (/dev/efi_capsule_loader) could exploit this to cause a denial of service (crash or memory corruption) or possibly for privilege escalation. However, this device is normally only accessible by the root user.

CVE-2022-41674, CVE-2022-42719, CVE-2022-42720, CVE-2022-42721, CVE-2022-42722:
Soenke Huster discovered several vulnerabilities in the mac80211 subsystem triggered by WLAN frames which may result in denial of service or the execution or arbitrary code.

For the stable distribution Debian "Bullseye", these problems have been fixed in version 5.10.149-1.

We recommend that you upgrade your linux packages.

 

Support Us By Donating A Small Amount

 
If you find this site helpful, please consider donating a small amount.
Please use our contact us form and we will give you the relevant information to make a donation.
We accept BitCoin and ZCash at the moment.

Games For Linux

Windows has always been the preferred platform for gaming, but after STEAM's interest in Linux more game developers are making their games natively available for Linux.

Disclaimer

All information on this website is published in good faith and for general educational purposes and for use in safe testing environments only. While linuxexperten.com strives to make the information on this site as accurate as possible, linuxexperten.com does not warrant its completeness, reliability and accuracy.

We are not responsible for any losses or damages associated with the use of our website. While we strive to provide only links to useful websites, we have no control over the content of these sites and links to other sites do not constitute a recommendation for all content contained on these websites.

 

Site Information

This is a professional review site that receives compensation from the companies whose products reviewed. Each service or product are thoroughly tested and given high marks if considered to be the very best. Independently owned and the opinions expressed here are no one elses.

 

Limited Time Offers

NordVPN + 3 Months