Why You Shouldn't Use Mic

Why You Shouldn't Use Microsoft Windows11.

...

LMDE5 - Linux Mint Debian

LMDE5 - Linux Mint Debian Edition.

LMDE5 -...

Why Should I Not Use Windows10

Why Should I Not Use Windows10?

Here are a...

Pause

Debian 11 Linux, LMDE5 Kernel Update 5.10.162-1

Debian 11 Linux, LMDE5 Kernel Update 5.10.162-1
English

Debian 11 Linux, LMDE5 Kernel Update 5.10.162-1.

The Linux Kernel is responsible for hardware and drivers support. Note that this update will not remove your existing kernel. You will still be able to boot with the current kernel by choosing the advanced options in your boot menu.

Please be cautious though.. kernel regressions can affect your ability to connect to the Internet or to log in graphically.

DKMS modules are compiled for the most recent kernels installed on your computer. If you are using proprietary drivers and you want to use an older kernel, you will need to remove the new one first.

New kernel release for Debian 11 "Bullseye" and LMDE5 users.

Previous version: 5.10.158-2

Note that this update "will not remove" your existing kernel.

You will still be able to boot with the current kernel by choosing the advanced options in your boot menu. Please be cautious though.. kernel regressions can affect your ability to connect to the Internet or to log in graphically.

DKMS modules are compiled for the most recent kernels installed on your computer. If you are using proprietary drivers and you want to use an older kernel, you will need to remove the new one first.

What is new:

This update affects the following installed packages:

  • linux-compiler-gcc-10-x86
  • linux-headers-amd64
  • linux-image-amd64
  • linux-kbuild-5.10
  • linux-libc-dev

Total size: 2 MB

Update available in Update Manager.

Note: LinuxMint does not offer a Changelog !

What's new:

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

CVE ID addressed:

  • CVE-2022-2873
  • CVE-2022-3545
  • CVE-2022-3623
  • CVE-2022-4696
  • CVE-2022-36280
  • CVE-2022-41218
  • CVE-2022-45934
  • CVE-2022-47929
  • CVE-2023-0179
  • CVE-2023-0266
  • CVE-2023-0394
  • CVE-2023-23454
  • CVE-2023-23455

CVE-2022-2873:

Zheyu Ma discovered that an out-of-bounds memory access flaw in the Intel iSMT SMBus 2.0 host controller driver may result in denial of service (system crash).

CVE-2022-3545:

It was discovered that the Netronome Flow Processor (NFP) driver contained a use-after-free flaw in area_cache_get(), which may result in denial of service or the execution of arbitrary code.

CVE-2022-3623:

A race condition when looking up a CONT-PTE/PMD size hugetlb page may result in denial of service or an information leak.

CVE-2022-4696:

A use-after-free vulnerability was discovered in the io_uring subsystem.

CVE-2022-36280:

An out-of-bounds memory write vulnerability was discovered in the vmwgfx driver, which may allow a local unprivileged user to cause a denial of service (system crash).

CVE-2022-41218:

Hyunwoo Kim reported a use-after-free flaw in the Media DVB core subsystem caused by refcount races, which may allow a local user to cause a denial of service or escalate privileges.

CVE-2022-45934:

An integer overflow in l2cap_config_req() in the Bluetooth subsystem was discovered, which may allow a physically proximate attacker to cause a denial of service (system crash).

CVE-2022-47929:

Frederick Lawler reported a NULL pointer dereference in the traffic control subsystem allowing an unprivileged user to cause a denial of service by setting up a specially crafted traffic control configuration.

CVE-2023-0179:

Davide Ornaghi discovered incorrect arithmetics when fetching VLAN header bits in the netfilter subsystem, allowing a local user to leak stack and heap addresses or potentially local privilege escalation to root.

CVE-2023-0266:

A use-after-free flaw in the sound subsystem due to missing locking may result in denial of service or privilege escalation.

CVE-2023-0394:

Kyle Zeng discovered a NULL pointer dereference flaw in rawv6_push_pending_frames() in the network subsystem allowing a local user to cause a denial of service (system crash).

CVE-2023-23454:

Kyle Zeng reported that the Class Based Queueing (CBQ) network scheduler was prone to denial of service due to interpreting classification results before checking the classification return code.

CVE-2023-23455:

Kyle Zeng reported that the ATM Virtual Circuits (ATM) network scheduler was prone to a denial of service due to interpreting classification results before checking the classification return code.

For the stable distribution (bullseye), these problems have been fixed in version 5.10.162-1.

We recommend that you upgrade your linux packages.

See the changelog here.

Tags: 
Debian 11 Linux
LMDE5 Kernel Update 5.10.162-1
 

Help us by donating a small amount

 
If you find this site helpful, please consider donating a small amount.
Please use our contact us form and we will give you the relevant information to make a donation.
We accept BitCoin and ZCash at the moment.

Follow us on Mastodon or Contact Us

Useful links

 

Games For Linux

Windows has always been the preferred platform for gaming, but after STEAM's interest in Linux more game developers are making their games natively available for Linux.

Disclaimer

All information on this website is published in good faith and for general educational purposes and for use in safe testing environments only. While linuxexperten.com strives to make the information on this site as accurate as possible, linuxexperten.com does not warrant its completeness, reliability and accuracy.

We are not responsible for any losses or damages associated with the use of our website. While we strive to provide only links to useful websites, we have no control over the content of these sites and links to other sites do not constitute a recommendation for all content contained on these websites.

 

Site Information

This is a professional review site that receives compensation from the companies whose products reviewed. Each service or product are thoroughly tested and given high marks if considered to be the very best. Independently owned and the opinions expressed here are no one elses.

 

Limited Time Offers

NordVPN + 3 Months