Debian 9815 Published by

A linux kernel security update has been released for Debian GNU/Linux 11 to address several vulnerabilities.

DSA 5402-1: linux security update

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5402-1 Salvatore Bonaccorso
May 13, 2023
- -------------------------------------------------------------------------

Package : linux
CVE ID : CVE-2023-0386 CVE-2023-31436 CVE-2023-32233

Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation, denial of service or information


It was discovered that under certain conditions the overlayfs
filesystem implementation did not properly handle copy up
operations. A local user permitted to mount overlay mounts in user
namespaces can take advantage of this flaw for local privilege


Gwangun Jung reported a a flaw causing heap out-of-bounds read/write
errors in the traffic control subsystem for the Quick Fair Queueing
scheduler (QFQ) which may result in information leak, denial of
service or privilege escalation.


Patryk Sondej and Piotr Krysiuk discovered a use-after-free flaw in
the Netfilter nf_tables implementation when processing batch
requests, which may result in local privilege escalation for a user
with the CAP_NET_ADMIN capability in any user or network namespace.

For the stable distribution (bullseye), these problems have been fixed in
version 5.10.179-1.

We recommend that you upgrade your linux packages.

For the detailed security status of linux please refer to its security
tracker page at:

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: