* CVE-2023-21264
- KVM: arm64: Prevent unconditional donation of unmapped regions from the host
* CVE-2023-4569
- netfilter: nf_tables: deactivate catchall elements in next generation
* CVE-2023-40283
- Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb
* CVE-2023-20588
- x86/bugs: Increase the x86 bugs vector size to two u32s
- x86/CPU/AMD: Do not leak quotient data after a division by 0
- x86/CPU/AMD: Fix the DIV(0) initial fix attempt
* CVE-2023-4128
- net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-
free
- net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-
free
- net/sched: cls_route: No longer copy tcf_result on update to avoid use-
after-free
-- Thadeu Lima de Souza Cascardo <email address hidden> Tue, 05 Sep 2023 09:47:04 -0300
This bug was fixed in the package linux - 6.2.0-33.33
---------------
linux (6.2.0-33.33) lunar; urgency=medium
* lunar/linux: 6.2.0-33.33 -proposed tracker (LP: #2034158)
* Packaging resync (LP: #1786013)
- [Packaging] update helper scripts
* CVE-2023-21264
- KVM: arm64: Prevent unconditional donation of unmapped regions from the host
* CVE-2023-4569
- netfilter: nf_tables: deactivate catchall elements in next generation
* CVE-2023-40283
- Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb
* CVE-2023-20588
- x86/bugs: Increase the x86 bugs vector size to two u32s
- x86/CPU/AMD: Do not leak quotient data after a division by 0
- x86/CPU/AMD: Fix the DIV(0) initial fix attempt
* CVE-2023-4128
- net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-
free
- net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-
free
- net/sched: cls_route: No longer copy tcf_result on update to avoid use-
after-free
-- Thadeu Lima de Souza Cascardo <email address hidden> Tue, 05 Sep 2023 09:47:04 -0300