[월:] 2023년 04월

USN-6034-1: Dnsmasq vulnerability It was discovered that Dnsmasq was sending large DNS messages over UDP, possibly causing transmission failures due to IP fragmentation. This update lowers the default maximum size of DNS messages to improve transmission reliability over UDP. Source: USN-6034-1: Dnsmasq vulnerability

USN-6033-1: Linux kernel (OEM) vulnerabilities It was discovered that the Traffic-Control Index (TCINDEX) implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. (CVE-2023-1829) William Zhao discovered that the Traffic Control (TC) subsystem in the Linux kernel did not properly handle network packet retransmission in certain situations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2022-4269) Thadeu Cascardo discovered that the io_uring subsystem contained a double- free vulnerability in certain memory allocation error conditions. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-1032) It was discovered that the TUN/TAP driver in the Linux kernel [ more… ]