Debian Bookworm and Bullseye Users Receive Important Linux Security Updates
For Debian GNU/Linux 12 “Bookworm”, the new Linux security update patches CVE-2023-6531, a use-after-free flaw discovered by Google Project Zero’s Jann Horn, as well as CVE-2023-6622 and CVE-2023-6817, two flaws discovered by Xingyuan Mo in the netfilter subsystem that could lead to denial of service or privilege escalation for a user with the CAP_NET_ADMIN capability in any user or network namespace.
The new Linux security update for Debian Bookworm also patches CVE-2023-6931, a heap out-of-bounds write vulnerability discovered by Budimir Markovic in the Linux kernel’s Performance Events system that could lead to denial of service or privilege escalation.