Security
Headlines
HeadlinesLatestCVEs

Headline

Ubuntu Security Notice USN-6446-1

Ubuntu Security Notice 6446-1 - Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized network frontend, leading to a buffer overflow. An attacker in a guest VM could use this to cause a denial of service or possibly execute arbitrary code. Bien Pham discovered that the netfiler subsystem in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local user could use this to cause a denial of service or possibly execute arbitrary code.

Packet Storm
#vulnerability#web#google#microsoft#amazon#ubuntu#linux#dos#oracle#perl#aws#buffer_overflow#ibm
==========================================================================Ubuntu Security Notice USN-6446-1October 20, 2023linux, linux-aws, linux-aws-5.15, linux-azure, linux-azure-5.15,linux-azure-fde, linux-azure-fde-5.15, linux-gcp, linux-gke, linux-gkeop,linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-kvm, linux-lowlatency,linux-lowlatency-hwe-5.15,linux-nvidia, linux-oracle, linux-raspivulnerabilities==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 22.04 LTS- Ubuntu 20.04 LTSSummary:Several security issues were fixed in the Linux kernel.Software Description:- linux: Linux kernel- linux-aws: Linux kernel for Amazon Web Services (AWS) systems- linux-azure: Linux kernel for Microsoft Azure Cloud systems- linux-azure-fde: Linux kernel for Microsoft Azure CVM cloud systems- linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems- linux-gke: Linux kernel for Google Container Engine (GKE) systems- linux-gkeop: Linux kernel for Google Container Engine (GKE) systems- linux-ibm: Linux kernel for IBM cloud systems- linux-kvm: Linux kernel for cloud environments- linux-lowlatency: Linux low latency kernel- linux-nvidia: Linux kernel for NVIDIA systems- linux-oracle: Linux kernel for Oracle Cloud systems- linux-raspi: Linux kernel for Raspberry Pi systems- linux-aws-5.15: Linux kernel for Amazon Web Services (AWS) systems- linux-azure-5.15: Linux kernel for Microsoft Azure cloud systems- linux-azure-fde-5.15: Linux kernel for Microsoft Azure CVM cloud systems- linux-hwe-5.15: Linux hardware enablement (HWE) kernel- linux-ibm-5.15: Linux kernel for IBM cloud systems- linux-lowlatency-hwe-5.15: Linux low latency kernelDetails:Ross Lagerwall discovered that the Xen netback backend driver in the Linuxkernel did not properly handle certain unusual packets from aparavirtualized network frontend, leading to a buffer overflow. An attackerin a guest VM could use this to cause a denial of service (host systemcrash) or possibly execute arbitrary code. (CVE-2023-34319)Bien Pham discovered that the netfiler subsystem in the Linux kernelcontained a race condition, leading to a use-after-free vulnerability. Alocal user could use this to cause a denial of service (system crash) orpossibly execute arbitrary code. (CVE-2023-4244)Kyle Zeng discovered that the networking stack implementation in the Linuxkernel did not properly validate skb object size in certain conditions. Anattacker could use this cause a denial of service (system crash) orpossibly execute arbitrary code. (CVE-2023-42752)Kyle Zeng discovered that the netfiler subsystem in the Linux kernel didnot properly calculate array offsets, leading to a out-of-bounds writevulnerability. A local user could use this to cause a denial of service(system crash) or possibly execute arbitrary code. (CVE-2023-42753)Kyle Zeng discovered that the IPv4 Resource Reservation Protocol (RSVP)classifier implementation in the Linux kernel contained an out-of-boundsread vulnerability. A local attacker could use this to cause a denial ofservice (system crash). Please note that kernel packet classifier supportfor RSVP has been removed to resolve this vulnerability. (CVE-2023-42755)Kyle Zeng discovered that the netfilter subsystem in the Linux kernelcontained a race condition in IP set operations in certain situations. Alocal attacker could use this to cause a denial of service (system crash).(CVE-2023-42756)Bing-Jhong Billy Jheng discovered that the Unix domain socketimplementation in the Linux kernel contained a race condition in certainsituations, leading to a use-after-free vulnerability. A local attackercould use this to cause a denial of service (system crash) or possiblyexecute arbitrary code. (CVE-2023-4622)Budimir Markovic discovered that the qdisc implementation in the Linuxkernel did not properly validate inner classes, leading to a use-after-freevulnerability. A local user could use this to cause a denial of service(system crash) or possibly execute arbitrary code. (CVE-2023-4623)Alex Birnberg discovered that the netfilter subsystem in the Linux kerneldid not properly validate register length, leading to an out-of- boundswrite vulnerability. A local attacker could possibly use this to cause adenial of service (system crash). (CVE-2023-4881)It was discovered that the Quick Fair Queueing scheduler implementation inthe Linux kernel did not properly handle network packets in certainconditions, leading to a use after free vulnerability. A local attackercould use this to cause a denial of service (system crash) or possiblyexecute arbitrary code. (CVE-2023-4921)Kevin Rich discovered that the netfilter subsystem in the Linux kernel didnot properly handle removal of rules from chain bindings in certaincircumstances, leading to a use-after-free vulnerability. A local attackercould possibly use this to cause a denial of service (system crash) orexecute arbitrary code. (CVE-2023-5197)Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 22.04 LTS:   linux-image-5.15.0-1031-gkeop   5.15.0-1031.37   linux-image-5.15.0-1039-nvidia  5.15.0-1039.39   linux-image-5.15.0-1039-nvidia-lowlatency  5.15.0-1039.39   linux-image-5.15.0-1041-ibm     5.15.0-1041.44   linux-image-5.15.0-1041-raspi   5.15.0-1041.44   linux-image-5.15.0-1045-gcp     5.15.0-1045.53   linux-image-5.15.0-1045-gke     5.15.0-1045.50   linux-image-5.15.0-1045-kvm     5.15.0-1045.50   linux-image-5.15.0-1046-oracle  5.15.0-1046.52   linux-image-5.15.0-1048-aws     5.15.0-1048.53   linux-image-5.15.0-1050-azure   5.15.0-1050.57   linux-image-5.15.0-1050-azure-fde  5.15.0-1050.57.1   linux-image-5.15.0-87-generic   5.15.0-87.97   linux-image-5.15.0-87-generic-64k  5.15.0-87.97   linux-image-5.15.0-87-generic-lpae  5.15.0-87.97   linux-image-5.15.0-87-lowlatency  5.15.0-87.96   linux-image-5.15.0-87-lowlatency-64k  5.15.0-87.96   linux-image-aws-lts-22.04       5.15.0.1048.47   linux-image-azure-fde-lts-22.04  5.15.0.1050.57.28   linux-image-azure-lts-22.04     5.15.0.1050.46   linux-image-gcp-lts-22.04       5.15.0.1045.41   linux-image-generic             5.15.0.87.84   linux-image-generic-64k         5.15.0.87.84   linux-image-generic-lpae        5.15.0.87.84   linux-image-gke                 5.15.0.1045.44   linux-image-gke-5.15            5.15.0.1045.44   linux-image-gkeop               5.15.0.1031.30   linux-image-gkeop-5.15          5.15.0.1031.30   linux-image-ibm                 5.15.0.1041.37   linux-image-kvm                 5.15.0.1045.41   linux-image-lowlatency          5.15.0.87.89   linux-image-lowlatency-64k      5.15.0.87.89   linux-image-nvidia              5.15.0.1039.39   linux-image-nvidia-lowlatency   5.15.0.1039.39   linux-image-oracle              5.15.0.1046.41   linux-image-oracle-lts-22.04    5.15.0.1046.41   linux-image-raspi               5.15.0.1041.39   linux-image-raspi-nolpae        5.15.0.1041.39   linux-image-virtual             5.15.0.87.84Ubuntu 20.04 LTS:   linux-image-5.15.0-1041-ibm     5.15.0-1041.44~20.04.1   linux-image-5.15.0-1048-aws     5.15.0-1048.53~20.04.1   linux-image-5.15.0-1050-azure   5.15.0-1050.57~20.04.1   linux-image-5.15.0-1050-azure-fde  5.15.0-1050.57~20.04.1.1   linux-image-5.15.0-87-generic   5.15.0-87.97~20.04.1   linux-image-5.15.0-87-generic-64k  5.15.0-87.97~20.04.1   linux-image-5.15.0-87-generic-lpae  5.15.0-87.97~20.04.1   linux-image-5.15.0-87-lowlatency  5.15.0-87.96~20.04.1   linux-image-5.15.0-87-lowlatency-64k  5.15.0-87.96~20.04.1   linux-image-aws                 5.15.0.1048.53~20.04.36   linux-image-azure               5.15.0.1050.57~20.04.39   linux-image-azure-cvm           5.15.0.1050.57~20.04.39   linux-image-azure-fde           5.15.0.1050.57~20.04.1.28   linux-image-generic-64k-hwe-20.04  5.15.0.87.97~20.04.45   linux-image-generic-hwe-20.04   5.15.0.87.97~20.04.45   linux-image-generic-lpae-hwe-20.04  5.15.0.87.97~20.04.45   linux-image-ibm                 5.15.0.1041.44~20.04.13   linux-image-lowlatency-64k-hwe-20.04  5.15.0.87.96~20.04.42   linux-image-lowlatency-hwe-20.04  5.15.0.87.96~20.04.42   linux-image-oem-20.04           5.15.0.87.97~20.04.45   linux-image-oem-20.04b          5.15.0.87.97~20.04.45   linux-image-oem-20.04c          5.15.0.87.97~20.04.45   linux-image-oem-20.04d          5.15.0.87.97~20.04.45   linux-image-virtual-hwe-20.04   5.15.0.87.97~20.04.45After a standard system update you need to reboot your computer to makeall the necessary changes.ATTENTION: Due to an unavoidable ABI change the kernel updates havebeen given a new version number, which requires you to recompile andreinstall all third party kernel modules you might have installed.Unless you manually uninstalled the standard kernel metapackages(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,linux-powerpc), a standard system upgrade will automatically performthis as well.References:   https://ubuntu.com/security/notices/USN-6446-1   CVE-2023-34319, CVE-2023-4244, CVE-2023-42752, CVE-2023-42753,   CVE-2023-42755, CVE-2023-42756, CVE-2023-4622, CVE-2023-4623,   CVE-2023-4881, CVE-2023-4921, CVE-2023-5197Package Information:   https://launchpad.net/ubuntu/+source/linux/5.15.0-87.97   https://launchpad.net/ubuntu/+source/linux-aws/5.15.0-1048.53   https://launchpad.net/ubuntu/+source/linux-azure/5.15.0-1050.57   https://launchpad.net/ubuntu/+source/linux-azure-fde/5.15.0-1050.57.1   https://launchpad.net/ubuntu/+source/linux-gcp/5.15.0-1045.53   https://launchpad.net/ubuntu/+source/linux-gke/5.15.0-1045.50   https://launchpad.net/ubuntu/+source/linux-gkeop/5.15.0-1031.37   https://launchpad.net/ubuntu/+source/linux-ibm/5.15.0-1041.44   https://launchpad.net/ubuntu/+source/linux-kvm/5.15.0-1045.50   https://launchpad.net/ubuntu/+source/linux-lowlatency/5.15.0-87.96   https://launchpad.net/ubuntu/+source/linux-nvidia/5.15.0-1039.39   https://launchpad.net/ubuntu/+source/linux-oracle/5.15.0-1046.52   https://launchpad.net/ubuntu/+source/linux-raspi/5.15.0-1041.44   https://launchpad.net/ubuntu/+source/linux-aws-5.15/5.15.0-1048.53~20.04.1   https://launchpad.net/ubuntu/+source/linux-azure-5.15/5.15.0-1050.57~20.04.1 https://launchpad.net/ubuntu/+source/linux-azure-fde-5.15/5.15.0-1050.57~20.04.1.1   https://launchpad.net/ubuntu/+source/linux-hwe-5.15/5.15.0-87.97~20.04.1   https://launchpad.net/ubuntu/+source/linux-ibm-5.15/5.15.0-1041.44~20.04.1 https://launchpad.net/ubuntu/+source/linux-lowlatency-hwe-5.15/5.15.0-87.96~20.04.1

Related news

Red Hat Security Advisory 2024-3421-03

Red Hat Security Advisory 2024-3421-03 - An update for kernel is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include a use-after-free vulnerability.

Red Hat Security Advisory 2024-1960-03

Red Hat Security Advisory 2024-1960-03 - An update for kpatch-patch is now available for Red Hat Enterprise Linux 7. Issues addressed include a use-after-free vulnerability.

Ubuntu Security Notice USN-6716-1

Ubuntu Security Notice 6716-1 - Wenqing Liu discovered that the f2fs file system implementation in the Linux kernel did not properly validate inode types while performing garbage collection. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service. It was discovered that the DesignWare USB3 for Qualcomm SoCs driver in the Linux kernel did not properly handle certain error conditions during device registration. A local attacker could possibly use this to cause a denial of service.

Red Hat Security Advisory 2024-1323-03

Red Hat Security Advisory 2024-1323-03 - An update for kpatch-patch is now available for Red Hat Enterprise Linux 7. Issues addressed include out of bounds write and use-after-free vulnerabilities.

Ubuntu Security Notice USN-6681-2

Ubuntu Security Notice 6681-2 - Wenqing Liu discovered that the f2fs file system implementation in the Linux kernel did not properly validate inode types while performing garbage collection. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service. It was discovered that the DesignWare USB3 for Qualcomm SoCs driver in the Linux kernel did not properly handle certain error conditions during device registration. A local attacker could possibly use this to cause a denial of service.

Red Hat Security Advisory 2024-1268-03

Red Hat Security Advisory 2024-1268-03 - An update for kernel is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.2 Telecommunications Update Service. Issues addressed include null pointer, out of bounds write, and use-after-free vulnerabilities.

Red Hat Security Advisory 2024-1248-03

Red Hat Security Advisory 2024-1248-03 - An update for kernel is now available for Red Hat Enterprise Linux 9. Issues addressed include null pointer, out of bounds access, out of bounds read, out of bounds write, privilege escalation, and use-after-free vulnerabilities.

Ubuntu Security Notice USN-6681-1

Ubuntu Security Notice 6681-1 - Wenqing Liu discovered that the f2fs file system implementation in the Linux kernel did not properly validate inode types while performing garbage collection. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service. It was discovered that the DesignWare USB3 for Qualcomm SoCs driver in the Linux kernel did not properly handle certain error conditions during device registration. A local attacker could possibly use this to cause a denial of service.

Red Hat Security Advisory 2024-1018-03

Red Hat Security Advisory 2024-1018-03 - An update for kernel is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include null pointer, privilege escalation, and use-after-free vulnerabilities.

Red Hat Security Advisory 2024-0881-03

Red Hat Security Advisory 2024-0881-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Issues addressed include null pointer, out of bounds access, out of bounds read, out of bounds write, and use-after-free vulnerabilities.

Red Hat Security Advisory 2024-0851-03

Red Hat Security Advisory 2024-0851-03 - An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include a use-after-free vulnerability.

Red Hat Security Advisory 2024-0554-03

Red Hat Security Advisory 2024-0554-03 - An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include out of bounds write and use-after-free vulnerabilities.

Red Hat Security Advisory 2024-0376-03

Red Hat Security Advisory 2024-0376-03 - An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Issues addressed include a use-after-free vulnerability.

Red Hat Security Advisory 2024-0347-03

Red Hat Security Advisory 2024-0347-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 7.

Red Hat Security Advisory 2024-0346-03

Red Hat Security Advisory 2024-0346-03 - An update for kernel is now available for Red Hat Enterprise Linux 7.

Ubuntu Security Notice USN-6572-1

Ubuntu Security Notice 6572-1 - Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service. Bien Pham discovered that the netfiler subsystem in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local user could use this to cause a denial of service or possibly execute arbitrary code.

CVE-2023-48660: DSA-2023-443: Dell PowerMaxOS 5978, Dell Unisphere 360, Dell Unisphere for PowerMax, Dell Unisphere for PowerMax Virtual Appliance, Dell Solutions Enabler Virtual Appliance, and Dell PowerMax EEM Secu

Dell vApp Manger, versions prior to 9.2.4.x contain an arbitrary file read vulnerability. A remote attacker could potentially exploit this vulnerability to read arbitrary files from the target system.

Ubuntu Security Notice USN-6537-1

Ubuntu Security Notice 6537-1 - Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service. Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate some attributes passed from userspace. A local attacker could use this to cause a denial of service or possibly expose sensitive information.

Red Hat Security Advisory 2023-7539-01

Red Hat Security Advisory 2023-7539-01 - An update for kernel is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a use-after-free vulnerability.

Ubuntu Security Notice USN-6503-1

Ubuntu Security Notice 6503-1 - Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service. Bien Pham discovered that the netfiler subsystem in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local user could use this to cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice USN-6479-1

Ubuntu Security Notice 6479-1 - Kyle Zeng discovered that the netfilter subsystem in the Linux kernel contained a race condition in IP set operations in certain situations. A local attacker could use this to cause a denial of service. Alex Birnberg discovered that the netfilter subsystem in the Linux kernel did not properly validate register length, leading to an out-of- bounds write vulnerability. A local attacker could possibly use this to cause a denial of service.

Ubuntu Security Notice USN-6454-4

Ubuntu Security Notice 6454-4 - Kyle Zeng discovered that the netfilter subsystem in the Linux kernel contained a race condition in IP set operations in certain situations. A local attacker could use this to cause a denial of service. Alex Birnberg discovered that the netfilter subsystem in the Linux kernel did not properly validate register length, leading to an out-of-bounds write vulnerability. A local attacker could possibly use this to cause a denial of service.

Ubuntu Security Notice USN-6454-3

Ubuntu Security Notice 6454-3 - Kyle Zeng discovered that the netfilter subsystem in the Linux kernel contained a race condition in IP set operations in certain situations. A local attacker could use this to cause a denial of service. Alex Birnberg discovered that the netfilter subsystem in the Linux kernel did not properly validate register length, leading to an out-of- bounds write vulnerability. A local attacker could possibly use this to cause a denial of service.

Ubuntu Security Notice USN-6466-1

Ubuntu Security Notice 6466-1 - Hyunwoo Kim discovered that the DVB Core driver in the Linux kernel contained a race condition during device removal, leading to a use-after- free vulnerability. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code. Hyunwoo Kim discovered that the Technotrend/Hauppauge USB DEC driver in the Linux kernel did not properly handle device removal events. A physically proximate attacker could use this to cause a denial of service.

Ubuntu Security Notice USN-6454-2

Ubuntu Security Notice 6454-2 - Kyle Zeng discovered that the netfilter subsystem in the Linux kernel contained a race condition in IP set operations in certain situations. A local attacker could use this to cause a denial of service. Alex Birnberg discovered that the netfilter subsystem in the Linux kernel did not properly validate register length, leading to an out-of- bounds write vulnerability. A local attacker could possibly use this to cause a denial of service.

Ubuntu Security Notice USN-6441-3

Ubuntu Security Notice 6441-3 - Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized network frontend, leading to a buffer overflow. An attacker in a guest VM could use this to cause a denial of service or possibly execute arbitrary code. Kyle Zeng discovered that the networking stack implementation in the Linux kernel did not properly validate skb object size in certain conditions. An attacker could use this cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice USN-6454-1

Ubuntu Security Notice 6454-1 - Kyle Zeng discovered that the netfilter subsystem in the Linux kernel contained a race condition in IP set operations in certain situations. A local attacker could use this to cause a denial of service. Alex Birnberg discovered that the netfilter subsystem in the Linux kernel did not properly validate register length, leading to an out-of-bounds write vulnerability. A local attacker could possibly use this to cause a denial of service.

Ubuntu Security Notice USN-6446-3

Ubuntu Security Notice 6446-3 - Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized network frontend, leading to a buffer overflow. An attacker in a guest VM could use this to cause a denial of service or possibly execute arbitrary code. Bien Pham discovered that the netfiler subsystem in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local user could use this to cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice USN-6445-2

Ubuntu Security Notice 6445-2 - It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker could use this to cause a denial of service. Daniel Trujillo, Johannes Wikner, and Kaveh Razavi discovered that some AMD processors utilising speculative execution and branch prediction may allow unauthorised memory reads via a speculative side-channel attack. A local attacker could use this to expose sensitive information, including kernel memory.

Ubuntu Security Notice USN-6446-2

Ubuntu Security Notice 6446-2 - Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized network frontend, leading to a buffer overflow. An attacker in a guest VM could use this to cause a denial of service or possibly execute arbitrary code. Bien Pham discovered that the netfiler subsystem in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local user could use this to cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice USN-6444-2

Ubuntu Security Notice 6444-2 - Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized network frontend, leading to a buffer overflow. An attacker in a guest VM could use this to cause a denial of service or possibly execute arbitrary code. Bien Pham discovered that the netfiler subsystem in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local user could use this to cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice USN-6441-2

Ubuntu Security Notice 6441-2 - Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized network frontend, leading to a buffer overflow. An attacker in a guest VM could use this to cause a denial of service or possibly execute arbitrary code. Kyle Zeng discovered that the networking stack implementation in the Linux kernel did not properly validate skb object size in certain conditions. An attacker could use this cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice USN-6439-2

Ubuntu Security Notice 6439-2 - It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker could use this to cause a denial of service. Yu Hao and Weiteng Chen discovered that the Bluetooth HCI UART driver in the Linux kernel contained a race condition, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service.

Ubuntu Security Notice USN-6440-2

Ubuntu Security Notice 6440-2 - Seth Jenkins discovered that the Linux kernel did not properly perform address randomization for a per-cpu memory management structure. A local attacker could use this to expose sensitive information or in conjunction with another kernel vulnerability. It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker could use this to cause a denial of service.

Ubuntu Security Notice USN-6440-2

Ubuntu Security Notice 6440-2 - Seth Jenkins discovered that the Linux kernel did not properly perform address randomization for a per-cpu memory management structure. A local attacker could use this to expose sensitive information or in conjunction with another kernel vulnerability. It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker could use this to cause a denial of service.

Ubuntu Security Notice USN-6440-2

Ubuntu Security Notice 6440-2 - Seth Jenkins discovered that the Linux kernel did not properly perform address randomization for a per-cpu memory management structure. A local attacker could use this to expose sensitive information or in conjunction with another kernel vulnerability. It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker could use this to cause a denial of service.

Ubuntu Security Notice USN-6440-2

Ubuntu Security Notice 6440-2 - Seth Jenkins discovered that the Linux kernel did not properly perform address randomization for a per-cpu memory management structure. A local attacker could use this to expose sensitive information or in conjunction with another kernel vulnerability. It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker could use this to cause a denial of service.

Ubuntu Security Notice USN-6440-2

Ubuntu Security Notice 6440-2 - Seth Jenkins discovered that the Linux kernel did not properly perform address randomization for a per-cpu memory management structure. A local attacker could use this to expose sensitive information or in conjunction with another kernel vulnerability. It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker could use this to cause a denial of service.

Ubuntu Security Notice USN-6440-2

Ubuntu Security Notice 6440-2 - Seth Jenkins discovered that the Linux kernel did not properly perform address randomization for a per-cpu memory management structure. A local attacker could use this to expose sensitive information or in conjunction with another kernel vulnerability. It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker could use this to cause a denial of service.

Ubuntu Security Notice USN-6440-2

Ubuntu Security Notice 6440-2 - Seth Jenkins discovered that the Linux kernel did not properly perform address randomization for a per-cpu memory management structure. A local attacker could use this to expose sensitive information or in conjunction with another kernel vulnerability. It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker could use this to cause a denial of service.

Ubuntu Security Notice USN-6440-2

Ubuntu Security Notice 6440-2 - Seth Jenkins discovered that the Linux kernel did not properly perform address randomization for a per-cpu memory management structure. A local attacker could use this to expose sensitive information or in conjunction with another kernel vulnerability. It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker could use this to cause a denial of service.

Ubuntu Security Notice USN-6440-1

Ubuntu Security Notice 6440-1 - Seth Jenkins discovered that the Linux kernel did not properly perform address randomization for a per-cpu memory management structure. A local attacker could use this to expose sensitive information or in conjunction with another kernel vulnerability. It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker could use this to cause a denial of service.

Ubuntu Security Notice USN-6442-1

Ubuntu Security Notice 6442-1 - Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized network frontend, leading to a buffer overflow. An attacker in a guest VM could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the netfilter subsystem in the Linux kernel did not properly handle PIPAPO element removal, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service or execute arbitrary code.

Ubuntu Security Notice USN-6441-1

Ubuntu Security Notice 6441-1 - Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized network frontend, leading to a buffer overflow. An attacker in a guest VM could use this to cause a denial of service or possibly execute arbitrary code. Kyle Zeng discovered that the networking stack implementation in the Linux kernel did not properly validate skb object size in certain conditions. An attacker could use this cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice USN-6444-1

Ubuntu Security Notice 6444-1 - Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized network frontend, leading to a buffer overflow. An attacker in a guest VM could use this to cause a denial of service or possibly execute arbitrary code. Bien Pham discovered that the netfiler subsystem in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local user could use this to cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice USN-6439-1

Ubuntu Security Notice 6439-1 - It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker could use this to cause a denial of service. Yu Hao and Weiteng Chen discovered that the Bluetooth HCI UART driver in the Linux kernel contained a race condition, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service.

Ubuntu Security Notice USN-6443-1

Ubuntu Security Notice 6443-1 - Bien Pham discovered that the netfiler subsystem in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local user could use this to cause a denial of service or possibly execute arbitrary code. Kyle Zeng discovered that the networking stack implementation in the Linux kernel did not properly validate skb object size in certain conditions. An attacker could use this cause a denial of service or possibly execute arbitrary code.

CVE-2023-42752

An integer overflow flaw was found in the Linux kernel. This issue leads to the kernel allocating `skb_shared_info` in the userspace, which is exploitable in systems without SMAP protection since `skb_shared_info` contains references to function pointers.

CVE-2023-42755: cve-details

A flaw was found in the IPv4 Resource Reservation Protocol (RSVP) classifier in the Linux kernel. The xprt pointer may go beyond the linear part of the skb, leading to an out-of-bounds read in the `rsvp_classify` function. This issue may allow a local user to crash the system and cause a denial of service.

Ubuntu Security Notice USN-6415-1

Ubuntu Security Notice 6415-1 - Daniel Trujillo, Johannes Wikner, and Kaveh Razavi discovered that some AMD processors utilising speculative execution and branch prediction may allow unauthorised memory reads via a speculative side-channel attack. A local attacker could use this to expose sensitive information, including kernel memory. Ivan D Barrera, Christopher Bednarz, Mustafa Ismail, and Shiraz Saleem discovered that the InfiniBand RDMA driver in the Linux kernel did not properly check for zero-length STAG or MR registration. A remote attacker could possibly use this to execute arbitrary code.

Ubuntu Security Notice USN-6415-1

Ubuntu Security Notice 6415-1 - Daniel Trujillo, Johannes Wikner, and Kaveh Razavi discovered that some AMD processors utilising speculative execution and branch prediction may allow unauthorised memory reads via a speculative side-channel attack. A local attacker could use this to expose sensitive information, including kernel memory. Ivan D Barrera, Christopher Bednarz, Mustafa Ismail, and Shiraz Saleem discovered that the InfiniBand RDMA driver in the Linux kernel did not properly check for zero-length STAG or MR registration. A remote attacker could possibly use this to execute arbitrary code.

Ubuntu Security Notice USN-6415-1

Ubuntu Security Notice 6415-1 - Daniel Trujillo, Johannes Wikner, and Kaveh Razavi discovered that some AMD processors utilising speculative execution and branch prediction may allow unauthorised memory reads via a speculative side-channel attack. A local attacker could use this to expose sensitive information, including kernel memory. Ivan D Barrera, Christopher Bednarz, Mustafa Ismail, and Shiraz Saleem discovered that the InfiniBand RDMA driver in the Linux kernel did not properly check for zero-length STAG or MR registration. A remote attacker could possibly use this to execute arbitrary code.

CVE-2023-42756: cve-details

A flaw was found in the Netfilter subsystem of the Linux kernel. A race condition between IPSET_CMD_ADD and IPSET_CMD_SWAP can lead to a kernel panic due to the invocation of `__ip_set_put` on a wrong `set`. This issue may allow a local user to crash the system.

CVE-2023-5197

A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. Addition and removal of rules from chain bindings within the same transaction causes leads to use-after-free. We recommend upgrading past commit f15f29fd4779be8a418b66e9d52979bb6d6c2325.

CVE-2023-42753: cve-details

An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h->nets` array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This issue may allow a local user to crash the system or potentially escalate their privileges on the system.

CVE-2023-34319: 438 - Xen Security Advisories

The fix for XSA-423 added logic to Linux'es netback driver to deal with a frontend splitting a packet in a way such that not all of the headers would come in one piece. Unfortunately the logic introduced there didn't account for the extreme case of the entire packet being split into as many pieces as permitted by the protocol, yet still being smaller than the area that's specially dealt with to keep all (possible) headers together. Such an unusual packet would therefore trigger a buffer overrun in the driver.

CVE-2023-34319: 432 - Xen Security Advisories

The fix for XSA-423 added logic to Linux'es netback driver to deal with a frontend splitting a packet in a way such that not all of the headers would come in one piece. Unfortunately the logic introduced there didn't account for the extreme case of the entire packet being split into as many pieces as permitted by the protocol, yet still being smaller than the area that's specially dealt with to keep all (possible) headers together. Such an unusual packet would therefore trigger a buffer overrun in the driver.

CVE-2023-4921

A use-after-free vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation. When the plug qdisc is used as a class of the qfq qdisc, sending network packets triggers use-after-free in qfq_dequeue() due to the incorrect .peek handler of sch_plug and lack of error checking in agg_dequeue(). We recommend upgrading past commit 8fc134fee27f2263988ae38920bc03da416b03d8.

CVE-2023-4881: cve-details

A stack based out-of-bounds write flaw was found in the netfilter subsystem in the Linux kernel. If the expression length is a multiple of 4 (register size), the `nft_exthdr_eval` family of functions writes 4 NULL bytes past the end of the `regs` argument, leading to stack corruption and potential information disclosure or a denial of service.

Debian Security Advisory 5492-1

Debian Linux Security Advisory 5492-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

Debian Security Advisory 5492-1

Debian Linux Security Advisory 5492-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

Ubuntu Security Notice USN-6343-1

Ubuntu Security Notice 6343-1 - It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker could use this to cause a denial of service. Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized network frontend, leading to a buffer overflow. An attacker in a guest VM could use this to cause a denial of service or possibly execute arbitrary code.

CVE-2023-4244

A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. Due to a race condition between nf_tables netlink control plane transaction and nft_set element garbage collection, it is possible to underflow the reference counter causing a use-after-free vulnerability. We recommend upgrading past commit 3e91b0ebd994635df2346353322ac51ce84ce6d8.

CVE-2023-4622

A use-after-free vulnerability in the Linux kernel's af_unix component can be exploited to achieve local privilege escalation. The unix_stream_sendpage() function tries to add data to the last skb in the peer's recv queue without locking the queue. Thus there is a race where unix_stream_sendpage() could access an skb locklessly that is being released by garbage collection, resulting in use-after-free. We recommend upgrading past commit 790c2f9d15b594350ae9bca7b236f2b1859de02c.

CVE-2023-4623

A use-after-free vulnerability in the Linux kernel's net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve local privilege escalation. If a class with a link-sharing curve (i.e. with the HFSC_FSC flag set) has a parent without a link-sharing curve, then init_vf() will call vttree_insert() on the parent, but vttree_remove() will be skipped in update_vf(). This leaves a dangling pointer that can cause a use-after-free. We recommend upgrading past commit b3d26c5702c7d6c45456326e56d2ccf3f103e60f.

Debian Security Advisory 5480-1

Debian Linux Security Advisory 5480-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

Packet Storm: Latest News

Zeek 6.0.9