Security
Headlines
HeadlinesLatestCVEs

Headline

Ubuntu Security Notice USN-6495-1

Ubuntu Security Notice 6495-1 - Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service. Manfred Rudigier discovered that the Intel PCI-Express Gigabit Ethernet driver in the Linux kernel did not properly validate received frames that are larger than the set MTU size, leading to a buffer overflow vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code.

Packet Storm
#vulnerability#web#amazon#ubuntu#linux#dos#oracle#intel#perl#aws#buffer_overflow#ibm
==========================================================================Ubuntu Security Notice USN-6495-1November 21, 2023linux, linux-aws, linux-aws-5.4, linux-bluefield, linux-hwe-5.4,linux-ibm, linux-ibm-5.4, linux-iot, linux-kvm, linux-oracle,linux-oracle-5.4, linux-raspi, linux-raspi-5.4, linux-xilinx-zynqmpvulnerabilities==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 20.04 LTS- Ubuntu 18.04 LTS (Available with Ubuntu Pro)Summary:Several security issues were fixed in the Linux kernel.Software Description:- linux: Linux kernel- linux-aws: Linux kernel for Amazon Web Services (AWS) systems- linux-bluefield: Linux kernel for NVIDIA BlueField platforms- linux-ibm: Linux kernel for IBM cloud systems- linux-iot: Linux kernel for IoT platforms- linux-kvm: Linux kernel for cloud environments- linux-oracle: Linux kernel for Oracle Cloud systems- linux-raspi: Linux kernel for Raspberry Pi systems- linux-xilinx-zynqmp: Linux kernel for Xilinx ZynqMP processors- linux-aws-5.4: Linux kernel for Amazon Web Services (AWS) systems- linux-hwe-5.4: Linux hardware enablement (HWE) kernel- linux-ibm-5.4: Linux kernel for IBM cloud systems- linux-oracle-5.4: Linux kernel for Oracle Cloud systems- linux-raspi-5.4: Linux kernel for Raspberry Pi systemsDetails:Yu Hao discovered that the UBI driver in the Linux kernel did not properlycheck for MTD with zero erasesize during device attachment. A localprivileged attacker could use this to cause a denial of service (systemcrash). (CVE-2023-31085)Manfred Rudigier discovered that the Intel(R) PCI-Express Gigabit (igb)Ethernet driver in the Linux kernel did not properly validate receivedframes that are larger than the set MTU size, leading to a buffer overflowvulnerability. An attacker could use this to cause a denial of service(system crash) or possibly execute arbitrary code. (CVE-2023-45871)Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 20.04 LTS:   linux-image-5.4.0-1026-iot      5.4.0-1026.27   linux-image-5.4.0-1034-xilinx-zynqmp  5.4.0-1034.38   linux-image-5.4.0-1061-ibm      5.4.0-1061.66   linux-image-5.4.0-1075-bluefield  5.4.0-1075.81   linux-image-5.4.0-1098-raspi    5.4.0-1098.110   linux-image-5.4.0-1103-kvm      5.4.0-1103.110   linux-image-5.4.0-1113-oracle   5.4.0-1113.122   linux-image-5.4.0-1114-aws      5.4.0-1114.124   linux-image-5.4.0-167-generic   5.4.0-167.184   linux-image-5.4.0-167-generic-lpae  5.4.0-167.184   linux-image-5.4.0-167-lowlatency  5.4.0-167.184   linux-image-aws-lts-20.04       5.4.0.1114.111   linux-image-bluefield           5.4.0.1075.70   linux-image-generic             5.4.0.167.164   linux-image-generic-lpae        5.4.0.167.164   linux-image-ibm-lts-20.04       5.4.0.1061.90   linux-image-kvm                 5.4.0.1103.99   linux-image-lowlatency          5.4.0.167.164   linux-image-oem                 5.4.0.167.164   linux-image-oem-osp1            5.4.0.167.164   linux-image-oracle-lts-20.04    5.4.0.1113.106   linux-image-raspi               5.4.0.1098.128   linux-image-raspi2              5.4.0.1098.128   linux-image-virtual             5.4.0.167.164   linux-image-xilinx-zynqmp       5.4.0.1034.34Ubuntu 18.04 LTS (Available with Ubuntu Pro):   linux-image-5.4.0-1061-ibm      5.4.0-1061.66~18.04.1   linux-image-5.4.0-1098-raspi    5.4.0-1098.110~18.04.2   linux-image-5.4.0-1113-oracle   5.4.0-1113.122~18.04.1   linux-image-5.4.0-1114-aws      5.4.0-1114.124~18.04.1   linux-image-5.4.0-167-generic   5.4.0-167.184~18.04.1   linux-image-5.4.0-167-lowlatency  5.4.0-167.184~18.04.1   linux-image-aws                 5.4.0.1114.92   linux-image-generic-hwe-18.04   5.4.0.167.184~18.04.135   linux-image-ibm                 5.4.0.1061.72   linux-image-lowlatency-hwe-18.04  5.4.0.167.184~18.04.135   linux-image-oem                 5.4.0.167.184~18.04.135   linux-image-oem-osp1            5.4.0.167.184~18.04.135   linux-image-oracle              5.4.0.1113.122~18.04.85   linux-image-raspi-hwe-18.04     5.4.0.1098.95   linux-image-snapdragon-hwe-18.04  5.4.0.167.184~18.04.135   linux-image-virtual-hwe-18.04   5.4.0.167.184~18.04.135After a standard system update you need to reboot your computer to makeall the necessary changes.ATTENTION: Due to an unavoidable ABI change the kernel updates havebeen given a new version number, which requires you to recompile andreinstall all third party kernel modules you might have installed.Unless you manually uninstalled the standard kernel metapackages(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,linux-powerpc), a standard system upgrade will automatically performthis as well.References:   https://ubuntu.com/security/notices/USN-6495-1   CVE-2023-31085, CVE-2023-45871Package Information:   https://launchpad.net/ubuntu/+source/linux/5.4.0-167.184   https://launchpad.net/ubuntu/+source/linux-aws/5.4.0-1114.124   https://launchpad.net/ubuntu/+source/linux-bluefield/5.4.0-1075.81   https://launchpad.net/ubuntu/+source/linux-ibm/5.4.0-1061.66   https://launchpad.net/ubuntu/+source/linux-iot/5.4.0-1026.27   https://launchpad.net/ubuntu/+source/linux-kvm/5.4.0-1103.110   https://launchpad.net/ubuntu/+source/linux-oracle/5.4.0-1113.122   https://launchpad.net/ubuntu/+source/linux-raspi/5.4.0-1098.110   https://launchpad.net/ubuntu/+source/linux-xilinx-zynqmp/5.4.0-1034.38

Related news

Red Hat Security Advisory 2024-1323-03

Red Hat Security Advisory 2024-1323-03 - An update for kpatch-patch is now available for Red Hat Enterprise Linux 7. Issues addressed include out of bounds write and use-after-free vulnerabilities.

Red Hat Security Advisory 2024-1269-03

Red Hat Security Advisory 2024-1269-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 8.2 Telecommunications Update Service. Issues addressed include null pointer, out of bounds write, and use-after-free vulnerabilities.

Red Hat Security Advisory 2024-1249-03

Red Hat Security Advisory 2024-1249-03 - An update for kernel is now available for Red Hat Enterprise Linux 7. Issues addressed include a use-after-free vulnerability.

Red Hat Security Advisory 2024-0999-03

Red Hat Security Advisory 2024-0999-03 - An update for kernel is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support. Issues addressed include a use-after-free vulnerability.

Red Hat Security Advisory 2024-0897-03

Red Hat Security Advisory 2024-0897-03 - An update for kernel is now available for Red Hat Enterprise Linux 8. Issues addressed include null pointer, out of bounds access, out of bounds read, out of bounds write, and use-after-free vulnerabilities.

Red Hat Security Advisory 2024-0881-03

Red Hat Security Advisory 2024-0881-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Issues addressed include null pointer, out of bounds access, out of bounds read, out of bounds write, and use-after-free vulnerabilities.

Red Hat Security Advisory 2024-0554-03

Red Hat Security Advisory 2024-0554-03 - An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include out of bounds write and use-after-free vulnerabilities.

Red Hat Security Advisory 2024-0381-03

Red Hat Security Advisory 2024-0381-03 - An update for kpatch-patch is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a use-after-free vulnerability.

Red Hat Security Advisory 2024-0378-03

Red Hat Security Advisory 2024-0378-03 - An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include out of bounds write and use-after-free vulnerabilities.

Ubuntu Security Notice USN-6572-1

Ubuntu Security Notice 6572-1 - Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service. Bien Pham discovered that the netfiler subsystem in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local user could use this to cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice USN-6537-1

Ubuntu Security Notice 6537-1 - Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service. Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate some attributes passed from userspace. A local attacker could use this to cause a denial of service or possibly expose sensitive information.

Ubuntu Security Notice USN-6502-4

Ubuntu Security Notice 6502-4 - Ivan D Barrera, Christopher Bednarz, Mustafa Ismail, and Shiraz Saleem discovered that the InfiniBand RDMA driver in the Linux kernel did not properly check for zero-length STAG or MR registration. A remote attacker could possibly use this to execute arbitrary code. Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service.

Ubuntu Security Notice USN-6496-2

Ubuntu Security Notice 6496-2 - Ivan D Barrera, Christopher Bednarz, Mustafa Ismail, and Shiraz Saleem discovered that the InfiniBand RDMA driver in the Linux kernel did not properly check for zero-length STAG or MR registration. A remote attacker could possibly use this to execute arbitrary code. Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service.

Ubuntu Security Notice USN-6495-2

Ubuntu Security Notice 6495-2 - Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service. Manfred Rudigier discovered that the Intel PCI-Express Gigabit Ethernet driver in the Linux kernel did not properly validate received frames that are larger than the set MTU size, leading to a buffer overflow vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice USN-6494-2

Ubuntu Security Notice 6494-2 - Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service. Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate some attributes passed from userspace. A local attacker could use this to cause a denial of service or possibly expose sensitive information.

Ubuntu Security Notice USN-6502-2

Ubuntu Security Notice 6502-2 - Ivan D Barrera, Christopher Bednarz, Mustafa Ismail, and Shiraz Saleem discovered that the InfiniBand RDMA driver in the Linux kernel did not properly check for zero-length STAG or MR registration. A remote attacker could possibly use this to execute arbitrary code. Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service.

Ubuntu Security Notice USN-6516-1

Ubuntu Security Notice 6516-1 - Ivan D Barrera, Christopher Bednarz, Mustafa Ismail, and Shiraz Saleem discovered that the InfiniBand RDMA driver in the Linux kernel did not properly check for zero-length STAG or MR registration. A remote attacker could possibly use this to execute arbitrary code. Yu Hao and Weiteng Chen discovered that the Bluetooth HCI UART driver in the Linux kernel contained a race condition, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service.

Ubuntu Security Notice USN-6503-1

Ubuntu Security Notice 6503-1 - Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service. Bien Pham discovered that the netfiler subsystem in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local user could use this to cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice USN-6502-1

Ubuntu Security Notice 6502-1 - Ivan D Barrera, Christopher Bednarz, Mustafa Ismail, and Shiraz Saleem discovered that the InfiniBand RDMA driver in the Linux kernel did not properly check for zero-length STAG or MR registration. A remote attacker could possibly use this to execute arbitrary code. Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service.

Ubuntu Security Notice USN-6502-1

Ubuntu Security Notice 6502-1 - Ivan D Barrera, Christopher Bednarz, Mustafa Ismail, and Shiraz Saleem discovered that the InfiniBand RDMA driver in the Linux kernel did not properly check for zero-length STAG or MR registration. A remote attacker could possibly use this to execute arbitrary code. Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service.

Ubuntu Security Notice USN-6496-1

Ubuntu Security Notice 6496-1 - Ivan D Barrera, Christopher Bednarz, Mustafa Ismail, and Shiraz Saleem discovered that the InfiniBand RDMA driver in the Linux kernel did not properly check for zero-length STAG or MR registration. A remote attacker could possibly use this to execute arbitrary code. Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service.

Ubuntu Security Notice USN-6496-1

Ubuntu Security Notice 6496-1 - Ivan D Barrera, Christopher Bednarz, Mustafa Ismail, and Shiraz Saleem discovered that the InfiniBand RDMA driver in the Linux kernel did not properly check for zero-length STAG or MR registration. A remote attacker could possibly use this to execute arbitrary code. Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service.

CVE-2023-45871

An issue was discovered in drivers/net/ethernet/intel/igb/igb_main.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be adequate for frames larger than the MTU.

CVE-2023-31085: Re: BUG: divide error in ubi_attach_mtd_dev

An issue was discovered in drivers/mtd/ubi/cdev.c in the Linux kernel 6.2. There is a divide-by-zero error in do_div(sz,mtd->erasesize), used indirectly by ctrl_cdev_ioctl, when mtd->erasesize is 0.

Packet Storm: Latest News

Zeek 6.0.9