[USN-6135-1] Linux kernel (Azure CVM) vulnerabilities
Several security issues were fixed in the Linux kernel.
Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in
the netfilter subsystem of the Linux kernel when processing batch requests,
leading to a use-after-free vulnerability. A local attacker could use this
to cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2023-32233)
Gwangun Jung discovered that the Quick Fair Queueing scheduler
implementation in the Linux kernel contained an out-of-bounds write
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2023-31436)
Reima Ishii discovered that the nested KVM implementation for Intel x86
processors in the Linux kernel did not properly validate control registers
in certain situations. An attacker in a guest VM could use this to cause a
denial of service (guest crash). (CVE-2023-30456)
It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux
kernel did not properly perform data buffer size validation in some
situations. A physically proximate attacker could use this to craft a
malicious USB device that when inserted, could cause a denial of service
(system crash) or possibly expose sensitive information. (CVE-2023-1380)
Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu
Linux kernel contained a race condition when handling inode locking in some
situations. A local attacker could use this to cause a denial of service
(kernel deadlock). (CVE-2023-2612)
- ID
- USN-6135-1
- Severity
- high
- Severity from
- CVE-2023-31436
- URL
- https://ubuntu.com/security/notices/USN-6135-1
- Published
-
2023-06-02T15:52:36
(15 months ago) - Modified
-
2023-06-02T15:52:36
(15 months ago) - Other Advisories
-
-
ALAS-2023-1744
-
ALAS-2023-1750
-
ALAS-2024-1942
-
ALAS2-2023-2035
-
ALAS2-2023-2050
-
ALAS2-2024-2581
-
ALPINE:CVE-2023-32233
-
ALSA-2023:3349
-
ALSA-2023:3723
-
ALSA-2023:7077
-
DSA-5402-1
-
DSA-5480-1
-
ELSA-2023-12339
-
ELSA-2023-12393
-
ELSA-2023-12394
-
ELSA-2023-12412
-
ELSA-2023-12413
-
ELSA-2023-12688
-
ELSA-2023-3349
-
ELSA-2023-3723
-
ELSA-2023-5622
-
ELSA-2023-6583
-
ELSA-2023-7077
-
ELSA-2024-1831
-
MS:CVE-2023-31436
-
RHSA-2023:3349
-
RHSA-2023:3350
-
RHSA-2023:3351
-
RHSA-2023:3705
-
RHSA-2023:3708
-
RHSA-2023:3723
-
RHSA-2023:5574
-
RHSA-2023:5621
-
RHSA-2023:5622
-
RHSA-2023:6901
-
RHSA-2023:7077
-
RHSA-2024:1323
-
SSA:2023-172-02
-
SUSE-SU-2023:2500-1
-
SUSE-SU-2023:2501-1
-
SUSE-SU-2023:2502-1
-
SUSE-SU-2023:2507-1
-
SUSE-SU-2023:2534-1
-
SUSE-SU-2023:2537-1
-
SUSE-SU-2023:2538-1
-
SUSE-SU-2023:2611-1
-
SUSE-SU-2023:2646-1
-
SUSE-SU-2023:2651-1
-
SUSE-SU-2023:2653-1
-
SUSE-SU-2023:2660-1
-
SUSE-SU-2023:2666-1
-
SUSE-SU-2023:2679-1
-
SUSE-SU-2023:2680-1
-
SUSE-SU-2023:2681-1
-
SUSE-SU-2023:2686-1
-
SUSE-SU-2023:2687-1
-
SUSE-SU-2023:2689-1
-
SUSE-SU-2023:2690-1
-
SUSE-SU-2023:2694-1
-
SUSE-SU-2023:2695-1
-
SUSE-SU-2023:2697-1
-
SUSE-SU-2023:2698-1
-
SUSE-SU-2023:2700-1
-
SUSE-SU-2023:2701-1
-
SUSE-SU-2023:2702-1
-
SUSE-SU-2023:2703-1
-
SUSE-SU-2023:2708-1
-
SUSE-SU-2023:2709-1
-
SUSE-SU-2023:2710-1
-
SUSE-SU-2023:2714-1
-
SUSE-SU-2023:2718-1
-
SUSE-SU-2023:2719-1
-
SUSE-SU-2023:2720-1
-
SUSE-SU-2023:2721-1
-
SUSE-SU-2023:2724-1
-
SUSE-SU-2023:2727-1
-
SUSE-SU-2023:2731-1
-
SUSE-SU-2023:2734-1
-
SUSE-SU-2023:2735-1
-
SUSE-SU-2023:2741-1
-
SUSE-SU-2023:2743-1
-
SUSE-SU-2023:2755-1
-
SUSE-SU-2023:2782-1
-
SUSE-SU-2023:2805-1
-
SUSE-SU-2023:2809-1
-
SUSE-SU-2023:2871-1
-
SUSE-SU-2023:3594-1
-
SUSE-SU-2023:3595-1
-
SUSE-SU-2023:3607-1
-
SUSE-SU-2023:3612-1
-
SUSE-SU-2023:3620-1
-
SUSE-SU-2023:3623-1
-
SUSE-SU-2023:3627-1
-
SUSE-SU-2023:3628-1
-
SUSE-SU-2023:3630-1
-
SUSE-SU-2023:3644-1
-
SUSE-SU-2023:3647-1
-
SUSE-SU-2023:3648-1
-
SUSE-SU-2023:3668-1
-
SUSE-SU-2023:3671-1
-
SUSE-SU-2023:3675-1
-
USN-6033-1
-
USN-6122-1
-
USN-6123-1
-
USN-6124-1
-
USN-6127-1
-
USN-6130-1
-
USN-6131-1
-
USN-6132-1
-
USN-6149-1
-
USN-6150-1
-
USN-6162-1
-
USN-6173-1
-
USN-6175-1
-
USN-6186-1
-
USN-6222-1
-
USN-6256-1
-
USN-6385-1
-
USN-6460-1
-
USN-6699-1
-
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:deb/ubuntu/linux-tools-azure-fde?distro=jammy | ubuntu |
 linux-tools-azure-fde
|
< 5.15.0.1039.46.16 | jammy | ||
| Affected | pkg:deb/ubuntu/linux-tools-azure-fde?distro=focal | ubuntu |
linux-tools-azure-fde
|
< 5.15.0.1039.46~20.04.1.18 | focal | ||
| Affected | pkg:deb/ubuntu/linux-tools-azure-fde-edge?distro=focal | ubuntu |
linux-tools-azure-fde-edge
|
< 5.15.0.1039.46~20.04.1.18 | focal | ||
| Affected | pkg:deb/ubuntu/linux-modules-extra-azure-fde?distro=jammy | ubuntu |
linux-modules-extra-azure-fde
|
< 5.15.0.1039.46.16 | jammy | ||
| Affected | pkg:deb/ubuntu/linux-modules-extra-azure-fde?distro=focal | ubuntu |
linux-modules-extra-azure-fde
|
< 5.15.0.1039.46~20.04.1.18 | focal | ||
| Affected | pkg:deb/ubuntu/linux-modules-extra-azure-fde-edge?distro=focal | ubuntu |
linux-modules-extra-azure-fde-edge
|
< 5.15.0.1039.46~20.04.1.18 | focal | ||
| Affected | pkg:deb/ubuntu/linux-image-unsigned-5.15.0-1039-azure-fde?distro=jammy | ubuntu |
linux-image-unsigned-5.15.0-1039-azure-fde
|
< 5.15.0-1039.46.1 | jammy | ||
| Affected | pkg:deb/ubuntu/linux-image-unsigned-5.15.0-1039-azure-fde?distro=focal | ubuntu |
linux-image-unsigned-5.15.0-1039-azure-fde
|
< 5.15.0-1039.46~20.04.1.1 | focal | ||
| Affected | pkg:deb/ubuntu/linux-image-azure-fde?distro=jammy | ubuntu |
linux-image-azure-fde
|
< 5.15.0.1039.46.16 | jammy | ||
| Affected | pkg:deb/ubuntu/linux-image-azure-fde?distro=focal | ubuntu |
linux-image-azure-fde
|
< 5.15.0.1039.46~20.04.1.18 | focal | ||
| Affected | pkg:deb/ubuntu/linux-image-azure-fde-edge?distro=focal | ubuntu |
linux-image-azure-fde-edge
|
< 5.15.0.1039.46~20.04.1.18 | focal | ||
| Affected | pkg:deb/ubuntu/linux-image-5.15.0-1039-azure-fde?distro=jammy | ubuntu |
linux-image-5.15.0-1039-azure-fde
|
< 5.15.0-1039.46.1 | jammy | ||
| Affected | pkg:deb/ubuntu/linux-image-5.15.0-1039-azure-fde?distro=focal | ubuntu |
linux-image-5.15.0-1039-azure-fde
|
< 5.15.0-1039.46~20.04.1.1 | focal | ||
| Affected | pkg:deb/ubuntu/linux-headers-azure-fde?distro=jammy | ubuntu |
linux-headers-azure-fde
|
< 5.15.0.1039.46.16 | jammy | ||
| Affected | pkg:deb/ubuntu/linux-headers-azure-fde?distro=focal | ubuntu |
linux-headers-azure-fde
|
< 5.15.0.1039.46~20.04.1.18 | focal | ||
| Affected | pkg:deb/ubuntu/linux-headers-azure-fde-edge?distro=focal | ubuntu |
linux-headers-azure-fde-edge
|
< 5.15.0.1039.46~20.04.1.18 | focal | ||
| Affected | pkg:deb/ubuntu/linux-cloud-tools-azure-fde?distro=jammy | ubuntu |
linux-cloud-tools-azure-fde
|
< 5.15.0.1039.46.16 | jammy | ||
| Affected | pkg:deb/ubuntu/linux-cloud-tools-azure-fde?distro=focal | ubuntu |
linux-cloud-tools-azure-fde
|
< 5.15.0.1039.46~20.04.1.18 | focal | ||
| Affected | pkg:deb/ubuntu/linux-cloud-tools-azure-fde-edge?distro=focal | ubuntu |
linux-cloud-tools-azure-fde-edge
|
< 5.15.0.1039.46~20.04.1.18 | focal | ||
| Affected | pkg:deb/ubuntu/linux-azure-fde?distro=jammy | ubuntu |
linux-azure-fde
|
< 5.15.0.1039.46.16 | jammy | ||
| Affected | pkg:deb/ubuntu/linux-azure-fde?distro=focal | ubuntu |
linux-azure-fde
|
< 5.15.0.1039.46~20.04.1.18 | focal | ||
| Affected | pkg:deb/ubuntu/linux-azure-fde-edge?distro=focal | ubuntu |
linux-azure-fde-edge
|
< 5.15.0.1039.46~20.04.1.18 | focal |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |