[USN-6327-1] Linux kernel (KVM) vulnerabilities
Several security issues were fixed in the Linux kernel.
Zheng Zhang discovered that the device-mapper implementation in the Linux
kernel did not properly handle locking during table_clear() operations. A
local attacker could use this to cause a denial of service (kernel
deadlock). (CVE-2023-2269)
It was discovered that a use-after-free vulnerability existed in the HFS+
file system implementation in the Linux kernel. A local attacker could
possibly use this to cause a denial of service (system crash).
(CVE-2023-2985)
It was discovered that the DVB Core driver in the Linux kernel did not
properly handle locking events in certain situations. A local attacker
could use this to cause a denial of service (kernel deadlock).
(CVE-2023-31084)
It was discovered that the virtual terminal driver in the Linux kernel
contained a use-after-free vulnerability. A local attacker could use this
to cause a denial of service (system crash) or possibly expose sensitive
information (kernel memory). (CVE-2023-3567)
It was discovered that the Quick Fair Queueing network scheduler
implementation in the Linux kernel contained an out-of-bounds write
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2023-3611)
It was discovered that the network packet classifier with
netfilter/firewall marks implementation in the Linux kernel did not
properly handle reference counting, leading to a use-after-free
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2023-3776)
Package | Affected Version |
---|---|
pkg:deb/ubuntu/linux-tools-kvm?distro=xenial | < 4.4.0.1123.120 |
pkg:deb/ubuntu/linux-tools-4.4.0-1123-kvm?distro=xenial | < 4.4.0-1123.133 |
pkg:deb/ubuntu/linux-modules-4.4.0-1123-kvm?distro=xenial | < 4.4.0-1123.133 |
pkg:deb/ubuntu/linux-kvm?distro=xenial | < 4.4.0.1123.120 |
pkg:deb/ubuntu/linux-kvm-tools-4.4.0-1123?distro=xenial | < 4.4.0-1123.133 |
pkg:deb/ubuntu/linux-kvm-headers-4.4.0-1123?distro=xenial | < 4.4.0-1123.133 |
pkg:deb/ubuntu/linux-kvm-cloud-tools-4.4.0-1123?distro=xenial | < 4.4.0-1123.133 |
pkg:deb/ubuntu/linux-image-kvm?distro=xenial | < 4.4.0.1123.120 |
pkg:deb/ubuntu/linux-image-4.4.0-1123-kvm?distro=xenial | < 4.4.0-1123.133 |
pkg:deb/ubuntu/linux-headers-kvm?distro=xenial | < 4.4.0.1123.120 |
pkg:deb/ubuntu/linux-headers-4.4.0-1123-kvm?distro=xenial | < 4.4.0-1123.133 |
pkg:deb/ubuntu/linux-cloud-tools-4.4.0-1123-kvm?distro=xenial | < 4.4.0-1123.133 |
pkg:deb/ubuntu/linux-buildinfo-4.4.0-1123-kvm?distro=xenial | < 4.4.0-1123.133 |
- ID
- USN-6327-1
- Severity
- high
- Severity from
- CVE-2023-3611
- URL
- https://ubuntu.com/security/notices/USN-6327-1
- Published
-
2023-08-31T21:51:29
(12 months ago) - Modified
-
2023-08-31T21:51:29
(12 months ago) - Other Advisories
-
- ALAS-2023-1701
- ALAS-2023-1773
- ALAS-2023-1792
- ALAS-2023-1897
- ALAS2-2023-1987
- ALAS2-2023-2100
- ALAS2-2023-2179
- ALAS2-2023-2359
- ALSA-2023:5069
- ALSA-2023:5244
- ALSA-2023:7077
- ALSA-2024:3138
- DSA-5448-1
- DSA-5480-1
- DSA-5492-1
- ELSA-2023-12565
- ELSA-2023-12566
- ELSA-2023-12688
- ELSA-2023-12759
- ELSA-2023-12792
- ELSA-2023-12842
- ELSA-2023-5069
- ELSA-2023-5244
- ELSA-2023-7077
- ELSA-2023-7423
- ELSA-2024-1831
- ELSA-2024-2394
- ELSA-2024-3138
- FEDORA-2023-00393126a0
- FEDORA-2023-26325e5399
- FEDORA-2023-4426b7005f
- FEDORA-2023-75b22000cd
- FEDORA-2023-dfd4a6e8f2
- MS:CVE-2023-2985
- MS:CVE-2023-3567
- MS:CVE-2023-3611
- MS:CVE-2023-3776
- RHSA-2023:5069
- RHSA-2023:5091
- RHSA-2023:5093
- RHSA-2023:5221
- RHSA-2023:5244
- RHSA-2023:5255
- RHSA-2023:6901
- RHSA-2023:7077
- RHSA-2023:7419
- RHSA-2023:7423
- RHSA-2023:7424
- RHSA-2024:2950
- RHSA-2024:3138
- RLSA-2023:5244
- RLSA-2024:3138
- SSA:2023-172-02
- SSA:2023-325-01
- SUSE-SU-2023:2500-1
- SUSE-SU-2023:2501-1
- SUSE-SU-2023:2502-1
- SUSE-SU-2023:2507-1
- SUSE-SU-2023:2534-1
- SUSE-SU-2023:2537-1
- SUSE-SU-2023:2538-1
- SUSE-SU-2023:2611-1
- SUSE-SU-2023:2646-1
- SUSE-SU-2023:2651-1
- SUSE-SU-2023:2653-1
- SUSE-SU-2023:2782-1
- SUSE-SU-2023:2809-1
- SUSE-SU-2023:2871-1
- SUSE-SU-2023:3006-1
- SUSE-SU-2023:3171-1
- SUSE-SU-2023:3172-1
- SUSE-SU-2023:3180-1
- SUSE-SU-2023:3182-1
- SUSE-SU-2023:3302-1
- SUSE-SU-2023:3309-1
- SUSE-SU-2023:3311-1
- SUSE-SU-2023:3313-1
- SUSE-SU-2023:3318-1
- SUSE-SU-2023:3324-1
- SUSE-SU-2023:3329-1
- SUSE-SU-2023:3333-1
- SUSE-SU-2023:3349-1
- SUSE-SU-2023:3376-1
- SUSE-SU-2023:3377-1
- SUSE-SU-2023:3390-1
- SUSE-SU-2023:3391-1
- SUSE-SU-2023:3392-1
- SUSE-SU-2023:3421-1
- SUSE-SU-2023:3566-1
- SUSE-SU-2023:3571-1
- SUSE-SU-2023:3572-1
- SUSE-SU-2023:3576-1
- SUSE-SU-2023:3582-1
- SUSE-SU-2023:3585-1
- SUSE-SU-2023:3592-1
- SUSE-SU-2023:3594-1
- SUSE-SU-2023:3595-1
- SUSE-SU-2023:3596-1
- SUSE-SU-2023:3598-1
- SUSE-SU-2023:3603-1
- SUSE-SU-2023:3607-1
- SUSE-SU-2023:3612-1
- SUSE-SU-2023:3620-1
- SUSE-SU-2023:3621-1
- SUSE-SU-2023:3622-1
- SUSE-SU-2023:3623-1
- SUSE-SU-2023:3627-1
- SUSE-SU-2023:3628-1
- SUSE-SU-2023:3629-1
- SUSE-SU-2023:3630-1
- SUSE-SU-2023:3631-1
- SUSE-SU-2023:3632-1
- SUSE-SU-2023:3644-1
- SUSE-SU-2023:3671-1
- SUSE-SU-2023:3749-1
- SUSE-SU-2023:3768-1
- SUSE-SU-2023:3772-1
- SUSE-SU-2023:3773-1
- SUSE-SU-2023:3783-1
- SUSE-SU-2023:3784-1
- SUSE-SU-2023:3786-1
- SUSE-SU-2023:3788-1
- SUSE-SU-2023:3809-1
- SUSE-SU-2023:3812-1
- SUSE-SU-2023:3838-1
- SUSE-SU-2023:3844-1
- SUSE-SU-2023:3846-1
- SUSE-SU-2023:3889-1
- SUSE-SU-2023:3892-1
- SUSE-SU-2023:3893-1
- SUSE-SU-2023:3922-1
- SUSE-SU-2023:3923-1
- SUSE-SU-2023:3924-1
- SUSE-SU-2023:3928-1
- USN-6171-1
- USN-6172-1
- USN-6173-1
- USN-6185-1
- USN-6187-1
- USN-6207-1
- USN-6222-1
- USN-6223-1
- USN-6231-1
- USN-6256-1
- USN-6283-1
- USN-6285-1
- USN-6300-1
- USN-6309-1
- USN-6311-1
- USN-6315-1
- USN-6317-1
- USN-6318-1
- USN-6321-1
- USN-6324-1
- USN-6325-1
- USN-6328-1
- USN-6329-1
- USN-6330-1
- USN-6331-1
- USN-6332-1
- USN-6338-1
- USN-6338-2
- USN-6339-1
- USN-6339-2
- USN-6339-3
- USN-6339-4
- USN-6340-1
- USN-6340-2
- USN-6341-1
- USN-6342-1
- USN-6342-2
- USN-6344-1
- USN-6346-1
- USN-6347-1
- USN-6348-1
- USN-6349-1
- USN-6350-1
- USN-6351-1
- USN-6357-1
- USN-6385-1
- USN-6397-1
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:deb/ubuntu/linux-tools-kvm?distro=xenial | ubuntu | linux-tools-kvm | < 4.4.0.1123.120 | xenial | ||
Affected | pkg:deb/ubuntu/linux-tools-4.4.0-1123-kvm?distro=xenial | ubuntu | linux-tools-4.4.0-1123-kvm | < 4.4.0-1123.133 | xenial | ||
Affected | pkg:deb/ubuntu/linux-modules-4.4.0-1123-kvm?distro=xenial | ubuntu | linux-modules-4.4.0-1123-kvm | < 4.4.0-1123.133 | xenial | ||
Affected | pkg:deb/ubuntu/linux-kvm?distro=xenial | ubuntu | linux-kvm | < 4.4.0.1123.120 | xenial | ||
Affected | pkg:deb/ubuntu/linux-kvm-tools-4.4.0-1123?distro=xenial | ubuntu | linux-kvm-tools-4.4.0-1123 | < 4.4.0-1123.133 | xenial | ||
Affected | pkg:deb/ubuntu/linux-kvm-headers-4.4.0-1123?distro=xenial | ubuntu | linux-kvm-headers-4.4.0-1123 | < 4.4.0-1123.133 | xenial | ||
Affected | pkg:deb/ubuntu/linux-kvm-cloud-tools-4.4.0-1123?distro=xenial | ubuntu | linux-kvm-cloud-tools-4.4.0-1123 | < 4.4.0-1123.133 | xenial | ||
Affected | pkg:deb/ubuntu/linux-image-kvm?distro=xenial | ubuntu | linux-image-kvm | < 4.4.0.1123.120 | xenial | ||
Affected | pkg:deb/ubuntu/linux-image-4.4.0-1123-kvm?distro=xenial | ubuntu | linux-image-4.4.0-1123-kvm | < 4.4.0-1123.133 | xenial | ||
Affected | pkg:deb/ubuntu/linux-headers-kvm?distro=xenial | ubuntu | linux-headers-kvm | < 4.4.0.1123.120 | xenial | ||
Affected | pkg:deb/ubuntu/linux-headers-4.4.0-1123-kvm?distro=xenial | ubuntu | linux-headers-4.4.0-1123-kvm | < 4.4.0-1123.133 | xenial | ||
Affected | pkg:deb/ubuntu/linux-cloud-tools-4.4.0-1123-kvm?distro=xenial | ubuntu | linux-cloud-tools-4.4.0-1123-kvm | < 4.4.0-1123.133 | xenial | ||
Affected | pkg:deb/ubuntu/linux-buildinfo-4.4.0-1123-kvm?distro=xenial | ubuntu | linux-buildinfo-4.4.0-1123-kvm | < 4.4.0-1123.133 | xenial |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |