[USN-6343-1] Linux kernel (OEM) vulnerabilities
Several security issues were fixed in the Linux kernel.
It was discovered that the IPv6 implementation in the Linux kernel
contained a high rate of hash collisions in connection lookup table. A
remote attacker could use this to cause a denial of service (excessive CPU
consumption). (CVE-2023-1206)
Ross Lagerwall discovered that the Xen netback backend driver in the Linux
kernel did not properly handle certain unusual packets from a
paravirtualized network frontend, leading to a buffer overflow. An attacker
in a guest VM could use this to cause a denial of service (host system
crash) or possibly execute arbitrary code. (CVE-2023-34319)
It was discovered that the bluetooth subsystem in the Linux kernel did not
properly handle L2CAP socket release, leading to a use-after-free
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2023-40283)
It was discovered that some network classifier implementations in the Linux
kernel contained use-after-free vulnerabilities. A local attacker could use
this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2023-4128)
Andy Nguyen discovered that the KVM implementation for AMD processors in
the Linux kernel with Secure Encrypted Virtualization (SEV) contained a
race condition when accessing the GHCB page. A local attacker in a SEV
guest VM could possibly use this to cause a denial of service (host system
crash). (CVE-2023-4155)
It was discovered that the TUN/TAP driver in the Linux kernel did not
properly initialize socket data. A local attacker could use this to cause a
denial of service (system crash). (CVE-2023-4194)
Maxim Suhanov discovered that the exFAT file system implementation in the
Linux kernel did not properly check a file name length, leading to an out-
of-bounds write vulnerability. An attacker could use this to construct a
malicious exFAT image that, when mounted and operated on, could cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2023-4273)
- ID
- USN-6343-1
- Severity
- high
- Severity from
- CVE-2023-34319
- URL
- https://ubuntu.com/security/notices/USN-6343-1
- Published
-
2023-09-06T12:32:04
(12 months ago) - Modified
-
2023-09-06T12:32:04
(12 months ago) - Other Advisories
-
-
ALAS-2023-1776
-
ALAS-2023-1803
-
ALAS-2023-1827
-
ALAS2-2023-2108
-
ALAS2-2023-2206
-
ALAS2-2023-2268
-
ALSA-2023:7077
-
ALSA-2024:0897
-
DSA-5480-1
-
DSA-5492-1
-
ELSA-2023-12970
-
ELSA-2023-6583
-
ELSA-2023-7077
-
ELSA-2023-7423
-
ELSA-2024-0461
-
ELSA-2024-0897
-
ELSA-2024-12094
-
ELSA-2024-12169
-
FEDORA-2023-638681260a
-
FEDORA-2023-d9509be489
-
FEDORA-2023-ddfd3073b3
-
FEDORA-2023-ee241dcf80
-
MS:CVE-2023-4128
-
MS:CVE-2023-4194
-
RHSA-2023:6901
-
RHSA-2023:7077
-
RHSA-2023:7419
-
RHSA-2023:7423
-
RHSA-2023:7424
-
RHSA-2024:0881
-
RHSA-2024:0897
-
SSA:2023-325-01
-
SUSE-SU-2023:3390-1
-
SUSE-SU-2023:3392-1
-
SUSE-SU-2023:3599-1
-
SUSE-SU-2023:3599-2
-
SUSE-SU-2023:3600-1
-
SUSE-SU-2023:3600-2
-
SUSE-SU-2023:3601-1
-
SUSE-SU-2023:3656-1
-
SUSE-SU-2023:3680-1
-
SUSE-SU-2023:3681-1
-
SUSE-SU-2023:3682-1
-
SUSE-SU-2023:3683-1
-
SUSE-SU-2023:3684-1
-
SUSE-SU-2023:3687-1
-
SUSE-SU-2023:3704-1
-
SUSE-SU-2023:3705-1
-
SUSE-SU-2023:3772-1
-
SUSE-SU-2023:3773-1
-
SUSE-SU-2023:3783-1
-
SUSE-SU-2023:3784-1
-
SUSE-SU-2023:3785-1
-
SUSE-SU-2023:3788-1
-
SUSE-SU-2023:3806-1
-
SUSE-SU-2023:3812-1
-
SUSE-SU-2023:3844-1
-
SUSE-SU-2023:3846-1
-
SUSE-SU-2023:3889-1
-
SUSE-SU-2023:3891-1
-
SUSE-SU-2023:3892-1
-
SUSE-SU-2023:3893-1
-
SUSE-SU-2023:3912-1
-
SUSE-SU-2023:3922-1
-
SUSE-SU-2023:3923-1
-
SUSE-SU-2023:3924-1
-
SUSE-SU-2023:3928-1
-
SUSE-SU-2023:3929-1
-
SUSE-SU-2023:3964-1
-
SUSE-SU-2023:3969-1
-
SUSE-SU-2023:3971-1
-
SUSE-SU-2023:3988-1
-
SUSE-SU-2023:4030-1
-
SUSE-SU-2023:4031-1
-
SUSE-SU-2023:4032-1
-
SUSE-SU-2023:4033-1
-
SUSE-SU-2023:4035-1
-
SUSE-SU-2023:4057-1
-
SUSE-SU-2023:4058-1
-
SUSE-SU-2023:4071-1
-
SUSE-SU-2023:4072-1
-
SUSE-SU-2023:4072-2
-
SUSE-SU-2023:4093-1
-
SUSE-SU-2023:4095-1
-
SUSE-SU-2023:4142-1
-
SUSE-SU-2023:4347-1
-
SUSE-SU-2024:0112-1
-
USN-6383-1
-
USN-6385-1
-
USN-6386-1
-
USN-6386-2
-
USN-6386-3
-
USN-6387-1
-
USN-6387-2
-
USN-6388-1
-
USN-6396-1
-
USN-6396-2
-
USN-6396-3
-
USN-6412-1
-
USN-6416-1
-
USN-6416-2
-
USN-6416-3
-
USN-6417-1
-
USN-6439-1
-
USN-6439-2
-
USN-6440-1
-
USN-6440-2
-
USN-6440-3
-
USN-6441-1
-
USN-6441-2
-
USN-6441-3
-
USN-6442-1
-
USN-6444-1
-
USN-6444-2
-
USN-6445-1
-
USN-6445-2
-
USN-6446-1
-
USN-6446-2
-
USN-6446-3
-
USN-6460-1
-
USN-6466-1
-
XSA-432
-
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:deb/ubuntu/linux-tools-oem-22.04c?distro=jammy | ubuntu |
 linux-tools-oem-22.04c
|
< 6.1.0.1021.21 | jammy | ||
| Affected | pkg:deb/ubuntu/linux-tools-6.1.0-1021-oem?distro=jammy | ubuntu |
linux-tools-6.1.0-1021-oem
|
< 6.1.0-1021.21 | jammy | ||
| Affected | pkg:deb/ubuntu/linux-oem-6.1-tools-host?distro=jammy | ubuntu |
linux-oem-6.1-tools-host
|
< 6.1.0-1021.21 | jammy | ||
| Affected | pkg:deb/ubuntu/linux-oem-6.1-tools-6.1.0-1021?distro=jammy | ubuntu |
linux-oem-6.1-tools-6.1.0-1021
|
< 6.1.0-1021.21 | jammy | ||
| Affected | pkg:deb/ubuntu/linux-oem-6.1-headers-6.1.0-1021?distro=jammy | ubuntu |
linux-oem-6.1-headers-6.1.0-1021
|
< 6.1.0-1021.21 | jammy | ||
| Affected | pkg:deb/ubuntu/linux-oem-22.04c?distro=jammy | ubuntu |
linux-oem-22.04c
|
< 6.1.0.1021.21 | jammy | ||
| Affected | pkg:deb/ubuntu/linux-modules-iwlwifi-oem-22.04c?distro=jammy | ubuntu |
linux-modules-iwlwifi-oem-22.04c
|
< 6.1.0.1021.21 | jammy | ||
| Affected | pkg:deb/ubuntu/linux-modules-iwlwifi-6.1.0-1021-oem?distro=jammy | ubuntu |
linux-modules-iwlwifi-6.1.0-1021-oem
|
< 6.1.0-1021.21 | jammy | ||
| Affected | pkg:deb/ubuntu/linux-modules-ivsc-oem-22.04c?distro=jammy | ubuntu |
linux-modules-ivsc-oem-22.04c
|
< 6.1.0.1021.21 | jammy | ||
| Affected | pkg:deb/ubuntu/linux-modules-ivsc-6.1.0-1021-oem?distro=jammy | ubuntu |
linux-modules-ivsc-6.1.0-1021-oem
|
< 6.1.0-1021.21 | jammy | ||
| Affected | pkg:deb/ubuntu/linux-modules-ipu6-oem-22.04c?distro=jammy | ubuntu |
linux-modules-ipu6-oem-22.04c
|
< 6.1.0.1021.21 | jammy | ||
| Affected | pkg:deb/ubuntu/linux-modules-ipu6-6.1.0-1021-oem?distro=jammy | ubuntu |
linux-modules-ipu6-6.1.0-1021-oem
|
< 6.1.0-1021.21 | jammy | ||
| Affected | pkg:deb/ubuntu/linux-modules-6.1.0-1021-oem?distro=jammy | ubuntu |
linux-modules-6.1.0-1021-oem
|
< 6.1.0-1021.21 | jammy | ||
| Affected | pkg:deb/ubuntu/linux-image-unsigned-6.1.0-1021-oem?distro=jammy | ubuntu |
linux-image-unsigned-6.1.0-1021-oem
|
< 6.1.0-1021.21 | jammy | ||
| Affected | pkg:deb/ubuntu/linux-image-oem-22.04c?distro=jammy | ubuntu |
linux-image-oem-22.04c
|
< 6.1.0.1021.21 | jammy | ||
| Affected | pkg:deb/ubuntu/linux-image-6.1.0-1021-oem?distro=jammy | ubuntu |
linux-image-6.1.0-1021-oem
|
< 6.1.0-1021.21 | jammy | ||
| Affected | pkg:deb/ubuntu/linux-headers-oem-22.04c?distro=jammy | ubuntu |
linux-headers-oem-22.04c
|
< 6.1.0.1021.21 | jammy | ||
| Affected | pkg:deb/ubuntu/linux-headers-6.1.0-1021-oem?distro=jammy | ubuntu |
linux-headers-6.1.0-1021-oem
|
< 6.1.0-1021.21 | jammy | ||
| Affected | pkg:deb/ubuntu/linux-buildinfo-6.1.0-1021-oem?distro=jammy | ubuntu |
linux-buildinfo-6.1.0-1021-oem
|
< 6.1.0-1021.21 | jammy |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |