[USN-6396-2] Linux kernel (KVM) vulnerabilities
Several security issues were fixed in the Linux kernel.
It was discovered that some AMD x86-64 processors with SMT enabled could
speculatively execute instructions using a return address from a sibling
thread. A local attacker could possibly use this to expose sensitive
information. (CVE-2022-27672)
Daniel Moghimi discovered that some Intel(R) Processors did not properly
clear microarchitectural state after speculative execution of various
instructions. A local unprivileged user could use this to obtain to
sensitive information. (CVE-2022-40982)
Yang Lan discovered that the GFS2 file system implementation in the Linux
kernel could attempt to dereference a null pointer in some situations. An
attacker could use this to construct a malicious GFS2 image that, when
mounted and operated on, could cause a denial of service (system crash).
(CVE-2023-3212)
It was discovered that the NFC implementation in the Linux kernel contained
a use-after-free vulnerability when performing peer-to-peer communication
in certain conditions. A privileged attacker could use this to cause a
denial of service (system crash) or possibly expose sensitive information
(kernel memory). (CVE-2023-3863)
It was discovered that the bluetooth subsystem in the Linux kernel did not
properly handle L2CAP socket release, leading to a use-after-free
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2023-40283)
It was discovered that some network classifier implementations in the Linux
kernel contained use-after-free vulnerabilities. A local attacker could use
this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2023-4128)
| Package | Affected Version |
|---|---|
 pkg:deb/ubuntu/linux-tools-kvm?distro=bionic
|
< 4.15.0.1145.136 |
|
pkg:deb/ubuntu/linux-tools-4.15.0-1145-kvm?distro=bionic
|
< 4.15.0-1145.150 |
|
pkg:deb/ubuntu/linux-modules-4.15.0-1145-kvm?distro=bionic
|
< 4.15.0-1145.150 |
|
pkg:deb/ubuntu/linux-kvm?distro=bionic
|
< 4.15.0.1145.136 |
|
pkg:deb/ubuntu/linux-kvm-tools-4.15.0-1145?distro=bionic
|
< 4.15.0-1145.150 |
|
pkg:deb/ubuntu/linux-kvm-headers-4.15.0-1145?distro=bionic
|
< 4.15.0-1145.150 |
|
pkg:deb/ubuntu/linux-image-kvm?distro=bionic
|
< 4.15.0.1145.136 |
|
pkg:deb/ubuntu/linux-image-4.15.0-1145-kvm?distro=bionic
|
< 4.15.0-1145.150 |
|
pkg:deb/ubuntu/linux-headers-kvm?distro=bionic
|
< 4.15.0.1145.136 |
|
pkg:deb/ubuntu/linux-headers-4.15.0-1145-kvm?distro=bionic
|
< 4.15.0-1145.150 |
|
pkg:deb/ubuntu/linux-buildinfo-4.15.0-1145-kvm?distro=bionic
|
< 4.15.0-1145.150 |
- ID
- USN-6396-2
- Severity
- high
- Severity from
- CVE-2023-40283
- URL
- https://ubuntu.com/security/notices/USN-6396-2
- Published
-
2023-10-05T12:39:36
(11 months ago) - Modified
-
2023-10-05T12:39:36
(11 months ago) - Other Advisories
-
-
ALAS-2023-1803
-
ALAS-2023-1827
-
ALAS2-2023-2195
-
ALAS2-2023-2206
-
ALAS2-2023-2268
-
ALPINE:CVE-2022-27672
-
ALPINE:CVE-2022-40982
-
ALSA-2023:7077
-
ALSA-2024:0897
-
DSA-5448-1
-
DSA-5474-1
-
DSA-5475-1
-
DSA-5480-1
-
DSA-5492-1
-
ELSA-2023-12255
-
ELSA-2023-12256
-
ELSA-2023-12722
-
ELSA-2023-12723
-
ELSA-2023-12724
-
ELSA-2023-12782
-
ELSA-2023-12785
-
ELSA-2023-12786
-
ELSA-2023-12788
-
ELSA-2023-12970
-
ELSA-2023-6583
-
ELSA-2023-7077
-
ELSA-2023-7423
-
ELSA-2024-0461
-
ELSA-2024-0897
-
ELSA-2024-12094
-
ELSA-2024-12169
-
FEDORA-2023-04473fc41e
-
FEDORA-2023-10d34be85a
-
FEDORA-2023-c69a2a8f8b
-
FEDORA-2023-d9509be489
-
FEDORA-2023-dad0295b25
-
FEDORA-2023-e1482687dd
-
FEDORA-2023-ee241dcf80
-
FEDORA-2023-fff31650c8
-
GLSA-202402-07
-
MS:CVE-2023-3212
-
MS:CVE-2023-3863
-
MS:CVE-2023-4128
-
RHSA-2023:6901
-
RHSA-2023:7077
-
RHSA-2023:7419
-
RHSA-2023:7423
-
RHSA-2023:7424
-
RHSA-2024:0881
-
RHSA-2024:0897
-
SSA:2023-172-02
-
SSA:2023-325-01
-
SUSE-SU-2023:0692-1
-
SUSE-SU-2023:2803-1
-
SUSE-SU-2023:2820-1
-
SUSE-SU-2023:2831-1
-
SUSE-SU-2023:2871-1
-
SUSE-SU-2023:2892-1
-
SUSE-SU-2023:3289-1
-
SUSE-SU-2023:3302-1
-
SUSE-SU-2023:3309-1
-
SUSE-SU-2023:3311-1
-
SUSE-SU-2023:3313-1
-
SUSE-SU-2023:3318-1
-
SUSE-SU-2023:3324-1
-
SUSE-SU-2023:3329-1
-
SUSE-SU-2023:3333-1
-
SUSE-SU-2023:3349-1
-
SUSE-SU-2023:3359-1
-
SUSE-SU-2023:3376-1
-
SUSE-SU-2023:3377-1
-
SUSE-SU-2023:3382-1
-
SUSE-SU-2023:3383-1
-
SUSE-SU-2023:3390-1
-
SUSE-SU-2023:3391-1
-
SUSE-SU-2023:3392-1
-
SUSE-SU-2023:3395-1
-
SUSE-SU-2023:3421-1
-
SUSE-SU-2023:3446-1
-
SUSE-SU-2023:3447-1
-
SUSE-SU-2023:3494-1
-
SUSE-SU-2023:3495-1
-
SUSE-SU-2023:3496-1
-
SUSE-SU-2023:3599-1
-
SUSE-SU-2023:3599-2
-
SUSE-SU-2023:3600-1
-
SUSE-SU-2023:3600-2
-
SUSE-SU-2023:3601-1
-
SUSE-SU-2023:3656-1
-
SUSE-SU-2023:3680-1
-
SUSE-SU-2023:3681-1
-
SUSE-SU-2023:3682-1
-
SUSE-SU-2023:3683-1
-
SUSE-SU-2023:3684-1
-
SUSE-SU-2023:3687-1
-
SUSE-SU-2023:3704-1
-
SUSE-SU-2023:3705-1
-
SUSE-SU-2023:3785-1
-
SUSE-SU-2023:3894-1
-
SUSE-SU-2023:3895-1
-
SUSE-SU-2023:3902-1
-
SUSE-SU-2023:3964-1
-
SUSE-SU-2023:3969-1
-
SUSE-SU-2023:3971-1
-
SUSE-SU-2023:3988-1
-
SUSE-SU-2023:4030-1
-
SUSE-SU-2023:4058-1
-
SUSE-SU-2023:4095-1
-
SUSE-SU-2023:4142-1
-
SUSE-SU-2023:4347-1
-
USN-5978-1
-
USN-6079-1
-
USN-6080-1
-
USN-6085-1
-
USN-6090-1
-
USN-6091-1
-
USN-6096-1
-
USN-6133-1
-
USN-6134-1
-
USN-6231-1
-
USN-6284-1
-
USN-6285-1
-
USN-6286-1
-
USN-6301-1
-
USN-6312-1
-
USN-6314-1
-
USN-6315-1
-
USN-6316-1
-
USN-6317-1
-
USN-6318-1
-
USN-6321-1
-
USN-6324-1
-
USN-6325-1
-
USN-6328-1
-
USN-6329-1
-
USN-6330-1
-
USN-6331-1
-
USN-6332-1
-
USN-6337-1
-
USN-6339-1
-
USN-6339-2
-
USN-6339-3
-
USN-6339-4
-
USN-6343-1
-
USN-6346-1
-
USN-6348-1
-
USN-6350-1
-
USN-6351-1
-
USN-6357-1
-
USN-6383-1
-
USN-6385-1
-
USN-6386-1
-
USN-6386-2
-
USN-6386-3
-
USN-6387-1
-
USN-6387-2
-
USN-6388-1
-
USN-6396-1
-
USN-6396-3
-
USN-6397-1
-
USN-6412-1
-
USN-6416-1
-
USN-6416-2
-
USN-6416-3
-
USN-6417-1
-
USN-6445-1
-
USN-6445-2
-
USN-6464-1
-
USN-6466-1
-
USN-6520-1
-
XSA-426
-
XSA-435
-
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:deb/ubuntu/linux-tools-kvm?distro=bionic | ubuntu |
linux-tools-kvm
|
< 4.15.0.1145.136 | bionic | ||
| Affected | pkg:deb/ubuntu/linux-tools-4.15.0-1145-kvm?distro=bionic | ubuntu |
linux-tools-4.15.0-1145-kvm
|
< 4.15.0-1145.150 | bionic | ||
| Affected | pkg:deb/ubuntu/linux-modules-4.15.0-1145-kvm?distro=bionic | ubuntu |
linux-modules-4.15.0-1145-kvm
|
< 4.15.0-1145.150 | bionic | ||
| Affected | pkg:deb/ubuntu/linux-kvm?distro=bionic | ubuntu |
linux-kvm
|
< 4.15.0.1145.136 | bionic | ||
| Affected | pkg:deb/ubuntu/linux-kvm-tools-4.15.0-1145?distro=bionic | ubuntu |
linux-kvm-tools-4.15.0-1145
|
< 4.15.0-1145.150 | bionic | ||
| Affected | pkg:deb/ubuntu/linux-kvm-headers-4.15.0-1145?distro=bionic | ubuntu |
linux-kvm-headers-4.15.0-1145
|
< 4.15.0-1145.150 | bionic | ||
| Affected | pkg:deb/ubuntu/linux-image-kvm?distro=bionic | ubuntu |
linux-image-kvm
|
< 4.15.0.1145.136 | bionic | ||
| Affected | pkg:deb/ubuntu/linux-image-4.15.0-1145-kvm?distro=bionic | ubuntu |
linux-image-4.15.0-1145-kvm
|
< 4.15.0-1145.150 | bionic | ||
| Affected | pkg:deb/ubuntu/linux-headers-kvm?distro=bionic | ubuntu |
linux-headers-kvm
|
< 4.15.0.1145.136 | bionic | ||
| Affected | pkg:deb/ubuntu/linux-headers-4.15.0-1145-kvm?distro=bionic | ubuntu |
linux-headers-4.15.0-1145-kvm
|
< 4.15.0-1145.150 | bionic | ||
| Affected | pkg:deb/ubuntu/linux-buildinfo-4.15.0-1145-kvm?distro=bionic | ubuntu |
linux-buildinfo-4.15.0-1145-kvm
|
< 4.15.0-1145.150 | bionic |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |