[USN-6416-3] Linux kernel (Raspberry Pi) vulnerabilities
Several security issues were fixed in the Linux kernel.
It was discovered that the IPv6 implementation in the Linux kernel
contained a high rate of hash collisions in connection lookup table. A
remote attacker could use this to cause a denial of service (excessive CPU
consumption). (CVE-2023-1206)
Daniel Trujillo, Johannes Wikner, and Kaveh Razavi discovered that some AMD
processors utilising speculative execution and branch prediction may allow
unauthorised memory reads via a speculative side-channel attack. A local
attacker could use this to expose sensitive information, including kernel
memory. (CVE-2023-20569)
It was discovered that the IPv6 RPL protocol implementation in the Linux
kernel did not properly handle user-supplied data. A remote attacker could
use this to cause a denial of service (system crash). (CVE-2023-2156)
Davide Ornaghi discovered that the DECnet network protocol implementation
in the Linux kernel contained a null pointer dereference vulnerability. A
remote attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. Please note that kernel support for the
DECnet has been removed to resolve this CVE. (CVE-2023-3338)
Chih-Yen Chang discovered that the KSMBD implementation in the Linux kernel
did not properly validate command payload size, leading to a out-of-bounds
read vulnerability. A remote attacker could possibly use this to cause a
denial of service (system crash). (CVE-2023-38432)
It was discovered that the NFC implementation in the Linux kernel contained
a use-after-free vulnerability when performing peer-to-peer communication
in certain conditions. A privileged attacker could use this to cause a
denial of service (system crash) or possibly expose sensitive information
(kernel memory). (CVE-2023-3863)
Laurence Wit discovered that the KSMBD implementation in the Linux kernel
did not properly validate a buffer size in certain situations, leading to
an out-of-bounds read vulnerability. A remote attacker could use this to
cause a denial of service (system crash) or possibly expose sensitive
information. (CVE-2023-3865)
Laurence Wit discovered that the KSMBD implementation in the Linux kernel
contained a null pointer dereference vulnerability when handling handling
chained requests. A remote attacker could use this to cause a denial of
service (system crash). (CVE-2023-3866)
It was discovered that the Siano USB MDTV receiver device driver in the
Linux kernel did not properly handle device initialization failures in
certain situations, leading to a use-after-free vulnerability. A physically
proximate attacker could use this cause a denial of service (system crash).
(CVE-2023-4132)
Andy Nguyen discovered that the KVM implementation for AMD processors in
the Linux kernel with Secure Encrypted Virtualization (SEV) contained a
race condition when accessing the GHCB page. A local attacker in a SEV
guest VM could possibly use this to cause a denial of service (host system
crash). (CVE-2023-4155)
It was discovered that the TUN/TAP driver in the Linux kernel did not
properly initialize socket data. A local attacker could use this to cause a
denial of service (system crash). (CVE-2023-4194)
Maxim Suhanov discovered that the exFAT file system implementation in the
Linux kernel did not properly check a file name length, leading to an out-
of-bounds write vulnerability. An attacker could use this to construct a
malicious exFAT image that, when mounted and operated on, could cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2023-4273)
Thelford Williams discovered that the Ceph file system messenger protocol
implementation in the Linux kernel did not properly validate frame segment
length in certain situation, leading to a buffer overflow vulnerability. A
remote attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2023-44466)
- ID
- USN-6416-3
- Severity
- critical
- Severity from
- CVE-2023-38432
- URL
- https://ubuntu.com/security/notices/USN-6416-3
- Published
-
2023-10-19T14:55:22
(11 months ago) - Modified
-
2023-10-19T14:55:22
(11 months ago) - Other Advisories
-
- ALAS-2023-1776
- ALAS2-2023-2108
- ALAS2-2023-2179
- ALPINE:CVE-2023-20569
- ALSA-2023:6595
- ALSA-2023:7077
- ALSA-2023:7109
- ALSA-2024:0113
- DSA-5448-1
- DSA-5453-1
- DSA-5475-1
- DSA-5480-1
- DSA-5492-1
- ELSA-2023-12712
- ELSA-2023-12713
- ELSA-2023-12714
- ELSA-2023-12715
- ELSA-2023-12874
- ELSA-2023-12910
- ELSA-2023-12911
- ELSA-2023-6583
- ELSA-2023-6595
- ELSA-2023-7077
- ELSA-2023-7109
- ELSA-2023-7749
- FEDORA-2023-04473fc41e
- FEDORA-2023-638681260a
- FEDORA-2023-d9509be489
- FEDORA-2023-ddfd3073b3
- FEDORA-2023-ee241dcf80
- FEDORA-2023-fff31650c8
- MS:CVE-2023-20569
- MS:CVE-2023-3863
- MS:CVE-2023-4132
- MS:CVE-2023-4194
- RHBA-2023:2977
- RHSA-2023:5069
- RHSA-2023:5244
- RHSA-2023:6595
- RHSA-2023:6901
- RHSA-2023:7077
- RHSA-2023:7109
- RHSA-2023:7513
- RHSA-2024:0113
- RHSA-2024:0134
- SSA:2023-172-02
- SSA:2023-325-01
- SUSE-SU-2023:2500-1
- SUSE-SU-2023:2502-1
- SUSE-SU-2023:2611-1
- SUSE-SU-2023:2646-1
- SUSE-SU-2023:2653-1
- SUSE-SU-2023:2782-1
- SUSE-SU-2023:2809-1
- SUSE-SU-2023:2871-1
- SUSE-SU-2023:3262-1
- SUSE-SU-2023:3298-1
- SUSE-SU-2023:3302-1
- SUSE-SU-2023:3309-1
- SUSE-SU-2023:3311-1
- SUSE-SU-2023:3313-1
- SUSE-SU-2023:3318-1
- SUSE-SU-2023:3324-1
- SUSE-SU-2023:3329-1
- SUSE-SU-2023:3349-1
- SUSE-SU-2023:3360-1
- SUSE-SU-2023:3361-1
- SUSE-SU-2023:3362-1
- SUSE-SU-2023:3376-1
- SUSE-SU-2023:3377-1
- SUSE-SU-2023:3389-1
- SUSE-SU-2023:3390-1
- SUSE-SU-2023:3391-1
- SUSE-SU-2023:3392-1
- SUSE-SU-2023:3395-1
- SUSE-SU-2023:3421-1
- SUSE-SU-2023:3446-1
- SUSE-SU-2023:3447-1
- SUSE-SU-2023:3494-1
- SUSE-SU-2023:3495-1
- SUSE-SU-2023:3496-1
- SUSE-SU-2023:3594-1
- SUSE-SU-2023:3595-1
- SUSE-SU-2023:3599-1
- SUSE-SU-2023:3599-2
- SUSE-SU-2023:3600-1
- SUSE-SU-2023:3600-2
- SUSE-SU-2023:3601-1
- SUSE-SU-2023:3607-1
- SUSE-SU-2023:3623-1
- SUSE-SU-2023:3627-1
- SUSE-SU-2023:3628-1
- SUSE-SU-2023:3630-1
- SUSE-SU-2023:3631-1
- SUSE-SU-2023:3632-1
- SUSE-SU-2023:3644-1
- SUSE-SU-2023:3647-1
- SUSE-SU-2023:3648-1
- SUSE-SU-2023:3653-1
- SUSE-SU-2023:3656-1
- SUSE-SU-2023:3657-1
- SUSE-SU-2023:3658-1
- SUSE-SU-2023:3659-1
- SUSE-SU-2023:3668-1
- SUSE-SU-2023:3671-1
- SUSE-SU-2023:3675-1
- SUSE-SU-2023:3676-1
- SUSE-SU-2023:3677-1
- SUSE-SU-2023:3680-1
- SUSE-SU-2023:3681-1
- SUSE-SU-2023:3682-1
- SUSE-SU-2023:3683-1
- SUSE-SU-2023:3684-1
- SUSE-SU-2023:3687-1
- SUSE-SU-2023:3704-1
- SUSE-SU-2023:3705-1
- SUSE-SU-2023:3772-1
- SUSE-SU-2023:3773-1
- SUSE-SU-2023:3783-1
- SUSE-SU-2023:3784-1
- SUSE-SU-2023:3785-1
- SUSE-SU-2023:3788-1
- SUSE-SU-2023:3806-1
- SUSE-SU-2023:3812-1
- SUSE-SU-2023:3844-1
- SUSE-SU-2023:3846-1
- SUSE-SU-2023:3889-1
- SUSE-SU-2023:3891-1
- SUSE-SU-2023:3892-1
- SUSE-SU-2023:3893-1
- SUSE-SU-2023:3912-1
- SUSE-SU-2023:3922-1
- SUSE-SU-2023:3923-1
- SUSE-SU-2023:3924-1
- SUSE-SU-2023:3928-1
- SUSE-SU-2023:3929-1
- SUSE-SU-2023:3964-1
- SUSE-SU-2023:3969-1
- SUSE-SU-2023:3971-1
- SUSE-SU-2023:3988-1
- SUSE-SU-2023:4030-1
- SUSE-SU-2023:4031-1
- SUSE-SU-2023:4032-1
- SUSE-SU-2023:4033-1
- SUSE-SU-2023:4035-1
- SUSE-SU-2023:4057-1
- SUSE-SU-2023:4058-1
- SUSE-SU-2023:4071-1
- SUSE-SU-2023:4072-1
- SUSE-SU-2023:4072-2
- SUSE-SU-2023:4093-1
- SUSE-SU-2023:4095-1
- SUSE-SU-2023:4142-1
- SUSE-SU-2023:4347-1
- SUSE-SU-2024:0112-1
- USN-6173-1
- USN-6285-1
- USN-6319-1
- USN-6343-1
- USN-6385-1
- USN-6388-1
- USN-6396-1
- USN-6396-2
- USN-6396-3
- USN-6412-1
- USN-6415-1
- USN-6416-1
- USN-6416-2
- USN-6417-1
- USN-6439-1
- USN-6439-2
- USN-6440-1
- USN-6440-2
- USN-6440-3
- USN-6445-1
- USN-6445-2
- USN-6460-1
- USN-6462-1
- USN-6462-2
- USN-6464-1
- USN-6466-1
- USN-6520-1
- USN-6701-1
- USN-6701-2
- USN-6701-3
- USN-6701-4
- XSA-434
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:deb/ubuntu/linux-tools-raspi?distro=jammy | ubuntu | linux-tools-raspi | < 5.15.0.1040.38 | jammy | ||
Affected | pkg:deb/ubuntu/linux-tools-raspi-nolpae?distro=jammy | ubuntu | linux-tools-raspi-nolpae | < 5.15.0.1040.38 | jammy | ||
Affected | pkg:deb/ubuntu/linux-tools-5.15.0-1040-raspi?distro=jammy | ubuntu | linux-tools-5.15.0-1040-raspi | < 5.15.0-1040.43 | jammy | ||
Affected | pkg:deb/ubuntu/linux-raspi?distro=jammy | ubuntu | linux-raspi | < 5.15.0.1040.38 | jammy | ||
Affected | pkg:deb/ubuntu/linux-raspi-tools-5.15.0-1040?distro=jammy | ubuntu | linux-raspi-tools-5.15.0-1040 | < 5.15.0-1040.43 | jammy | ||
Affected | pkg:deb/ubuntu/linux-raspi-nolpae?distro=jammy | ubuntu | linux-raspi-nolpae | < 5.15.0.1040.38 | jammy | ||
Affected | pkg:deb/ubuntu/linux-raspi-headers-5.15.0-1040?distro=jammy | ubuntu | linux-raspi-headers-5.15.0-1040 | < 5.15.0-1040.43 | jammy | ||
Affected | pkg:deb/ubuntu/linux-modules-extra-raspi?distro=jammy | ubuntu | linux-modules-extra-raspi | < 5.15.0.1040.38 | jammy | ||
Affected | pkg:deb/ubuntu/linux-modules-extra-raspi-nolpae?distro=jammy | ubuntu | linux-modules-extra-raspi-nolpae | < 5.15.0.1040.38 | jammy | ||
Affected | pkg:deb/ubuntu/linux-modules-extra-5.15.0-1040-raspi?distro=jammy | ubuntu | linux-modules-extra-5.15.0-1040-raspi | < 5.15.0-1040.43 | jammy | ||
Affected | pkg:deb/ubuntu/linux-modules-5.15.0-1040-raspi?distro=jammy | ubuntu | linux-modules-5.15.0-1040-raspi | < 5.15.0-1040.43 | jammy | ||
Affected | pkg:deb/ubuntu/linux-image-raspi?distro=jammy | ubuntu | linux-image-raspi | < 5.15.0.1040.38 | jammy | ||
Affected | pkg:deb/ubuntu/linux-image-raspi-nolpae?distro=jammy | ubuntu | linux-image-raspi-nolpae | < 5.15.0.1040.38 | jammy | ||
Affected | pkg:deb/ubuntu/linux-image-5.15.0-1040-raspi?distro=jammy | ubuntu | linux-image-5.15.0-1040-raspi | < 5.15.0-1040.43 | jammy | ||
Affected | pkg:deb/ubuntu/linux-headers-raspi?distro=jammy | ubuntu | linux-headers-raspi | < 5.15.0.1040.38 | jammy | ||
Affected | pkg:deb/ubuntu/linux-headers-raspi-nolpae?distro=jammy | ubuntu | linux-headers-raspi-nolpae | < 5.15.0.1040.38 | jammy | ||
Affected | pkg:deb/ubuntu/linux-headers-5.15.0-1040-raspi?distro=jammy | ubuntu | linux-headers-5.15.0-1040-raspi | < 5.15.0-1040.43 | jammy | ||
Affected | pkg:deb/ubuntu/linux-buildinfo-5.15.0-1040-raspi?distro=jammy | ubuntu | linux-buildinfo-5.15.0-1040-raspi | < 5.15.0-1040.43 | jammy |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |