[USN-6440-2] Linux kernel (Azure) vulnerabilities
Several security issues were fixed in the Linux kernel.
Seth Jenkins discovered that the Linux kernel did not properly perform
address randomization for a per-cpu memory management structure. A local
attacker could use this to expose sensitive information (kernel memory) or
in conjunction with another kernel vulnerability. (CVE-2023-0597)
It was discovered that the IPv6 implementation in the Linux kernel
contained a high rate of hash collisions in connection lookup table. A
remote attacker could use this to cause a denial of service (excessive CPU
consumption). (CVE-2023-1206)
Yu Hao and Weiteng Chen discovered that the Bluetooth HCI UART driver in
the Linux kernel contained a race condition, leading to a null pointer
dereference vulnerability. A local attacker could use this to cause a
denial of service (system crash). (CVE-2023-31083)
Ross Lagerwall discovered that the Xen netback backend driver in the Linux
kernel did not properly handle certain unusual packets from a
paravirtualized network frontend, leading to a buffer overflow. An attacker
in a guest VM could use this to cause a denial of service (host system
crash) or possibly execute arbitrary code. (CVE-2023-34319)
Lin Ma discovered that the Netlink Transformation (XFRM) subsystem in the
Linux kernel contained a null pointer dereference vulnerability in some
situations. A local privileged attacker could use this to cause a denial of
service (system crash). (CVE-2023-3772)
Kyle Zeng discovered that the networking stack implementation in the Linux
kernel did not properly validate skb object size in certain conditions. An
attacker could use this cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2023-42752)
Kyle Zeng discovered that the netfiler subsystem in the Linux kernel did
not properly calculate array offsets, leading to a out-of-bounds write
vulnerability. A local user could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2023-42753)
Kyle Zeng discovered that the IPv4 Resource Reservation Protocol (RSVP)
classifier implementation in the Linux kernel contained an out-of-bounds
read vulnerability. A local attacker could use this to cause a denial of
service (system crash). Please note that kernel packet classifier support
for RSVP has been removed to resolve this vulnerability. (CVE-2023-42755)
Bing-Jhong Billy Jheng discovered that the Unix domain socket
implementation in the Linux kernel contained a race condition in certain
situations, leading to a use-after-free vulnerability. A local attacker
could use this to cause a denial of service (system crash) or possibly
execute arbitrary code. (CVE-2023-4622)
Budimir Markovic discovered that the qdisc implementation in the Linux
kernel did not properly validate inner classes, leading to a use-after-free
vulnerability. A local user could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2023-4623)
Alex Birnberg discovered that the netfilter subsystem in the Linux kernel
did not properly validate register length, leading to an out-of- bounds
write vulnerability. A local attacker could possibly use this to cause a
denial of service (system crash). (CVE-2023-4881)
It was discovered that the Quick Fair Queueing scheduler implementation in
the Linux kernel did not properly handle network packets in certain
conditions, leading to a use after free vulnerability. A local attacker
could use this to cause a denial of service (system crash) or possibly
execute arbitrary code. (CVE-2023-4921)
- ID
- USN-6440-2
- Severity
- high
- Severity from
- CVE-2023-34319
- URL
- https://ubuntu.com/security/notices/USN-6440-2
- Published
-
2023-10-20T12:33:28
(11 months ago) - Modified
-
2023-10-20T12:33:28
(11 months ago) - Other Advisories
-
- ALAS-2023-1776
- ALAS-2023-1803
- ALAS-2023-1827
- ALAS-2023-1838
- ALAS2-2023-2108
- ALAS2-2023-2206
- ALAS2-2023-2264
- ALAS2-2023-2268
- ALSA-2023:7077
- ALSA-2024:0113
- ALSA-2024:0897
- ALSA-2024:3138
- DSA-5480-1
- DSA-5492-1
- ELSA-2023-12824
- ELSA-2023-12825
- ELSA-2023-12826
- ELSA-2023-12842
- ELSA-2023-12858
- ELSA-2023-12874
- ELSA-2023-12875
- ELSA-2023-12910
- ELSA-2023-12911
- ELSA-2023-12914
- ELSA-2023-12915
- ELSA-2023-13039
- ELSA-2023-13043
- ELSA-2023-6583
- ELSA-2023-7077
- ELSA-2024-0346
- ELSA-2024-0461
- ELSA-2024-0897
- ELSA-2024-12069
- ELSA-2024-12094
- ELSA-2024-12110
- ELSA-2024-12149
- ELSA-2024-12169
- ELSA-2024-12187
- ELSA-2024-1249
- ELSA-2024-12610
- ELSA-2024-12612
- ELSA-2024-1831
- ELSA-2024-2004
- ELSA-2024-2394
- ELSA-2024-3138
- FEDORA-2023-4006357f7e
- FEDORA-2023-638681260a
- FEDORA-2023-c9ab30c8e3
- FEDORA-2023-ddfd3073b3
- MS:CVE-2023-4622
- RHSA-2023:6901
- RHSA-2023:7077
- RHSA-2024:0089
- RHSA-2024:0113
- RHSA-2024:0134
- RHSA-2024:0340
- RHSA-2024:0346
- RHSA-2024:0347
- RHSA-2024:0371
- RHSA-2024:0876
- RHSA-2024:0881
- RHSA-2024:0897
- RHSA-2024:1249
- RHSA-2024:1323
- RHSA-2024:1332
- RHSA-2024:1960
- RHSA-2024:2003
- RHSA-2024:2004
- RHSA-2024:2950
- RHSA-2024:3138
- RLSA-2024:3138
- SSA:2023-325-01
- SUSE-SU-2023:0747-1
- SUSE-SU-2023:0749-1
- SUSE-SU-2023:0749-2
- SUSE-SU-2023:0762-1
- SUSE-SU-2023:0768-1
- SUSE-SU-2023:0770-1
- SUSE-SU-2023:0774-1
- SUSE-SU-2023:0778-1
- SUSE-SU-2023:0779-1
- SUSE-SU-2023:0780-1
- SUSE-SU-2023:0796-1
- SUSE-SU-2023:1608-1
- SUSE-SU-2023:1609-1
- SUSE-SU-2023:1710-1
- SUSE-SU-2023:2232-1
- SUSE-SU-2023:2646-1
- SUSE-SU-2023:2809-1
- SUSE-SU-2023:2871-1
- SUSE-SU-2023:3302-1
- SUSE-SU-2023:3311-1
- SUSE-SU-2023:3313-1
- SUSE-SU-2023:3318-1
- SUSE-SU-2023:3376-1
- SUSE-SU-2023:3377-1
- SUSE-SU-2023:3390-1
- SUSE-SU-2023:3392-1
- SUSE-SU-2023:3599-1
- SUSE-SU-2023:3599-2
- SUSE-SU-2023:3600-1
- SUSE-SU-2023:3600-2
- SUSE-SU-2023:3601-1
- SUSE-SU-2023:3656-1
- SUSE-SU-2023:3680-1
- SUSE-SU-2023:3681-1
- SUSE-SU-2023:3682-1
- SUSE-SU-2023:3683-1
- SUSE-SU-2023:3684-1
- SUSE-SU-2023:3687-1
- SUSE-SU-2023:3704-1
- SUSE-SU-2023:3705-1
- SUSE-SU-2023:3785-1
- SUSE-SU-2023:3964-1
- SUSE-SU-2023:3969-1
- SUSE-SU-2023:3971-1
- SUSE-SU-2023:3988-1
- SUSE-SU-2023:4028-1
- SUSE-SU-2023:4030-1
- SUSE-SU-2023:4031-1
- SUSE-SU-2023:4032-1
- SUSE-SU-2023:4033-1
- SUSE-SU-2023:4035-1
- SUSE-SU-2023:4057-1
- SUSE-SU-2023:4058-1
- SUSE-SU-2023:4071-1
- SUSE-SU-2023:4072-1
- SUSE-SU-2023:4072-2
- SUSE-SU-2023:4093-1
- SUSE-SU-2023:4095-1
- SUSE-SU-2023:4142-1
- SUSE-SU-2023:4164-1
- SUSE-SU-2023:4165-1
- SUSE-SU-2023:4166-1
- SUSE-SU-2023:4175-1
- SUSE-SU-2023:4201-1
- SUSE-SU-2023:4204-1
- SUSE-SU-2023:4208-1
- SUSE-SU-2023:4219-1
- SUSE-SU-2023:4239-1
- SUSE-SU-2023:4243-1
- SUSE-SU-2023:4244-1
- SUSE-SU-2023:4245-1
- SUSE-SU-2023:4260-1
- SUSE-SU-2023:4261-1
- SUSE-SU-2023:4267-1
- SUSE-SU-2023:4273-1
- SUSE-SU-2023:4278-1
- SUSE-SU-2023:4279-1
- SUSE-SU-2023:4280-1
- SUSE-SU-2023:4285-1
- SUSE-SU-2023:4300-1
- SUSE-SU-2023:4301-1
- SUSE-SU-2023:4308-1
- SUSE-SU-2023:4313-1
- SUSE-SU-2023:4321-1
- SUSE-SU-2023:4322-1
- SUSE-SU-2023:4325-1
- SUSE-SU-2023:4326-1
- SUSE-SU-2023:4328-1
- SUSE-SU-2023:4347-1
- SUSE-SU-2023:4733-1
- SUSE-SU-2023:4735-1
- SUSE-SU-2023:4766-1
- SUSE-SU-2023:4775-1
- SUSE-SU-2023:4783-1
- SUSE-SU-2023:4784-1
- SUSE-SU-2023:4795-1
- SUSE-SU-2023:4796-1
- SUSE-SU-2023:4799-1
- SUSE-SU-2023:4801-1
- SUSE-SU-2023:4802-1
- SUSE-SU-2023:4805-1
- SUSE-SU-2023:4811-1
- SUSE-SU-2023:4817-1
- SUSE-SU-2023:4820-1
- SUSE-SU-2023:4822-1
- SUSE-SU-2023:4831-1
- SUSE-SU-2023:4833-1
- SUSE-SU-2023:4836-1
- SUSE-SU-2023:4841-1
- SUSE-SU-2023:4847-1
- SUSE-SU-2023:4848-1
- SUSE-SU-2023:4849-1
- SUSE-SU-2023:4862-1
- SUSE-SU-2023:4863-1
- SUSE-SU-2023:4866-1
- SUSE-SU-2023:4871-1
- SUSE-SU-2023:4872-1
- SUSE-SU-2023:4882-1
- SUSE-SU-2023:4883-1
- SUSE-SU-2024:0112-1
- SUSE-SU-2024:0469-1
- SUSE-SU-2024:0474-1
- SUSE-SU-2024:0478-1
- SUSE-SU-2024:0514-1
- SUSE-SU-2024:0515-1
- SUSE-SU-2024:0516-1
- SUSE-SU-2024:0622-1
- SUSE-SU-2024:0624-1
- SUSE-SU-2024:0655-1
- SUSE-SU-2024:0666-1
- SUSE-SU-2024:0685-1
- SUSE-SU-2024:0698-1
- SUSE-SU-2024:0727-1
- SUSE-SU-2024:1181-1
- SUSE-SU-2024:1183-1
- SUSE-SU-2024:1236-1
- SUSE-SU-2024:1246-1
- SUSE-SU-2024:1249-1
- SUSE-SU-2024:1251-1
- SUSE-SU-2024:1252-1
- SUSE-SU-2024:1257-1
- SUSE-SU-2024:1288-1
- SUSE-SU-2024:1299-1
- SUSE-SU-2024:1312-1
- SUSE-SU-2024:1322-1
- SUSE-SU-2024:1466-1
- SUSE-SU-2024:1480-1
- SUSE-SU-2024:1490-1
- SUSE-SU-2024:1641-1
- SUSE-SU-2024:1643-1
- SUSE-SU-2024:1669-1
- SUSE-SU-2024:1979-1
- SUSE-SU-2024:1983-1
- SUSE-SU-2024:2008-1
- SUSE-SU-2024:2019-1
- SUSE-SU-2024:2184-1
- SUSE-SU-2024:2190-1
- USN-6206-1
- USN-6235-1
- USN-6300-1
- USN-6311-1
- USN-6332-1
- USN-6343-1
- USN-6347-1
- USN-6385-1
- USN-6412-1
- USN-6415-1
- USN-6416-1
- USN-6416-2
- USN-6416-3
- USN-6417-1
- USN-6439-1
- USN-6439-2
- USN-6440-1
- USN-6440-3
- USN-6441-1
- USN-6441-2
- USN-6441-3
- USN-6442-1
- USN-6443-1
- USN-6444-1
- USN-6444-2
- USN-6445-1
- USN-6445-2
- USN-6446-1
- USN-6446-2
- USN-6446-3
- USN-6454-1
- USN-6454-2
- USN-6454-3
- USN-6454-4
- USN-6460-1
- USN-6461-1
- USN-6462-1
- USN-6462-2
- USN-6464-1
- USN-6465-1
- USN-6465-2
- USN-6465-3
- USN-6466-1
- USN-6479-1
- USN-6516-1
- USN-6520-1
- USN-6699-1
- XSA-432
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:deb/ubuntu/linux-tools-azure?distro=trusty | ubuntu | linux-tools-azure | < 4.15.0.1171.137 | trusty | ||
Affected | pkg:deb/ubuntu/linux-tools-4.15.0-1171-azure?distro=trusty | ubuntu | linux-tools-4.15.0-1171-azure | < 4.15.0-1171.186~14.04.1 | trusty | ||
Affected | pkg:deb/ubuntu/linux-signed-image-azure?distro=trusty | ubuntu | linux-signed-image-azure | < 4.15.0.1171.137 | trusty | ||
Affected | pkg:deb/ubuntu/linux-signed-azure?distro=trusty | ubuntu | linux-signed-azure | < 4.15.0.1171.137 | trusty | ||
Affected | pkg:deb/ubuntu/linux-modules-extra-azure?distro=trusty | ubuntu | linux-modules-extra-azure | < 4.15.0.1171.137 | trusty | ||
Affected | pkg:deb/ubuntu/linux-modules-extra-4.15.0-1171-azure?distro=trusty | ubuntu | linux-modules-extra-4.15.0-1171-azure | < 4.15.0-1171.186~14.04.1 | trusty | ||
Affected | pkg:deb/ubuntu/linux-modules-4.15.0-1171-azure?distro=trusty | ubuntu | linux-modules-4.15.0-1171-azure | < 4.15.0-1171.186~14.04.1 | trusty | ||
Affected | pkg:deb/ubuntu/linux-image-unsigned-4.15.0-1171-azure?distro=trusty | ubuntu | linux-image-unsigned-4.15.0-1171-azure | < 4.15.0-1171.186~14.04.1 | trusty | ||
Affected | pkg:deb/ubuntu/linux-image-azure?distro=trusty | ubuntu | linux-image-azure | < 4.15.0.1171.137 | trusty | ||
Affected | pkg:deb/ubuntu/linux-image-4.15.0-1171-azure?distro=trusty | ubuntu | linux-image-4.15.0-1171-azure | < 4.15.0-1171.186~14.04.1 | trusty | ||
Affected | pkg:deb/ubuntu/linux-headers-azure?distro=trusty | ubuntu | linux-headers-azure | < 4.15.0.1171.137 | trusty | ||
Affected | pkg:deb/ubuntu/linux-headers-4.15.0-1171-azure?distro=trusty | ubuntu | linux-headers-4.15.0-1171-azure | < 4.15.0-1171.186~14.04.1 | trusty | ||
Affected | pkg:deb/ubuntu/linux-cloud-tools-azure?distro=trusty | ubuntu | linux-cloud-tools-azure | < 4.15.0.1171.137 | trusty | ||
Affected | pkg:deb/ubuntu/linux-cloud-tools-4.15.0-1171-azure?distro=trusty | ubuntu | linux-cloud-tools-4.15.0-1171-azure | < 4.15.0-1171.186~14.04.1 | trusty | ||
Affected | pkg:deb/ubuntu/linux-buildinfo-4.15.0-1171-azure?distro=trusty | ubuntu | linux-buildinfo-4.15.0-1171-azure | < 4.15.0-1171.186~14.04.1 | trusty | ||
Affected | pkg:deb/ubuntu/linux-azure?distro=trusty | ubuntu | linux-azure | < 4.15.0.1171.137 | trusty | ||
Affected | pkg:deb/ubuntu/linux-azure-tools-4.15.0-1171?distro=trusty | ubuntu | linux-azure-tools-4.15.0-1171 | < 4.15.0-1171.186~14.04.1 | trusty | ||
Affected | pkg:deb/ubuntu/linux-azure-headers-4.15.0-1171?distro=trusty | ubuntu | linux-azure-headers-4.15.0-1171 | < 4.15.0-1171.186~14.04.1 | trusty | ||
Affected | pkg:deb/ubuntu/linux-azure-cloud-tools-4.15.0-1171?distro=trusty | ubuntu | linux-azure-cloud-tools-4.15.0-1171 | < 4.15.0-1171.186~14.04.1 | trusty |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |