1. Home
  2. Security Advisories
  3. Ubuntu
  4. USN-6441-2

[USN-6441-2] Linux kernel (GCP) vulnerabilities

Severity High
Affected Packages 19
CVEs 9
Info Packages Vulnerabilities

Several security issues were fixed in the Linux kernel.

Ross Lagerwall discovered that the Xen netback backend driver in the Linux
kernel did not properly handle certain unusual packets from a
paravirtualized network frontend, leading to a buffer overflow. An attacker
in a guest VM could use this to cause a denial of service (host system
crash) or possibly execute arbitrary code. (CVE-2023-34319)

Kyle Zeng discovered that the networking stack implementation in the Linux
kernel did not properly validate skb object size in certain conditions. An
attacker could use this cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2023-42752)

Kyle Zeng discovered that the netfiler subsystem in the Linux kernel did
not properly calculate array offsets, leading to a out-of-bounds write
vulnerability. A local user could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2023-42753)

Kyle Zeng discovered that the IPv4 Resource Reservation Protocol (RSVP)
classifier implementation in the Linux kernel contained an out-of-bounds
read vulnerability. A local attacker could use this to cause a denial of
service (system crash). Please note that kernel packet classifier support
for RSVP has been removed to resolve this vulnerability. (CVE-2023-42755)

Kyle Zeng discovered that the netfilter subsystem in the Linux kernel
contained a race condition in IP set operations in certain situations. A
local attacker could use this to cause a denial of service (system crash).
(CVE-2023-42756)

Bing-Jhong Billy Jheng discovered that the Unix domain socket
implementation in the Linux kernel contained a race condition in certain
situations, leading to a use-after-free vulnerability. A local attacker
could use this to cause a denial of service (system crash) or possibly
execute arbitrary code. (CVE-2023-4622)

Budimir Markovic discovered that the qdisc implementation in the Linux
kernel did not properly validate inner classes, leading to a use-after-free
vulnerability. A local user could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2023-4623)

Alex Birnberg discovered that the netfilter subsystem in the Linux kernel
did not properly validate register length, leading to an out-of- bounds
write vulnerability. A local attacker could possibly use this to cause a
denial of service (system crash). (CVE-2023-4881)

It was discovered that the Quick Fair Queueing scheduler implementation in
the Linux kernel did not properly handle network packets in certain
conditions, leading to a use after free vulnerability. A local attacker
could use this to cause a denial of service (system crash) or possibly
execute arbitrary code. (CVE-2023-4921)

Package Affected Version
pkg:deb/ubuntu/linux-tools-gcp?distro=bionic < 5.4.0.1116.92
pkg:deb/ubuntu/linux-tools-gcp-edge?distro=bionic < 5.4.0.1116.92
pkg:deb/ubuntu/linux-tools-5.4.0-1116-gcp?distro=bionic < 5.4.0-1116.125~18.04.1
pkg:deb/ubuntu/linux-modules-extra-gcp?distro=bionic < 5.4.0.1116.92
pkg:deb/ubuntu/linux-modules-extra-gcp-edge?distro=bionic < 5.4.0.1116.92
pkg:deb/ubuntu/linux-modules-extra-5.4.0-1116-gcp?distro=bionic < 5.4.0-1116.125~18.04.1
pkg:deb/ubuntu/linux-modules-5.4.0-1116-gcp?distro=bionic < 5.4.0-1116.125~18.04.1
pkg:deb/ubuntu/linux-image-unsigned-5.4.0-1116-gcp?distro=bionic < 5.4.0-1116.125~18.04.1
pkg:deb/ubuntu/linux-image-gcp?distro=bionic < 5.4.0.1116.92
pkg:deb/ubuntu/linux-image-gcp-edge?distro=bionic < 5.4.0.1116.92
pkg:deb/ubuntu/linux-image-5.4.0-1116-gcp?distro=bionic < 5.4.0-1116.125~18.04.1
pkg:deb/ubuntu/linux-headers-gcp?distro=bionic < 5.4.0.1116.92
pkg:deb/ubuntu/linux-headers-gcp-edge?distro=bionic < 5.4.0.1116.92
pkg:deb/ubuntu/linux-headers-5.4.0-1116-gcp?distro=bionic < 5.4.0-1116.125~18.04.1
pkg:deb/ubuntu/linux-gcp?distro=bionic < 5.4.0.1116.92
pkg:deb/ubuntu/linux-gcp-edge?distro=bionic < 5.4.0.1116.92
pkg:deb/ubuntu/linux-gcp-5.4-tools-5.4.0-1116?distro=bionic < 5.4.0-1116.125~18.04.1
pkg:deb/ubuntu/linux-gcp-5.4-headers-5.4.0-1116?distro=bionic < 5.4.0-1116.125~18.04.1
pkg:deb/ubuntu/linux-buildinfo-5.4.0-1116-gcp?distro=bionic < 5.4.0-1116.125~18.04.1
ID
USN-6441-2
Severity
high
Severity from
CVE-2023-34319
URL
https://ubuntu.com/security/notices/USN-6441-2
Published
2023-10-23T18:07:08
(10 months ago)
Modified
2023-10-23T18:07:08
(10 months ago)
Other Advisories
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:deb/ubuntu/linux-tools-gcp?distro=bionic ubuntu linux-tools-gcp < 5.4.0.1116.92 bionic
Affected pkg:deb/ubuntu/linux-tools-gcp-edge?distro=bionic ubuntu linux-tools-gcp-edge < 5.4.0.1116.92 bionic
Affected pkg:deb/ubuntu/linux-tools-5.4.0-1116-gcp?distro=bionic ubuntu linux-tools-5.4.0-1116-gcp < 5.4.0-1116.125~18.04.1 bionic
Affected pkg:deb/ubuntu/linux-modules-extra-gcp?distro=bionic ubuntu linux-modules-extra-gcp < 5.4.0.1116.92 bionic
Affected pkg:deb/ubuntu/linux-modules-extra-gcp-edge?distro=bionic ubuntu linux-modules-extra-gcp-edge < 5.4.0.1116.92 bionic
Affected pkg:deb/ubuntu/linux-modules-extra-5.4.0-1116-gcp?distro=bionic ubuntu linux-modules-extra-5.4.0-1116-gcp < 5.4.0-1116.125~18.04.1 bionic
Affected pkg:deb/ubuntu/linux-modules-5.4.0-1116-gcp?distro=bionic ubuntu linux-modules-5.4.0-1116-gcp < 5.4.0-1116.125~18.04.1 bionic
Affected pkg:deb/ubuntu/linux-image-unsigned-5.4.0-1116-gcp?distro=bionic ubuntu linux-image-unsigned-5.4.0-1116-gcp < 5.4.0-1116.125~18.04.1 bionic
Affected pkg:deb/ubuntu/linux-image-gcp?distro=bionic ubuntu linux-image-gcp < 5.4.0.1116.92 bionic
Affected pkg:deb/ubuntu/linux-image-gcp-edge?distro=bionic ubuntu linux-image-gcp-edge < 5.4.0.1116.92 bionic
Affected pkg:deb/ubuntu/linux-image-5.4.0-1116-gcp?distro=bionic ubuntu linux-image-5.4.0-1116-gcp < 5.4.0-1116.125~18.04.1 bionic
Affected pkg:deb/ubuntu/linux-headers-gcp?distro=bionic ubuntu linux-headers-gcp < 5.4.0.1116.92 bionic
Affected pkg:deb/ubuntu/linux-headers-gcp-edge?distro=bionic ubuntu linux-headers-gcp-edge < 5.4.0.1116.92 bionic
Affected pkg:deb/ubuntu/linux-headers-5.4.0-1116-gcp?distro=bionic ubuntu linux-headers-5.4.0-1116-gcp < 5.4.0-1116.125~18.04.1 bionic
Affected pkg:deb/ubuntu/linux-gcp?distro=bionic ubuntu linux-gcp < 5.4.0.1116.92 bionic
Affected pkg:deb/ubuntu/linux-gcp-edge?distro=bionic ubuntu linux-gcp-edge < 5.4.0.1116.92 bionic
Affected pkg:deb/ubuntu/linux-gcp-5.4-tools-5.4.0-1116?distro=bionic ubuntu linux-gcp-5.4-tools-5.4.0-1116 < 5.4.0-1116.125~18.04.1 bionic
Affected pkg:deb/ubuntu/linux-gcp-5.4-headers-5.4.0-1116?distro=bionic ubuntu linux-gcp-5.4-headers-5.4.0-1116 < 5.4.0-1116.125~18.04.1 bionic
Affected pkg:deb/ubuntu/linux-buildinfo-5.4.0-1116-gcp?distro=bionic ubuntu linux-buildinfo-5.4.0-1116-gcp < 5.4.0-1116.125~18.04.1 bionic
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date