[USN-6462-2] Linux kernel (IoT) vulnerabilities
Several security issues were fixed in the Linux kernel.
Seth Jenkins discovered that the Linux kernel did not properly perform
address randomization for a per-cpu memory management structure. A local
attacker could use this to expose sensitive information (kernel memory) or
in conjunction with another kernel vulnerability. (CVE-2023-0597)
Yu Hao and Weiteng Chen discovered that the Bluetooth HCI UART driver in
the Linux kernel contained a race condition, leading to a null pointer
dereference vulnerability. A local attacker could use this to cause a
denial of service (system crash). (CVE-2023-31083)
Lin Ma discovered that the Netlink Transformation (XFRM) subsystem in the
Linux kernel contained a null pointer dereference vulnerability in some
situations. A local privileged attacker could use this to cause a denial of
service (system crash). (CVE-2023-3772)
It was discovered that the Siano USB MDTV receiver device driver in the
Linux kernel did not properly handle device initialization failures in
certain situations, leading to a use-after-free vulnerability. A physically
proximate attacker could use this cause a denial of service (system crash).
(CVE-2023-4132)
Package | Affected Version |
---|---|
pkg:deb/ubuntu/linux-tools-iot?distro=focal | < 5.4.0.1025.23 |
pkg:deb/ubuntu/linux-tools-5.4.0-1025-iot?distro=focal | < 5.4.0-1025.26 |
pkg:deb/ubuntu/linux-modules-5.4.0-1025-iot?distro=focal | < 5.4.0-1025.26 |
pkg:deb/ubuntu/linux-iot?distro=focal | < 5.4.0.1025.23 |
pkg:deb/ubuntu/linux-iot-tools-common?distro=focal | < 5.4.0-1025.26 |
pkg:deb/ubuntu/linux-iot-tools-5.4.0-1025?distro=focal | < 5.4.0-1025.26 |
pkg:deb/ubuntu/linux-iot-headers-5.4.0-1025?distro=focal | < 5.4.0-1025.26 |
pkg:deb/ubuntu/linux-image-unsigned-5.4.0-1025-iot?distro=focal | < 5.4.0-1025.26 |
pkg:deb/ubuntu/linux-image-iot?distro=focal | < 5.4.0.1025.23 |
pkg:deb/ubuntu/linux-image-5.4.0-1025-iot?distro=focal | < 5.4.0-1025.26 |
pkg:deb/ubuntu/linux-headers-iot?distro=focal | < 5.4.0.1025.23 |
pkg:deb/ubuntu/linux-headers-5.4.0-1025-iot?distro=focal | < 5.4.0-1025.26 |
pkg:deb/ubuntu/linux-buildinfo-5.4.0-1025-iot?distro=focal | < 5.4.0-1025.26 |
- ID
- USN-6462-2
- Severity
- medium
- Severity from
- CVE-2023-0597
- URL
- https://ubuntu.com/security/notices/USN-6462-2
- Published
-
2023-11-10T10:16:47
(10 months ago) - Modified
-
2023-11-10T10:16:47
(10 months ago) - Other Advisories
-
- ALAS-2023-1838
- ALAS2-2023-2264
- ALSA-2023:7077
- ALSA-2024:3138
- DSA-5480-1
- DSA-5492-1
- ELSA-2023-12842
- ELSA-2023-6583
- ELSA-2023-7077
- ELSA-2024-2394
- ELSA-2024-3138
- FEDORA-2023-4006357f7e
- FEDORA-2023-c9ab30c8e3
- MS:CVE-2023-4132
- RHSA-2023:6901
- RHSA-2023:7077
- RHSA-2024:2950
- RHSA-2024:3138
- RLSA-2024:3138
- SSA:2023-325-01
- SUSE-SU-2023:0747-1
- SUSE-SU-2023:0749-1
- SUSE-SU-2023:0749-2
- SUSE-SU-2023:0762-1
- SUSE-SU-2023:0768-1
- SUSE-SU-2023:0770-1
- SUSE-SU-2023:0774-1
- SUSE-SU-2023:0778-1
- SUSE-SU-2023:0779-1
- SUSE-SU-2023:0780-1
- SUSE-SU-2023:0796-1
- SUSE-SU-2023:1608-1
- SUSE-SU-2023:1609-1
- SUSE-SU-2023:1710-1
- SUSE-SU-2023:2232-1
- SUSE-SU-2023:2646-1
- SUSE-SU-2023:2809-1
- SUSE-SU-2023:2871-1
- SUSE-SU-2023:3302-1
- SUSE-SU-2023:3311-1
- SUSE-SU-2023:3313-1
- SUSE-SU-2023:3318-1
- SUSE-SU-2023:3376-1
- SUSE-SU-2023:3377-1
- SUSE-SU-2023:3599-1
- SUSE-SU-2023:3599-2
- SUSE-SU-2023:3600-1
- SUSE-SU-2023:3600-2
- SUSE-SU-2023:3601-1
- SUSE-SU-2023:3656-1
- SUSE-SU-2023:3680-1
- SUSE-SU-2023:3681-1
- SUSE-SU-2023:3682-1
- SUSE-SU-2023:3683-1
- SUSE-SU-2023:3684-1
- SUSE-SU-2023:3687-1
- SUSE-SU-2023:3704-1
- SUSE-SU-2023:3705-1
- SUSE-SU-2023:3785-1
- SUSE-SU-2023:3964-1
- SUSE-SU-2023:3969-1
- SUSE-SU-2023:3971-1
- SUSE-SU-2023:3988-1
- SUSE-SU-2023:4028-1
- SUSE-SU-2023:4733-1
- SUSE-SU-2023:4735-1
- SUSE-SU-2023:4783-1
- SUSE-SU-2023:4784-1
- SUSE-SU-2023:4811-1
- SUSE-SU-2023:4882-1
- SUSE-SU-2023:4883-1
- SUSE-SU-2024:1669-1
- USN-6206-1
- USN-6235-1
- USN-6300-1
- USN-6311-1
- USN-6332-1
- USN-6347-1
- USN-6415-1
- USN-6416-1
- USN-6416-2
- USN-6416-3
- USN-6439-1
- USN-6439-2
- USN-6440-1
- USN-6440-2
- USN-6440-3
- USN-6445-1
- USN-6445-2
- USN-6462-1
- USN-6464-1
- USN-6465-1
- USN-6465-2
- USN-6465-3
- USN-6466-1
- USN-6516-1
- USN-6520-1
- USN-6701-1
- USN-6701-2
- USN-6701-3
- USN-6701-4
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:deb/ubuntu/linux-tools-iot?distro=focal | ubuntu | linux-tools-iot | < 5.4.0.1025.23 | focal | ||
Affected | pkg:deb/ubuntu/linux-tools-5.4.0-1025-iot?distro=focal | ubuntu | linux-tools-5.4.0-1025-iot | < 5.4.0-1025.26 | focal | ||
Affected | pkg:deb/ubuntu/linux-modules-5.4.0-1025-iot?distro=focal | ubuntu | linux-modules-5.4.0-1025-iot | < 5.4.0-1025.26 | focal | ||
Affected | pkg:deb/ubuntu/linux-iot?distro=focal | ubuntu | linux-iot | < 5.4.0.1025.23 | focal | ||
Affected | pkg:deb/ubuntu/linux-iot-tools-common?distro=focal | ubuntu | linux-iot-tools-common | < 5.4.0-1025.26 | focal | ||
Affected | pkg:deb/ubuntu/linux-iot-tools-5.4.0-1025?distro=focal | ubuntu | linux-iot-tools-5.4.0-1025 | < 5.4.0-1025.26 | focal | ||
Affected | pkg:deb/ubuntu/linux-iot-headers-5.4.0-1025?distro=focal | ubuntu | linux-iot-headers-5.4.0-1025 | < 5.4.0-1025.26 | focal | ||
Affected | pkg:deb/ubuntu/linux-image-unsigned-5.4.0-1025-iot?distro=focal | ubuntu | linux-image-unsigned-5.4.0-1025-iot | < 5.4.0-1025.26 | focal | ||
Affected | pkg:deb/ubuntu/linux-image-iot?distro=focal | ubuntu | linux-image-iot | < 5.4.0.1025.23 | focal | ||
Affected | pkg:deb/ubuntu/linux-image-5.4.0-1025-iot?distro=focal | ubuntu | linux-image-5.4.0-1025-iot | < 5.4.0-1025.26 | focal | ||
Affected | pkg:deb/ubuntu/linux-headers-iot?distro=focal | ubuntu | linux-headers-iot | < 5.4.0.1025.23 | focal | ||
Affected | pkg:deb/ubuntu/linux-headers-5.4.0-1025-iot?distro=focal | ubuntu | linux-headers-5.4.0-1025-iot | < 5.4.0-1025.26 | focal | ||
Affected | pkg:deb/ubuntu/linux-buildinfo-5.4.0-1025-iot?distro=focal | ubuntu | linux-buildinfo-5.4.0-1025-iot | < 5.4.0-1025.26 | focal |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |