1. Home
  2. Security Advisories
  3. Ubuntu
  4. USN-6577-1

[USN-6577-1] Linux kernel (AWS) vulnerabilities

Severity Medium
Affected Packages 15
CVEs 2
Info Packages Vulnerabilities

Several security issues were fixed in the Linux kernel.

Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii
Oleksenko discovered that some AMD processors could leak stale data from
division operations in certain situations. A local attacker could possibly
use this to expose sensitive information. (CVE-2023-20588)

It was discovered that a race condition existed in the Linux kernel when
performing operations with kernel objects, leading to an out-of-bounds
write. A local attacker could use this to cause a denial of service (system
crash) or execute arbitrary code. (CVE-2023-45863)

Package Affected Version
pkg:deb/ubuntu/linux-tools-aws?distro=xenial < 4.4.0.1164.168
pkg:deb/ubuntu/linux-tools-4.4.0-1164-aws?distro=xenial < 4.4.0-1164.179
pkg:deb/ubuntu/linux-modules-extra-aws?distro=xenial < 4.4.0.1164.168
pkg:deb/ubuntu/linux-modules-extra-4.4.0-1164-aws?distro=xenial < 4.4.0-1164.179
pkg:deb/ubuntu/linux-modules-4.4.0-1164-aws?distro=xenial < 4.4.0-1164.179
pkg:deb/ubuntu/linux-image-aws?distro=xenial < 4.4.0.1164.168
pkg:deb/ubuntu/linux-image-4.4.0-1164-aws?distro=xenial < 4.4.0-1164.179
pkg:deb/ubuntu/linux-headers-aws?distro=xenial < 4.4.0.1164.168
pkg:deb/ubuntu/linux-headers-4.4.0-1164-aws?distro=xenial < 4.4.0-1164.179
pkg:deb/ubuntu/linux-cloud-tools-4.4.0-1164-aws?distro=xenial < 4.4.0-1164.179
pkg:deb/ubuntu/linux-buildinfo-4.4.0-1164-aws?distro=xenial < 4.4.0-1164.179
pkg:deb/ubuntu/linux-aws?distro=xenial < 4.4.0.1164.168
pkg:deb/ubuntu/linux-aws-tools-4.4.0-1164?distro=xenial < 4.4.0-1164.179
pkg:deb/ubuntu/linux-aws-headers-4.4.0-1164?distro=xenial < 4.4.0-1164.179
pkg:deb/ubuntu/linux-aws-cloud-tools-4.4.0-1164?distro=xenial < 4.4.0-1164.179
ID
USN-6577-1
Severity
medium
Severity from
CVE-2023-45863
URL
https://ubuntu.com/security/notices/USN-6577-1
Published
2024-01-10T22:36:53
(8 months ago)
Modified
2024-01-10T22:36:53
(8 months ago)
Other Advisories
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:deb/ubuntu/linux-tools-aws?distro=xenial ubuntu linux-tools-aws < 4.4.0.1164.168 xenial
Affected pkg:deb/ubuntu/linux-tools-4.4.0-1164-aws?distro=xenial ubuntu linux-tools-4.4.0-1164-aws < 4.4.0-1164.179 xenial
Affected pkg:deb/ubuntu/linux-modules-extra-aws?distro=xenial ubuntu linux-modules-extra-aws < 4.4.0.1164.168 xenial
Affected pkg:deb/ubuntu/linux-modules-extra-4.4.0-1164-aws?distro=xenial ubuntu linux-modules-extra-4.4.0-1164-aws < 4.4.0-1164.179 xenial
Affected pkg:deb/ubuntu/linux-modules-4.4.0-1164-aws?distro=xenial ubuntu linux-modules-4.4.0-1164-aws < 4.4.0-1164.179 xenial
Affected pkg:deb/ubuntu/linux-image-aws?distro=xenial ubuntu linux-image-aws < 4.4.0.1164.168 xenial
Affected pkg:deb/ubuntu/linux-image-4.4.0-1164-aws?distro=xenial ubuntu linux-image-4.4.0-1164-aws < 4.4.0-1164.179 xenial
Affected pkg:deb/ubuntu/linux-headers-aws?distro=xenial ubuntu linux-headers-aws < 4.4.0.1164.168 xenial
Affected pkg:deb/ubuntu/linux-headers-4.4.0-1164-aws?distro=xenial ubuntu linux-headers-4.4.0-1164-aws < 4.4.0-1164.179 xenial
Affected pkg:deb/ubuntu/linux-cloud-tools-4.4.0-1164-aws?distro=xenial ubuntu linux-cloud-tools-4.4.0-1164-aws < 4.4.0-1164.179 xenial
Affected pkg:deb/ubuntu/linux-buildinfo-4.4.0-1164-aws?distro=xenial ubuntu linux-buildinfo-4.4.0-1164-aws < 4.4.0-1164.179 xenial
Affected pkg:deb/ubuntu/linux-aws?distro=xenial ubuntu linux-aws < 4.4.0.1164.168 xenial
Affected pkg:deb/ubuntu/linux-aws-tools-4.4.0-1164?distro=xenial ubuntu linux-aws-tools-4.4.0-1164 < 4.4.0-1164.179 xenial
Affected pkg:deb/ubuntu/linux-aws-headers-4.4.0-1164?distro=xenial ubuntu linux-aws-headers-4.4.0-1164 < 4.4.0-1164.179 xenial
Affected pkg:deb/ubuntu/linux-aws-cloud-tools-4.4.0-1164?distro=xenial ubuntu linux-aws-cloud-tools-4.4.0-1164 < 4.4.0-1164.179 xenial
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date