[USN-6639-1] Linux kernel (OEM) vulnerabilities
Several security issues were fixed in the Linux kernel.
It was discovered that a race condition existed in the ATM (Asynchronous
Transfer Mode) subsystem of the Linux kernel, leading to a use-after-free
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2023-51780)
It was discovered that a race condition existed in the AppleTalk networking
subsystem of the Linux kernel, leading to a use-after-free vulnerability. A
local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2023-51781)
It was discovered that a race condition existed in the Rose X.25 protocol
implementation in the Linux kernel, leading to a use-after- free
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2023-51782)
Alon Zahavi discovered that the NVMe-oF/TCP subsystem of the Linux kernel
did not properly handle connect command payloads in certain situations,
leading to an out-of-bounds read vulnerability. A remote attacker could use
this to expose sensitive information (kernel memory). (CVE-2023-6121)
Jann Horn discovered that a race condition existed in the Linux kernel when
handling io_uring over sockets, leading to a use-after-free vulnerability.
A local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2023-6531)
Xingyuan Mo discovered that the netfilter subsystem in the Linux kernel did
not properly handle dynset expressions passed from userspace, leading to a
null pointer dereference vulnerability. A local attacker could use this to
cause a denial of service (system crash). (CVE-2023-6622)
It was discovered that the IGMP protocol implementation in the Linux kernel
contained a race condition, leading to a use-after-free vulnerability. A
local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2023-6932)
Robert Morris discovered that the CIFS network file system implementation
in the Linux kernel did not properly validate certain server commands
fields, leading to an out-of-bounds read vulnerability. An attacker could
use this to cause a denial of service (system crash) or possibly expose
sensitive information. (CVE-2024-0565)
Dan Carpenter discovered that the netfilter subsystem in the Linux kernel
did not store data in properly sized memory locations. A local user could
use this to cause a denial of service (system crash). (CVE-2024-0607)
Jann Horn discovered that the TLS subsystem in the Linux kernel did not
properly handle spliced messages, leading to an out-of-bounds write
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2024-0646)
Yang Chaoming discovered that the KSMBD implementation in the Linux kernel
did not properly validate request buffer sizes, leading to an out-of-bounds
read vulnerability. An attacker could use this to cause a denial of service
(system crash) or possibly expose sensitive information. (CVE-2024-22705)
- ID
- USN-6639-1
- Severity
- high
- Severity from
- CVE-2024-0646
- URL
- https://ubuntu.com/security/notices/USN-6639-1
- Published
-
2024-02-15T03:33:26
(7 months ago) - Modified
-
2024-02-15T03:33:26
(7 months ago) - Other Advisories
-
- ALAS-2024-1899
- ALAS2-2024-2391
- ALAS2-2024-2549
- ALSA-2024:0897
- ALSA-2024:1607
- ALSA-2024:3138
- DSA-5593-1
- DSA-5594-1
- DSA-5681-1
- ELSA-2024-0897
- ELSA-2024-12159
- ELSA-2024-12169
- ELSA-2024-12193
- ELSA-2024-12271
- ELSA-2024-12274
- ELSA-2024-12275
- ELSA-2024-1248
- ELSA-2024-1607
- ELSA-2024-2394
- ELSA-2024-3138
- FEDORA-2023-26ffe7d3c7
- FEDORA-2023-dcee14345b
- MS:CVE-2023-51780
- RHSA-2024:0876
- RHSA-2024:0881
- RHSA-2024:0897
- RHSA-2024:1251
- RHSA-2024:1607
- RHSA-2024:1614
- RHSA-2024:2950
- RHSA-2024:3138
- RLSA-2024:1607
- RLSA-2024:3138
- SSA:2023-359-01
- SSA:2024-157-01
- SUSE-SU-2024:0110-1
- SUSE-SU-2024:0112-1
- SUSE-SU-2024:0113-1
- SUSE-SU-2024:0115-1
- SUSE-SU-2024:0117-1
- SUSE-SU-2024:0118-1
- SUSE-SU-2024:0120-1
- SUSE-SU-2024:0129-1
- SUSE-SU-2024:0141-1
- SUSE-SU-2024:0153-1
- SUSE-SU-2024:0154-1
- SUSE-SU-2024:0156-1
- SUSE-SU-2024:0160-1
- SUSE-SU-2024:0331-1
- SUSE-SU-2024:0339-1
- SUSE-SU-2024:0344-1
- SUSE-SU-2024:0347-1
- SUSE-SU-2024:0348-1
- SUSE-SU-2024:0351-1
- SUSE-SU-2024:0352-1
- SUSE-SU-2024:0358-1
- SUSE-SU-2024:0362-1
- SUSE-SU-2024:0373-1
- SUSE-SU-2024:0376-1
- SUSE-SU-2024:0378-1
- SUSE-SU-2024:0380-1
- SUSE-SU-2024:0389-1
- SUSE-SU-2024:0393-1
- SUSE-SU-2024:0395-1
- SUSE-SU-2024:0409-1
- SUSE-SU-2024:0411-1
- SUSE-SU-2024:0414-1
- SUSE-SU-2024:0418-1
- SUSE-SU-2024:0421-1
- SUSE-SU-2024:0428-1
- SUSE-SU-2024:0429-1
- SUSE-SU-2024:0463-1
- SUSE-SU-2024:0468-1
- SUSE-SU-2024:0469-1
- SUSE-SU-2024:0474-1
- SUSE-SU-2024:0476-1
- SUSE-SU-2024:0478-1
- SUSE-SU-2024:0483-1
- SUSE-SU-2024:0484-1
- SUSE-SU-2024:0514-1
- SUSE-SU-2024:0515-1
- SUSE-SU-2024:0516-1
- SUSE-SU-2024:0620-1
- SUSE-SU-2024:0622-1
- SUSE-SU-2024:0624-1
- SUSE-SU-2024:0639-1
- SUSE-SU-2024:0655-1
- SUSE-SU-2024:0656-1
- SUSE-SU-2024:0662-1
- SUSE-SU-2024:0663-1
- SUSE-SU-2024:0666-1
- SUSE-SU-2024:0685-1
- SUSE-SU-2024:0694-1
- SUSE-SU-2024:0698-1
- SUSE-SU-2024:0705-1
- SUSE-SU-2024:0727-1
- SUSE-SU-2024:0855-1
- SUSE-SU-2024:0856-1
- SUSE-SU-2024:0857-1
- SUSE-SU-2024:0858-1
- SUSE-SU-2024:0900-1
- SUSE-SU-2024:0900-2
- SUSE-SU-2024:0910-1
- SUSE-SU-2024:0925-1
- SUSE-SU-2024:0926-1
- SUSE-SU-2024:0975-1
- SUSE-SU-2024:0976-1
- SUSE-SU-2024:0977-1
- SUSE-SU-2024:0986-1
- SUSE-SU-2024:0989-1
- SUSE-SU-2024:0991-1
- SUSE-SU-2024:0995-1
- SUSE-SU-2024:1017-1
- SUSE-SU-2024:1023-1
- SUSE-SU-2024:1033-1
- SUSE-SU-2024:1039-1
- SUSE-SU-2024:1040-1
- SUSE-SU-2024:1045-1
- SUSE-SU-2024:1047-1
- SUSE-SU-2024:1053-1
- SUSE-SU-2024:1054-1
- SUSE-SU-2024:1063-1
- SUSE-SU-2024:1072-1
- SUSE-SU-2024:1097-1
- SUSE-SU-2024:1181-1
- SUSE-SU-2024:1183-1
- SUSE-SU-2024:1184-1
- SUSE-SU-2024:1229-1
- SUSE-SU-2024:1236-1
- SUSE-SU-2024:1239-1
- SUSE-SU-2024:1246-1
- SUSE-SU-2024:1248-1
- SUSE-SU-2024:1249-1
- SUSE-SU-2024:1251-1
- SUSE-SU-2024:1252-1
- SUSE-SU-2024:1257-1
- SUSE-SU-2024:1274-1
- SUSE-SU-2024:1276-1
- SUSE-SU-2024:1288-1
- SUSE-SU-2024:1292-1
- SUSE-SU-2024:1298-1
- SUSE-SU-2024:1299-1
- SUSE-SU-2024:1312-1
- SUSE-SU-2024:1318-1
- SUSE-SU-2024:1454-1
- SUSE-SU-2024:1465-1
- SUSE-SU-2024:1489-1
- SUSE-SU-2024:1669-1
- SUSE-SU-2024:1708-1
- SUSE-SU-2024:1719-1
- SUSE-SU-2024:2008-1
- SUSE-SU-2024:2010-1
- SUSE-SU-2024:2019-1
- SUSE-SU-2024:2120-1
- SUSE-SU-2024:2135-1
- SUSE-SU-2024:2148-1
- SUSE-SU-2024:2183-1
- SUSE-SU-2024:2185-1
- SUSE-SU-2024:2189-1
- SUSE-SU-2024:2190-1
- SUSE-SU-2024:2343-1
- SUSE-SU-2024:2373-1
- SUSE-SU-2024:2740-1
- SUSE-SU-2024:2755-1
- SUSE-SU-2024:2802-1
- SUSE-SU-2024:2896-1
- SUSE-SU-2024:2973-1
- SUSE-SU-2024:3034-1
- SUSE-SU-2024:3043-1
- USN-6601-1
- USN-6602-1
- USN-6603-1
- USN-6604-1
- USN-6604-2
- USN-6605-1
- USN-6605-2
- USN-6607-1
- USN-6608-1
- USN-6608-2
- USN-6609-1
- USN-6609-2
- USN-6609-3
- USN-6624-1
- USN-6626-1
- USN-6626-2
- USN-6626-3
- USN-6628-1
- USN-6628-2
- USN-6635-1
- USN-6646-1
- USN-6647-1
- USN-6647-2
- USN-6648-1
- USN-6648-2
- USN-6651-1
- USN-6651-2
- USN-6651-3
- USN-6652-1
- USN-6653-1
- USN-6653-2
- USN-6653-3
- USN-6653-4
- USN-6680-1
- USN-6680-2
- USN-6680-3
- USN-6681-1
- USN-6681-2
- USN-6681-3
- USN-6681-4
- USN-6686-1
- USN-6686-2
- USN-6686-3
- USN-6686-4
- USN-6686-5
- USN-6700-1
- USN-6700-2
- USN-6701-1
- USN-6701-2
- USN-6701-3
- USN-6701-4
- USN-6705-1
- USN-6716-1
- USN-6724-1
- USN-6724-2
- USN-6725-1
- USN-6725-2
- USN-6726-1
- USN-6726-2
- USN-6726-3
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:deb/ubuntu/linux-tools-oem-22.04c?distro=jammy | ubuntu | linux-tools-oem-22.04c | < 6.1.0.1033.34 | jammy | ||
Affected | pkg:deb/ubuntu/linux-tools-oem-22.04b?distro=jammy | ubuntu | linux-tools-oem-22.04b | < 6.1.0.1033.34 | jammy | ||
Affected | pkg:deb/ubuntu/linux-tools-oem-22.04a?distro=jammy | ubuntu | linux-tools-oem-22.04a | < 6.1.0.1033.34 | jammy | ||
Affected | pkg:deb/ubuntu/linux-tools-oem-22.04?distro=jammy | ubuntu | linux-tools-oem-22.04 | < 6.1.0.1033.34 | jammy | ||
Affected | pkg:deb/ubuntu/linux-tools-6.1.0-1033-oem?distro=jammy | ubuntu | linux-tools-6.1.0-1033-oem | < 6.1.0-1033.33 | jammy | ||
Affected | pkg:deb/ubuntu/linux-oem-6.1-tools-host?distro=jammy | ubuntu | linux-oem-6.1-tools-host | < 6.1.0-1033.33 | jammy | ||
Affected | pkg:deb/ubuntu/linux-oem-6.1-tools-6.1.0-1033?distro=jammy | ubuntu | linux-oem-6.1-tools-6.1.0-1033 | < 6.1.0-1033.33 | jammy | ||
Affected | pkg:deb/ubuntu/linux-oem-6.1-headers-6.1.0-1033?distro=jammy | ubuntu | linux-oem-6.1-headers-6.1.0-1033 | < 6.1.0-1033.33 | jammy | ||
Affected | pkg:deb/ubuntu/linux-oem-22.04c?distro=jammy | ubuntu | linux-oem-22.04c | < 6.1.0.1033.34 | jammy | ||
Affected | pkg:deb/ubuntu/linux-oem-22.04b?distro=jammy | ubuntu | linux-oem-22.04b | < 6.1.0.1033.34 | jammy | ||
Affected | pkg:deb/ubuntu/linux-oem-22.04a?distro=jammy | ubuntu | linux-oem-22.04a | < 6.1.0.1033.34 | jammy | ||
Affected | pkg:deb/ubuntu/linux-oem-22.04?distro=jammy | ubuntu | linux-oem-22.04 | < 6.1.0.1033.34 | jammy | ||
Affected | pkg:deb/ubuntu/linux-modules-iwlwifi-oem-22.04c?distro=jammy | ubuntu | linux-modules-iwlwifi-oem-22.04c | < 6.1.0.1033.34 | jammy | ||
Affected | pkg:deb/ubuntu/linux-modules-iwlwifi-oem-22.04b?distro=jammy | ubuntu | linux-modules-iwlwifi-oem-22.04b | < 6.1.0.1033.34 | jammy | ||
Affected | pkg:deb/ubuntu/linux-modules-iwlwifi-oem-22.04?distro=jammy | ubuntu | linux-modules-iwlwifi-oem-22.04 | < 6.1.0.1033.34 | jammy | ||
Affected | pkg:deb/ubuntu/linux-modules-iwlwifi-6.1.0-1033-oem?distro=jammy | ubuntu | linux-modules-iwlwifi-6.1.0-1033-oem | < 6.1.0-1033.33 | jammy | ||
Affected | pkg:deb/ubuntu/linux-modules-ivsc-oem-22.04c?distro=jammy | ubuntu | linux-modules-ivsc-oem-22.04c | < 6.1.0.1033.34 | jammy | ||
Affected | pkg:deb/ubuntu/linux-modules-ivsc-oem-22.04b?distro=jammy | ubuntu | linux-modules-ivsc-oem-22.04b | < 6.1.0.1033.34 | jammy | ||
Affected | pkg:deb/ubuntu/linux-modules-ivsc-oem-22.04?distro=jammy | ubuntu | linux-modules-ivsc-oem-22.04 | < 6.1.0.1033.34 | jammy | ||
Affected | pkg:deb/ubuntu/linux-modules-ivsc-6.1.0-1033-oem?distro=jammy | ubuntu | linux-modules-ivsc-6.1.0-1033-oem | < 6.1.0-1033.33 | jammy | ||
Affected | pkg:deb/ubuntu/linux-modules-ipu6-oem-22.04c?distro=jammy | ubuntu | linux-modules-ipu6-oem-22.04c | < 6.1.0.1033.34 | jammy | ||
Affected | pkg:deb/ubuntu/linux-modules-ipu6-oem-22.04b?distro=jammy | ubuntu | linux-modules-ipu6-oem-22.04b | < 6.1.0.1033.34 | jammy | ||
Affected | pkg:deb/ubuntu/linux-modules-ipu6-oem-22.04?distro=jammy | ubuntu | linux-modules-ipu6-oem-22.04 | < 6.1.0.1033.34 | jammy | ||
Affected | pkg:deb/ubuntu/linux-modules-ipu6-6.1.0-1033-oem?distro=jammy | ubuntu | linux-modules-ipu6-6.1.0-1033-oem | < 6.1.0-1033.33 | jammy | ||
Affected | pkg:deb/ubuntu/linux-modules-6.1.0-1033-oem?distro=jammy | ubuntu | linux-modules-6.1.0-1033-oem | < 6.1.0-1033.33 | jammy | ||
Affected | pkg:deb/ubuntu/linux-image-unsigned-6.1.0-1033-oem?distro=jammy | ubuntu | linux-image-unsigned-6.1.0-1033-oem | < 6.1.0-1033.33 | jammy | ||
Affected | pkg:deb/ubuntu/linux-image-oem-22.04c?distro=jammy | ubuntu | linux-image-oem-22.04c | < 6.1.0.1033.34 | jammy | ||
Affected | pkg:deb/ubuntu/linux-image-oem-22.04b?distro=jammy | ubuntu | linux-image-oem-22.04b | < 6.1.0.1033.34 | jammy | ||
Affected | pkg:deb/ubuntu/linux-image-oem-22.04a?distro=jammy | ubuntu | linux-image-oem-22.04a | < 6.1.0.1033.34 | jammy | ||
Affected | pkg:deb/ubuntu/linux-image-oem-22.04?distro=jammy | ubuntu | linux-image-oem-22.04 | < 6.1.0.1033.34 | jammy | ||
Affected | pkg:deb/ubuntu/linux-image-6.1.0-1033-oem?distro=jammy | ubuntu | linux-image-6.1.0-1033-oem | < 6.1.0-1033.33 | jammy | ||
Affected | pkg:deb/ubuntu/linux-headers-oem-22.04c?distro=jammy | ubuntu | linux-headers-oem-22.04c | < 6.1.0.1033.34 | jammy | ||
Affected | pkg:deb/ubuntu/linux-headers-oem-22.04b?distro=jammy | ubuntu | linux-headers-oem-22.04b | < 6.1.0.1033.34 | jammy | ||
Affected | pkg:deb/ubuntu/linux-headers-oem-22.04a?distro=jammy | ubuntu | linux-headers-oem-22.04a | < 6.1.0.1033.34 | jammy | ||
Affected | pkg:deb/ubuntu/linux-headers-oem-22.04?distro=jammy | ubuntu | linux-headers-oem-22.04 | < 6.1.0.1033.34 | jammy | ||
Affected | pkg:deb/ubuntu/linux-headers-6.1.0-1033-oem?distro=jammy | ubuntu | linux-headers-6.1.0-1033-oem | < 6.1.0-1033.33 | jammy | ||
Affected | pkg:deb/ubuntu/linux-buildinfo-6.1.0-1033-oem?distro=jammy | ubuntu | linux-buildinfo-6.1.0-1033-oem | < 6.1.0-1033.33 | jammy |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |