[USN-6653-4] Linux kernel (GKE) vulnerabilities
Several security issues were fixed in the Linux kernel.
It was discovered that a race condition existed in the ATM (Asynchronous
Transfer Mode) subsystem of the Linux kernel, leading to a use-after-free
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2023-51780)
It was discovered that a race condition existed in the AppleTalk networking
subsystem of the Linux kernel, leading to a use-after-free vulnerability. A
local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2023-51781)
Zhenghan Wang discovered that the generic ID allocator implementation in
the Linux kernel did not properly check for null bitmap when releasing IDs.
A local attacker could use this to cause a denial of service (system
crash). (CVE-2023-6915)
Robert Morris discovered that the CIFS network file system implementation
in the Linux kernel did not properly validate certain server commands
fields, leading to an out-of-bounds read vulnerability. An attacker could
use this to cause a denial of service (system crash) or possibly expose
sensitive information. (CVE-2024-0565)
Jann Horn discovered that the TLS subsystem in the Linux kernel did not
properly handle spliced messages, leading to an out-of-bounds write
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2024-0646)
- ID
- USN-6653-4
- Severity
- high
- Severity from
- CVE-2024-0646
- URL
- https://ubuntu.com/security/notices/USN-6653-4
- Published
-
2024-03-04T22:16:36
(6 months ago) - Modified
-
2024-03-04T22:16:36
(6 months ago) - Other Advisories
-
- ALSA-2024:0897
- ALSA-2024:1607
- ALSA-2024:3138
- DSA-5593-1
- DSA-5594-1
- DSA-5681-1
- ELSA-2024-0897
- ELSA-2024-12169
- ELSA-2024-12193
- ELSA-2024-1248
- ELSA-2024-1607
- ELSA-2024-2394
- ELSA-2024-3138
- MS:CVE-2023-51780
- RHSA-2024:0876
- RHSA-2024:0881
- RHSA-2024:0897
- RHSA-2024:1251
- RHSA-2024:1607
- RHSA-2024:1614
- RHSA-2024:2950
- RHSA-2024:3138
- RLSA-2024:1607
- RLSA-2024:3138
- SSA:2024-157-01
- SUSE-SU-2024:0463-1
- SUSE-SU-2024:0468-1
- SUSE-SU-2024:0469-1
- SUSE-SU-2024:0474-1
- SUSE-SU-2024:0476-1
- SUSE-SU-2024:0478-1
- SUSE-SU-2024:0483-1
- SUSE-SU-2024:0484-1
- SUSE-SU-2024:0514-1
- SUSE-SU-2024:0515-1
- SUSE-SU-2024:0516-1
- SUSE-SU-2024:0620-1
- SUSE-SU-2024:0622-1
- SUSE-SU-2024:0624-1
- SUSE-SU-2024:0639-1
- SUSE-SU-2024:0655-1
- SUSE-SU-2024:0656-1
- SUSE-SU-2024:0662-1
- SUSE-SU-2024:0663-1
- SUSE-SU-2024:0666-1
- SUSE-SU-2024:0685-1
- SUSE-SU-2024:0694-1
- SUSE-SU-2024:0698-1
- SUSE-SU-2024:0705-1
- SUSE-SU-2024:0727-1
- SUSE-SU-2024:1181-1
- SUSE-SU-2024:1183-1
- SUSE-SU-2024:1184-1
- SUSE-SU-2024:1229-1
- SUSE-SU-2024:1236-1
- SUSE-SU-2024:1239-1
- SUSE-SU-2024:1246-1
- SUSE-SU-2024:1248-1
- SUSE-SU-2024:1249-1
- SUSE-SU-2024:1251-1
- SUSE-SU-2024:1252-1
- SUSE-SU-2024:1257-1
- SUSE-SU-2024:1274-1
- SUSE-SU-2024:1288-1
- SUSE-SU-2024:1292-1
- SUSE-SU-2024:1298-1
- SUSE-SU-2024:1299-1
- SUSE-SU-2024:1312-1
- SUSE-SU-2024:1318-1
- SUSE-SU-2024:1669-1
- SUSE-SU-2024:2802-1
- SUSE-SU-2024:2896-1
- SUSE-SU-2024:2973-1
- USN-6639-1
- USN-6646-1
- USN-6647-1
- USN-6647-2
- USN-6648-1
- USN-6648-2
- USN-6650-1
- USN-6651-1
- USN-6651-2
- USN-6651-3
- USN-6652-1
- USN-6653-1
- USN-6653-2
- USN-6653-3
- USN-6681-1
- USN-6681-2
- USN-6681-3
- USN-6681-4
- USN-6700-1
- USN-6700-2
- USN-6701-1
- USN-6701-2
- USN-6701-3
- USN-6701-4
- USN-6716-1
- USN-6740-1
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:deb/ubuntu/linux-tools-gke?distro=jammy | ubuntu | linux-tools-gke | < 5.15.0.1051.50 | jammy | ||
Affected | pkg:deb/ubuntu/linux-tools-gke-5.15?distro=jammy | ubuntu | linux-tools-gke-5.15 | < 5.15.0.1051.50 | jammy | ||
Affected | pkg:deb/ubuntu/linux-tools-5.15.0-1051-gke?distro=jammy | ubuntu | linux-tools-5.15.0-1051-gke | < 5.15.0-1051.56 | jammy | ||
Affected | pkg:deb/ubuntu/linux-modules-iwlwifi-5.15.0-1051-gke?distro=jammy | ubuntu | linux-modules-iwlwifi-5.15.0-1051-gke | < 5.15.0-1051.56 | jammy | ||
Affected | pkg:deb/ubuntu/linux-modules-extra-5.15.0-1051-gke?distro=jammy | ubuntu | linux-modules-extra-5.15.0-1051-gke | < 5.15.0-1051.56 | jammy | ||
Affected | pkg:deb/ubuntu/linux-modules-5.15.0-1051-gke?distro=jammy | ubuntu | linux-modules-5.15.0-1051-gke | < 5.15.0-1051.56 | jammy | ||
Affected | pkg:deb/ubuntu/linux-image-unsigned-5.15.0-1051-gke?distro=jammy | ubuntu | linux-image-unsigned-5.15.0-1051-gke | < 5.15.0-1051.56 | jammy | ||
Affected | pkg:deb/ubuntu/linux-image-gke?distro=jammy | ubuntu | linux-image-gke | < 5.15.0.1051.50 | jammy | ||
Affected | pkg:deb/ubuntu/linux-image-gke-5.15?distro=jammy | ubuntu | linux-image-gke-5.15 | < 5.15.0.1051.50 | jammy | ||
Affected | pkg:deb/ubuntu/linux-image-5.15.0-1051-gke?distro=jammy | ubuntu | linux-image-5.15.0-1051-gke | < 5.15.0-1051.56 | jammy | ||
Affected | pkg:deb/ubuntu/linux-headers-gke?distro=jammy | ubuntu | linux-headers-gke | < 5.15.0.1051.50 | jammy | ||
Affected | pkg:deb/ubuntu/linux-headers-gke-5.15?distro=jammy | ubuntu | linux-headers-gke-5.15 | < 5.15.0.1051.50 | jammy | ||
Affected | pkg:deb/ubuntu/linux-headers-5.15.0-1051-gke?distro=jammy | ubuntu | linux-headers-5.15.0-1051-gke | < 5.15.0-1051.56 | jammy | ||
Affected | pkg:deb/ubuntu/linux-gke?distro=jammy | ubuntu | linux-gke | < 5.15.0.1051.50 | jammy | ||
Affected | pkg:deb/ubuntu/linux-gke-tools-5.15.0-1051?distro=jammy | ubuntu | linux-gke-tools-5.15.0-1051 | < 5.15.0-1051.56 | jammy | ||
Affected | pkg:deb/ubuntu/linux-gke-headers-5.15.0-1051?distro=jammy | ubuntu | linux-gke-headers-5.15.0-1051 | < 5.15.0-1051.56 | jammy | ||
Affected | pkg:deb/ubuntu/linux-gke-5.15?distro=jammy | ubuntu | linux-gke-5.15 | < 5.15.0.1051.50 | jammy | ||
Affected | pkg:deb/ubuntu/linux-buildinfo-5.15.0-1051-gke?distro=jammy | ubuntu | linux-buildinfo-5.15.0-1051-gke | < 5.15.0-1051.56 | jammy |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |