1. Home
  2. Security Advisories
  3. Ubuntu
  4. USN-6653-4

[USN-6653-4] Linux kernel (GKE) vulnerabilities

Severity High
Affected Packages 18
CVEs 5
Info Packages Vulnerabilities

Several security issues were fixed in the Linux kernel.

It was discovered that a race condition existed in the ATM (Asynchronous
Transfer Mode) subsystem of the Linux kernel, leading to a use-after-free
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2023-51780)

It was discovered that a race condition existed in the AppleTalk networking
subsystem of the Linux kernel, leading to a use-after-free vulnerability. A
local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2023-51781)

Zhenghan Wang discovered that the generic ID allocator implementation in
the Linux kernel did not properly check for null bitmap when releasing IDs.
A local attacker could use this to cause a denial of service (system
crash). (CVE-2023-6915)

Robert Morris discovered that the CIFS network file system implementation
in the Linux kernel did not properly validate certain server commands
fields, leading to an out-of-bounds read vulnerability. An attacker could
use this to cause a denial of service (system crash) or possibly expose
sensitive information. (CVE-2024-0565)

Jann Horn discovered that the TLS subsystem in the Linux kernel did not
properly handle spliced messages, leading to an out-of-bounds write
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2024-0646)

Package Affected Version
pkg:deb/ubuntu/linux-tools-gke?distro=jammy < 5.15.0.1051.50
pkg:deb/ubuntu/linux-tools-gke-5.15?distro=jammy < 5.15.0.1051.50
pkg:deb/ubuntu/linux-tools-5.15.0-1051-gke?distro=jammy < 5.15.0-1051.56
pkg:deb/ubuntu/linux-modules-iwlwifi-5.15.0-1051-gke?distro=jammy < 5.15.0-1051.56
pkg:deb/ubuntu/linux-modules-extra-5.15.0-1051-gke?distro=jammy < 5.15.0-1051.56
pkg:deb/ubuntu/linux-modules-5.15.0-1051-gke?distro=jammy < 5.15.0-1051.56
pkg:deb/ubuntu/linux-image-unsigned-5.15.0-1051-gke?distro=jammy < 5.15.0-1051.56
pkg:deb/ubuntu/linux-image-gke?distro=jammy < 5.15.0.1051.50
pkg:deb/ubuntu/linux-image-gke-5.15?distro=jammy < 5.15.0.1051.50
pkg:deb/ubuntu/linux-image-5.15.0-1051-gke?distro=jammy < 5.15.0-1051.56
pkg:deb/ubuntu/linux-headers-gke?distro=jammy < 5.15.0.1051.50
pkg:deb/ubuntu/linux-headers-gke-5.15?distro=jammy < 5.15.0.1051.50
pkg:deb/ubuntu/linux-headers-5.15.0-1051-gke?distro=jammy < 5.15.0-1051.56
pkg:deb/ubuntu/linux-gke?distro=jammy < 5.15.0.1051.50
pkg:deb/ubuntu/linux-gke-tools-5.15.0-1051?distro=jammy < 5.15.0-1051.56
pkg:deb/ubuntu/linux-gke-headers-5.15.0-1051?distro=jammy < 5.15.0-1051.56
pkg:deb/ubuntu/linux-gke-5.15?distro=jammy < 5.15.0.1051.50
pkg:deb/ubuntu/linux-buildinfo-5.15.0-1051-gke?distro=jammy < 5.15.0-1051.56
ID
USN-6653-4
Severity
high
Severity from
CVE-2024-0646
URL
https://ubuntu.com/security/notices/USN-6653-4
Published
2024-03-04T22:16:36
(6 months ago)
Modified
2024-03-04T22:16:36
(6 months ago)
Other Advisories
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:deb/ubuntu/linux-tools-gke?distro=jammy ubuntu linux-tools-gke < 5.15.0.1051.50 jammy
Affected pkg:deb/ubuntu/linux-tools-gke-5.15?distro=jammy ubuntu linux-tools-gke-5.15 < 5.15.0.1051.50 jammy
Affected pkg:deb/ubuntu/linux-tools-5.15.0-1051-gke?distro=jammy ubuntu linux-tools-5.15.0-1051-gke < 5.15.0-1051.56 jammy
Affected pkg:deb/ubuntu/linux-modules-iwlwifi-5.15.0-1051-gke?distro=jammy ubuntu linux-modules-iwlwifi-5.15.0-1051-gke < 5.15.0-1051.56 jammy
Affected pkg:deb/ubuntu/linux-modules-extra-5.15.0-1051-gke?distro=jammy ubuntu linux-modules-extra-5.15.0-1051-gke < 5.15.0-1051.56 jammy
Affected pkg:deb/ubuntu/linux-modules-5.15.0-1051-gke?distro=jammy ubuntu linux-modules-5.15.0-1051-gke < 5.15.0-1051.56 jammy
Affected pkg:deb/ubuntu/linux-image-unsigned-5.15.0-1051-gke?distro=jammy ubuntu linux-image-unsigned-5.15.0-1051-gke < 5.15.0-1051.56 jammy
Affected pkg:deb/ubuntu/linux-image-gke?distro=jammy ubuntu linux-image-gke < 5.15.0.1051.50 jammy
Affected pkg:deb/ubuntu/linux-image-gke-5.15?distro=jammy ubuntu linux-image-gke-5.15 < 5.15.0.1051.50 jammy
Affected pkg:deb/ubuntu/linux-image-5.15.0-1051-gke?distro=jammy ubuntu linux-image-5.15.0-1051-gke < 5.15.0-1051.56 jammy
Affected pkg:deb/ubuntu/linux-headers-gke?distro=jammy ubuntu linux-headers-gke < 5.15.0.1051.50 jammy
Affected pkg:deb/ubuntu/linux-headers-gke-5.15?distro=jammy ubuntu linux-headers-gke-5.15 < 5.15.0.1051.50 jammy
Affected pkg:deb/ubuntu/linux-headers-5.15.0-1051-gke?distro=jammy ubuntu linux-headers-5.15.0-1051-gke < 5.15.0-1051.56 jammy
Affected pkg:deb/ubuntu/linux-gke?distro=jammy ubuntu linux-gke < 5.15.0.1051.50 jammy
Affected pkg:deb/ubuntu/linux-gke-tools-5.15.0-1051?distro=jammy ubuntu linux-gke-tools-5.15.0-1051 < 5.15.0-1051.56 jammy
Affected pkg:deb/ubuntu/linux-gke-headers-5.15.0-1051?distro=jammy ubuntu linux-gke-headers-5.15.0-1051 < 5.15.0-1051.56 jammy
Affected pkg:deb/ubuntu/linux-gke-5.15?distro=jammy ubuntu linux-gke-5.15 < 5.15.0.1051.50 jammy
Affected pkg:deb/ubuntu/linux-buildinfo-5.15.0-1051-gke?distro=jammy ubuntu linux-buildinfo-5.15.0-1051-gke < 5.15.0-1051.56 jammy
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date