USN-6045-1: Linux kernel vulnerabilities
First published: Wed Apr 26 2023(Updated: )
It was discovered that the Traffic-Control Index (TCINDEX) implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. (CVE-2023-1829) Gwnaun Jung discovered that the SFB packet scheduling implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3586) Zheng Wang and Zhuorao Yang discovered that the RealTek RTL8712U wireless driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-4095) It was discovered that the TIPC protocol implementation in the Linux kernel did not properly validate the queue of socket buffers (skb) when handling certain UDP packets. A remote attacker could use this to cause a denial of service. (CVE-2023-1390) It was discovered that the Xircom PCMCIA network device driver in the Linux kernel did not properly handle device removal events. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2023-1670)
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| ubuntu/linux-image-virtual | <4.4.0.240.246 | 4.4.0.240.246 |
| =16.04 | ||
| All of | ||
| ubuntu/linux-image-generic | <4.4.0.240.246 | 4.4.0.240.246 |
| =16.04 | ||
| All of | ||
| ubuntu/linux-image-lowlatency-lts-xenial | <4.4.0.240.246 | 4.4.0.240.246 |
| =16.04 | ||
| All of | ||
| ubuntu/linux-image-aws | <4.4.0.1156.160 | 4.4.0.1156.160 |
| =16.04 | ||
| All of | ||
| ubuntu/linux-image-4.4.0-240-lowlatency | <4.4.0-240.274 | 4.4.0-240.274 |
| =16.04 | ||
| All of | ||
| ubuntu/linux-image-virtual-lts-xenial | <4.4.0.240.246 | 4.4.0.240.246 |
| =16.04 | ||
| All of | ||
| ubuntu/linux-image-4.4.0-1156-aws | <4.4.0-1156.171 | 4.4.0-1156.171 |
| =16.04 | ||
| All of | ||
| ubuntu/linux-image-generic-lts-xenial | <4.4.0.240.246 | 4.4.0.240.246 |
| =16.04 | ||
| All of | ||
| ubuntu/linux-image-4.4.0-240-generic | <4.4.0-240.274 | 4.4.0-240.274 |
| =16.04 | ||
| All of | ||
| ubuntu/linux-image-kvm | <4.4.0.1119.116 | 4.4.0.1119.116 |
| =16.04 | ||
| All of | ||
| ubuntu/linux-image-4.4.0-1119-kvm | <4.4.0-1119.129 | 4.4.0-1119.129 |
| =16.04 | ||
| All of | ||
| ubuntu/linux-image-lowlatency | <4.4.0.240.246 | 4.4.0.240.246 |
| =16.04 | ||
| All of | ||
| ubuntu/linux-image-virtual-lts-xenial | <4.4.0.240.208 | 4.4.0.240.208 |
| =14.04 | ||
| All of | ||
| ubuntu/linux-image-generic-lts-xenial | <4.4.0.240.208 | 4.4.0.240.208 |
| =14.04 | ||
| All of | ||
| ubuntu/linux-image-aws | <4.4.0.1118.115 | 4.4.0.1118.115 |
| =14.04 | ||
| All of | ||
| ubuntu/linux-image-4.4.0-240-generic | <4.4.0-240.274~14.04.1 | 4.4.0-240.274~14.04.1 |
| =14.04 | ||
| All of | ||
| ubuntu/linux-image-4.4.0-240-lowlatency | <4.4.0-240.274~14.04.1 | 4.4.0-240.274~14.04.1 |
| =14.04 | ||
| All of | ||
| ubuntu/linux-image-4.4.0-1118-aws | <4.4.0-1118.124 | 4.4.0-1118.124 |
| =14.04 | ||
| All of | ||
| ubuntu/linux-image-lowlatency-lts-xenial | <4.4.0.240.208 | 4.4.0.240.208 |
| =14.04 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://ubuntu.com/security/CVE-2022-3586
- https://ubuntu.com/security/CVE-2023-1829
- https://ubuntu.com/security/CVE-2023-1670
- https://ubuntu.com/security/CVE-2023-1390
- https://ubuntu.com/security/CVE-2022-4095
- https://ubuntu.com/security/notices/USN-5790-1
- https://ubuntu.com/security/notices/USN-5791-1
- https://ubuntu.com/security/notices/USN-5792-1
- https://ubuntu.com/security/notices/USN-5793-1
- https://ubuntu.com/security/notices/USN-5791-2
- https://ubuntu.com/security/notices/USN-5792-2
- https://ubuntu.com/security/notices/USN-5793-2
- https://ubuntu.com/security/notices/USN-5793-3
- https://ubuntu.com/security/notices/USN-5793-4
- https://ubuntu.com/security/notices/USN-5877-1
- https://ubuntu.com/security/notices/USN-5791-3
- https://ubuntu.com/security/notices/USN-5815-1
- https://ubuntu.com/security/notices/USN-6071-1
- https://ubuntu.com/security/notices/USN-6124-1
- https://ubuntu.com/security/notices/USN-6033-1
- https://ubuntu.com/security/notices/USN-6043-1
- https://ubuntu.com/security/notices/USN-6044-1
- https://ubuntu.com/security/notices/USN-6047-1
- https://ubuntu.com/security/notices/USN-6051-1
- https://ubuntu.com/security/notices/USN-6052-1
- https://ubuntu.com/security/notices/USN-6058-1
- https://ubuntu.com/security/notices/USN-6069-1
- https://ubuntu.com/security/notices/USN-6070-1
- https://ubuntu.com/security/notices/USN-6072-1
- https://ubuntu.com/security/notices/USN-6093-1
- https://ubuntu.com/security/notices/USN-6107-1
- https://ubuntu.com/security/notices/USN-6133-1
- https://ubuntu.com/security/notices/USN-6134-1
- https://ubuntu.com/security/notices/USN-6222-1
- https://ubuntu.com/security/notices/USN-6256-1
- https://ubuntu.com/security/notices/USN-6123-1
- https://ubuntu.com/security/notices/USN-6171-1
- https://ubuntu.com/security/notices/USN-6172-1
- https://ubuntu.com/security/notices/USN-6175-1
- https://ubuntu.com/security/notices/USN-6185-1
- https://ubuntu.com/security/notices/USN-6186-1
- https://ubuntu.com/security/notices/USN-6187-1
- https://ubuntu.com/security/notices/USN-6207-1
- https://ubuntu.com/security/notices/USN-6223-1
- https://ubuntu.com/security/notices/USN-6252-1
- https://ubuntu.com/security/notices/USN-6045-1 (Advisory)
Child vulnerabilities
(Contains the following vulnerabilities)
Frequently Asked Questions
What is the severity of USN-6045-1?
The severity of USN-6045-1 is high.
How does the Traffic-Control Index (TCINDEX) vulnerability impact the Linux kernel?
The Traffic-Control Index (TCINDEX) vulnerability allows a local attacker to gain elevated privileges.
Which versions of Ubuntu are affected by USN-6045-1?
Ubuntu 16.04 and 14.04 are affected by USN-6045-1.
What is the remedy for USN-6045-1?
The remedy for USN-6045-1 is to update the Linux kernel to version 4.4.0.240.246 (exact version may vary).
Where can I find more information about USN-6045-1?
You can find more information about USN-6045-1 on the Ubuntu Security Advisory website.
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/title
- agent/type
- agent/weakness
- collector/usn
- source/Ubuntu
- anchor-related/USN-5790-1
- anchor-related/USN-5791-1
- anchor-related/USN-5792-1
- anchor-related/USN-5793-1
- anchor-related/USN-5791-2
- anchor-related/USN-5792-2
- anchor-related/USN-5793-2
- anchor-related/USN-5793-3
- anchor-related/USN-5793-4
- anchor-related/USN-5877-1
- anchor-related/USN-5791-3
- anchor-related/USN-5815-1
- anchor-related/USN-6071-1
- anchor-related/USN-6124-1
- anchor-related/USN-6033-1
- anchor-related/USN-6043-1
- anchor-related/USN-6044-1
- anchor-related/USN-6047-1
- anchor-related/USN-6051-1
- anchor-related/USN-6052-1
- anchor-related/USN-6058-1
- anchor-related/USN-6069-1
- anchor-related/USN-6070-1
- anchor-related/USN-6072-1
- anchor-related/USN-6093-1
- anchor-related/USN-6107-1
- anchor-related/USN-6133-1
- anchor-related/USN-6134-1
- anchor-related/USN-6222-1
- anchor-related/USN-6256-1
- anchor-related/USN-6123-1
- anchor-related/USN-6171-1
- anchor-related/USN-6172-1
- anchor-related/USN-6175-1
- anchor-related/USN-6185-1
- anchor-related/USN-6186-1
- anchor-related/USN-6187-1
- anchor-related/USN-6207-1
- anchor-related/USN-6223-1
- anchor-related/USN-6252-1
- agent/software-canonical-lookup
- package-manager/ubuntu
- vendor/ubuntu
- canonical/ubuntu ubuntu
- version/ubuntu ubuntu/16.04
- version/ubuntu ubuntu/14.04