- Vulnerability/
- USN-6212-1
USN-6212-1: Linux kernel (Intel IoTG) vulnerabilities
First published: Fri Jul 07 2023(Updated: )
Hangyu Hua discovered that the Flower classifier implementation in the Linux kernel contained an out-of-bounds write vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35788, LP: #2023577) It was discovered that for some Intel processors the INVLPG instruction implementation did not properly flush global TLB entries when PCIDs are enabled. An attacker could use this to expose sensitive information (kernel memory) or possibly cause undesired behaviors. (LP: #2023220)
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| ubuntu/linux-image-5.15.0-1034-intel-iotg | <5.15.0-1034.39 | 5.15.0-1034.39 |
| =22.04 | ||
| All of | ||
| ubuntu/linux-image-intel-iotg | <5.15.0.1034.33 | 5.15.0.1034.33 |
| =22.04 | ||
| All of | ||
| ubuntu/linux-image-5.15.0-1034-intel-iotg | <5.15.0-1034.39~20.04.1 | 5.15.0-1034.39~20.04.1 |
| =20.04 | ||
| All of | ||
| ubuntu/linux-image-intel-iotg | <5.15.0.1034.39~20.04.25 | 5.15.0.1034.39~20.04.25 |
| =20.04 | ||
| All of | ||
| ubuntu/linux-image-intel | <5.15.0.1034.39~20.04.25 | 5.15.0.1034.39~20.04.25 |
| =20.04 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://ubuntu.com/security/CVE-2023-35788
- https://launchpad.net/bugs/2023577
- https://launchpad.net/bugs/2023220
- https://ubuntu.com/security/notices/USN-6192-1
- https://ubuntu.com/security/notices/USN-6193-1
- https://ubuntu.com/security/notices/USN-6194-1
- https://ubuntu.com/security/notices/USN-6205-1
- https://ubuntu.com/security/notices/USN-6206-1
- https://ubuntu.com/security/notices/USN-6220-1
- https://ubuntu.com/security/notices/USN-6223-1
- https://ubuntu.com/security/notices/USN-6234-1
- https://ubuntu.com/security/notices/USN-6235-1
- https://ubuntu.com/security/notices/USN-6256-1
- https://ubuntu.com/security/notices/LSN-0097-1
- https://launchpad.net/ubuntu/+source/linux-signed-intel-iotg/5.15.0-1034.39
- https://launchpad.net/ubuntu/+source/linux-meta-intel-iotg/5.15.0.1034.33
- https://launchpad.net/ubuntu/+source/linux-signed-intel-iotg-5.15/5.15.0-1034.39~20.04.1
- https://launchpad.net/ubuntu/+source/linux-meta-intel-iotg-5.15/5.15.0.1034.39~20.04.25
- https://ubuntu.com/security/notices/USN-6212-1 (Advisory)
Frequently Asked Questions
What is the severity of CVE-2023-35788?
The severity of CVE-2023-35788 is high.
How can an attacker exploit CVE-2023-35788?
An attacker can exploit CVE-2023-35788 by triggering an out-of-bounds write vulnerability, potentially causing a denial of service (system crash) or executing arbitrary code.
Which Linux kernel version is affected by CVE-2023-35788?
Linux kernel versions 5.15.0-1034.39, 5.15.0-1034.39~20.04.1, 5.15.0.1034.33, 5.15.0.1034.39~20.04.25, and 5.15.0.1034.39~20.04.25 (Intel IoTG) are affected by CVE-2023-35788.
How can I fix the vulnerability?
To fix the vulnerability, update your Linux kernel to version 5.15.0-1034.39 or later (Intel IoTG).
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/title
- agent/type
- collector/usn
- source/Ubuntu
- anchor-related/USN-6192-1
- anchor-related/USN-6193-1
- anchor-related/USN-6194-1
- anchor-related/USN-6205-1
- anchor-related/USN-6206-1
- anchor-related/USN-6220-1
- anchor-related/USN-6223-1
- anchor-related/USN-6234-1
- anchor-related/USN-6235-1
- anchor-related/USN-6256-1
- agent/software-canonical-lookup
- package-manager/ubuntu
- vendor/ubuntu
- canonical/ubuntu ubuntu
- version/ubuntu ubuntu/22.04
- version/ubuntu ubuntu/20.04