What is the severity of USN-6249-1?

The severity of USN-6249-1 is not specified in the description.

How can a local attacker exploit the vulnerability in USN-6249-1?

A local attacker can exploit the vulnerability in USN-6249-1 to cause a denial of service (system crash) or execute arbitrary code.

Which versions of Ubuntu are affected by USN-6249-1?

Versions 22.04 of Ubuntu with the specified Linux kernel versions are affected by USN-6249-1.

What is the Common Weakness Enumeration (CWE) ID for USN-6249-1?

The CWE IDs for USN-6249-1 are CWE-416 and CWE-362.

Where can I find more information about USN-6249-1?

You can find more information about USN-6249-1 at the following references: [CVE-2023-3389](https://ubuntu.com/security/CVE-2023-3389), [CVE-2023-3269](https://ubuntu.com/security/CVE-2023-3269), [USN-6246-1](https://ubuntu.com/security/notices/USN-6246-1).

Vulnerability/
USN-6249-1

CWE

416 362

25/7/2023

USN-6249-1: Linux kernel (OEM) vulnerabilities

First published: Tue Jul 25 2023(Updated: )

Ruihan Li discovered that the memory management subsystem in the Linux kernel contained a race condition when accessing VMAs in certain conditions, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-3269) Querijn Voet discovered that a race condition existed in the io_uring subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3389)

Affected Software	Affected Version	How to fix
All of
ubuntu/linux-image-oem-22.04c	<6.1.0.1017.17	6.1.0.1017.17
	=22.04
All of
ubuntu/linux-image-6.1.0-1017-oem	<6.1.0-1017.17	6.1.0-1017.17
	=22.04

Never miss a vulnerability like this again

Reference Links

Child vulnerabilities

(Contains the following vulnerabilities)

Frequently Asked Questions

What is the severity of USN-6249-1?
The severity of USN-6249-1 is not specified in the description.
How can a local attacker exploit the vulnerability in USN-6249-1?
A local attacker can exploit the vulnerability in USN-6249-1 to cause a denial of service (system crash) or execute arbitrary code.
Which versions of Ubuntu are affected by USN-6249-1?
Versions 22.04 of Ubuntu with the specified Linux kernel versions are affected by USN-6249-1.
What is the Common Weakness Enumeration (CWE) ID for USN-6249-1?
The CWE IDs for USN-6249-1 are CWE-416 and CWE-362.
Where can I find more information about USN-6249-1?
You can find more information about USN-6249-1 at the following references: [CVE-2023-3389](https://ubuntu.com/security/CVE-2023-3389), [CVE-2023-3269](https://ubuntu.com/security/CVE-2023-3269), [USN-6246-1](https://ubuntu.com/security/notices/USN-6246-1).

agent/description
agent/event
agent/first-publish-date
agent/last-modified-date
agent/references
agent/severity
agent/softwarecombine
agent/tags
agent/title
agent/type
agent/weakness
collector/usn
source/Ubuntu
anchor-related/USN-6246-1
anchor-related/USN-6248-1
anchor-related/USN-6250-1
anchor-related/USN-6255-1
anchor-related/USN-6260-1
agent/software-canonical-lookup
package-manager/ubuntu
vendor/ubuntu
canonical/ubuntu ubuntu
version/ubuntu ubuntu/22.04