USN-6252-1: Linux kernel vulnerabilities
First published: Wed Jul 26 2023(Updated: )
It was discovered that the ext4 file system implementation in the Linux kernel contained a use-after-free vulnerability. An attacker could use this to construct a malicious ext4 file system image that, when mounted, could cause a denial of service (system crash). (CVE-2022-1184) It was discovered that the sound subsystem in the Linux kernel contained a race condition in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3303) It was discovered that a race condition existed in the btrfs file system implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-1611) It was discovered that the Xircom PCMCIA network device driver in the Linux kernel did not properly handle device removal events. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2023-1670) It was discovered that a race condition existed in the Xen transport layer implementation for the 9P file system protocol in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (guest crash) or expose sensitive information (guest kernel memory). (CVE-2023-1859) It was discovered that the ST NCI NFC driver did not properly handle device removal events. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2023-1990) It was discovered that the XFS file system implementation in the Linux kernel did not properly perform metadata validation when mounting certain images. An attacker could use this to specially craft a file system image that, when mounted, could cause a denial of service (system crash). (CVE-2023-2124) It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3090) It was discovered that the btrfs file system implementation in the Linux kernel did not properly handle error conditions in some situations, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-3111) It was discovered that the Ricoh R5C592 MemoryStick card reader driver in the Linux kernel contained a race condition during module unload, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3141) It was discovered that the kernel->user space relay implementation in the Linux kernel did not properly perform certain buffer calculations, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2023-3268) It was discovered that the netfilter subsystem in the Linux kernel did not properly handle some error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3390) Tanguy Dubroca discovered that the netfilter subsystem in the Linux kernel did not properly handle certain pointer data type, leading to an out-of- bounds write vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35001)
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| ubuntu/linux-image-4.15.0-1068-dell300x | <4.15.0-1068.73 | 4.15.0-1068.73 |
| Ubuntu Ubuntu | =18.04 | |
| All of | ||
| ubuntu/linux-image-4.15.0-1122-oracle | <4.15.0-1122.133 | 4.15.0-1122.133 |
| Ubuntu Ubuntu | =18.04 | |
| All of | ||
| ubuntu/linux-image-4.15.0-1143-kvm | <4.15.0-1143.148 | 4.15.0-1143.148 |
| Ubuntu Ubuntu | =18.04 | |
| All of | ||
| ubuntu/linux-image-4.15.0-1153-gcp | <4.15.0-1153.170 | 4.15.0-1153.170 |
| Ubuntu Ubuntu | =18.04 | |
| All of | ||
| ubuntu/linux-image-4.15.0-1153-snapdragon | <4.15.0-1153.163 | 4.15.0-1153.163 |
| Ubuntu Ubuntu | =18.04 | |
| All of | ||
| ubuntu/linux-image-4.15.0-1159-aws | <4.15.0-1159.172 | 4.15.0-1159.172 |
| Ubuntu Ubuntu | =18.04 | |
| All of | ||
| ubuntu/linux-image-4.15.0-1168-azure | <4.15.0-1168.183 | 4.15.0-1168.183 |
| Ubuntu Ubuntu | =18.04 | |
| All of | ||
| ubuntu/linux-image-4.15.0-214-generic | <4.15.0-214.225 | 4.15.0-214.225 |
| Ubuntu Ubuntu | =18.04 | |
| All of | ||
| ubuntu/linux-image-4.15.0-214-generic-lpae | <4.15.0-214.225 | 4.15.0-214.225 |
| Ubuntu Ubuntu | =18.04 | |
| All of | ||
| ubuntu/linux-image-4.15.0-214-lowlatency | <4.15.0-214.225 | 4.15.0-214.225 |
| Ubuntu Ubuntu | =18.04 | |
| All of | ||
| ubuntu/linux-image-aws-lts-18.04 | <4.15.0.1159.157 | 4.15.0.1159.157 |
| Ubuntu Ubuntu | =18.04 | |
| All of | ||
| ubuntu/linux-image-azure-lts-18.04 | <4.15.0.1168.136 | 4.15.0.1168.136 |
| Ubuntu Ubuntu | =18.04 | |
| All of | ||
| ubuntu/linux-image-dell300x | <4.15.0.1068.67 | 4.15.0.1068.67 |
| Ubuntu Ubuntu | =18.04 | |
| All of | ||
| ubuntu/linux-image-gcp-lts-18.04 | <4.15.0.1153.167 | 4.15.0.1153.167 |
| Ubuntu Ubuntu | =18.04 | |
| All of | ||
| ubuntu/linux-image-generic | <4.15.0.214.197 | 4.15.0.214.197 |
| Ubuntu Ubuntu | =18.04 | |
| All of | ||
| ubuntu/linux-image-generic-lpae | <4.15.0.214.197 | 4.15.0.214.197 |
| Ubuntu Ubuntu | =18.04 | |
| All of | ||
| ubuntu/linux-image-kvm | <4.15.0.1143.134 | 4.15.0.1143.134 |
| Ubuntu Ubuntu | =18.04 | |
| All of | ||
| ubuntu/linux-image-lowlatency | <4.15.0.214.197 | 4.15.0.214.197 |
| Ubuntu Ubuntu | =18.04 | |
| All of | ||
| ubuntu/linux-image-oracle-lts-18.04 | <4.15.0.1122.127 | 4.15.0.1122.127 |
| Ubuntu Ubuntu | =18.04 | |
| All of | ||
| ubuntu/linux-image-snapdragon | <4.15.0.1153.152 | 4.15.0.1153.152 |
| Ubuntu Ubuntu | =18.04 | |
| All of | ||
| ubuntu/linux-image-virtual | <4.15.0.214.197 | 4.15.0.214.197 |
| Ubuntu Ubuntu | =18.04 | |
| All of | ||
| ubuntu/linux-image-4.15.0-1122-oracle | <4.15.0-1122.133~16.04.1 | 4.15.0-1122.133~16.04.1 |
| Ubuntu Ubuntu | =16.04 | |
| All of | ||
| ubuntu/linux-image-4.15.0-1153-gcp | <4.15.0-1153.170~16.04.1 | 4.15.0-1153.170~16.04.1 |
| Ubuntu Ubuntu | =16.04 | |
| All of | ||
| ubuntu/linux-image-4.15.0-1159-aws | <4.15.0-1159.172~16.04.1 | 4.15.0-1159.172~16.04.1 |
| Ubuntu Ubuntu | =16.04 | |
| All of | ||
| ubuntu/linux-image-4.15.0-1168-azure | <4.15.0-1168.183~16.04.1 | 4.15.0-1168.183~16.04.1 |
| Ubuntu Ubuntu | =16.04 | |
| All of | ||
| ubuntu/linux-image-4.15.0-214-generic | <4.15.0-214.225~16.04.1 | 4.15.0-214.225~16.04.1 |
| Ubuntu Ubuntu | =16.04 | |
| All of | ||
| ubuntu/linux-image-4.15.0-214-lowlatency | <4.15.0-214.225~16.04.1 | 4.15.0-214.225~16.04.1 |
| Ubuntu Ubuntu | =16.04 | |
| All of | ||
| ubuntu/linux-image-aws-hwe | <4.15.0.1159.142 | 4.15.0.1159.142 |
| Ubuntu Ubuntu | =16.04 | |
| All of | ||
| ubuntu/linux-image-azure | <4.15.0.1168.152 | 4.15.0.1168.152 |
| Ubuntu Ubuntu | =16.04 | |
| All of | ||
| ubuntu/linux-image-gcp | <4.15.0.1153.143 | 4.15.0.1153.143 |
| Ubuntu Ubuntu | =16.04 | |
| All of | ||
| ubuntu/linux-image-generic-hwe-16.04 | <4.15.0.214.199 | 4.15.0.214.199 |
| Ubuntu Ubuntu | =16.04 | |
| All of | ||
| ubuntu/linux-image-gke | <4.15.0.1153.143 | 4.15.0.1153.143 |
| Ubuntu Ubuntu | =16.04 | |
| All of | ||
| ubuntu/linux-image-lowlatency-hwe-16.04 | <4.15.0.214.199 | 4.15.0.214.199 |
| Ubuntu Ubuntu | =16.04 | |
| All of | ||
| ubuntu/linux-image-oem | <4.15.0.214.199 | 4.15.0.214.199 |
| Ubuntu Ubuntu | =16.04 | |
| All of | ||
| ubuntu/linux-image-oracle | <4.15.0.1122.103 | 4.15.0.1122.103 |
| Ubuntu Ubuntu | =16.04 | |
| All of | ||
| ubuntu/linux-image-virtual-hwe-16.04 | <4.15.0.214.199 | 4.15.0.214.199 |
| Ubuntu Ubuntu | =16.04 | |
| All of | ||
| ubuntu/linux-image-4.15.0-1168-azure | <4.15.0-1168.183~14.04.1 | 4.15.0-1168.183~14.04.1 |
| Ubuntu Ubuntu | =14.04 | |
| All of | ||
| ubuntu/linux-image-azure | <4.15.0.1168.134 | 4.15.0.1168.134 |
| Ubuntu Ubuntu | =14.04 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://ubuntu.com/security/CVE-2023-3390
- https://ubuntu.com/security/CVE-2023-1990
- https://ubuntu.com/security/CVE-2023-3268
- https://ubuntu.com/security/CVE-2023-1670
- https://ubuntu.com/security/CVE-2022-1184
- https://ubuntu.com/security/CVE-2023-1859
- https://ubuntu.com/security/CVE-2023-3141
- https://ubuntu.com/security/CVE-2023-3111
- https://ubuntu.com/security/CVE-2023-2124
- https://ubuntu.com/security/CVE-2023-35001
- https://ubuntu.com/security/CVE-2023-3090
- https://ubuntu.com/security/CVE-2022-3303
- https://ubuntu.com/security/CVE-2023-1611
- https://ubuntu.com/security/notices/USN-6246-1
- https://ubuntu.com/security/notices/USN-6250-1
- https://ubuntu.com/security/notices/USN-6251-1
- https://ubuntu.com/security/notices/USN-6254-1
- https://ubuntu.com/security/notices/USN-6255-1
- https://ubuntu.com/security/notices/USN-6260-1
- https://ubuntu.com/security/notices/USN-6261-1
- https://ubuntu.com/security/notices/USN-6285-1
- https://ubuntu.com/security/notices/LSN-0097-1
- https://ubuntu.com/security/notices/USN-6385-1
- https://ubuntu.com/security/notices/USN-6033-1
- https://ubuntu.com/security/notices/USN-6175-1
- https://ubuntu.com/security/notices/USN-6186-1
- https://ubuntu.com/security/notices/USN-6221-1
- https://ubuntu.com/security/notices/USN-6284-1
- https://ubuntu.com/security/notices/USN-6300-1
- https://ubuntu.com/security/notices/USN-6301-1
- https://ubuntu.com/security/notices/USN-6311-1
- https://ubuntu.com/security/notices/USN-6312-1
- https://ubuntu.com/security/notices/USN-6314-1
- https://ubuntu.com/security/notices/USN-6331-1
- https://ubuntu.com/security/notices/USN-6332-1
- https://ubuntu.com/security/notices/USN-6337-1
- https://ubuntu.com/security/notices/USN-6347-1
- https://ubuntu.com/security/notices/USN-6283-1
- https://ubuntu.com/security/notices/USN-6340-1
- https://ubuntu.com/security/notices/USN-6349-1
- https://ubuntu.com/security/notices/USN-6340-2
- https://ubuntu.com/security/notices/USN-6357-1
- https://ubuntu.com/security/notices/USN-6397-1
- https://ubuntu.com/security/notices/USN-6045-1
- https://ubuntu.com/security/notices/USN-6123-1
- https://ubuntu.com/security/notices/USN-6124-1
- https://ubuntu.com/security/notices/USN-6171-1
- https://ubuntu.com/security/notices/USN-6172-1
- https://ubuntu.com/security/notices/USN-6185-1
- https://ubuntu.com/security/notices/USN-6187-1
- https://ubuntu.com/security/notices/USN-6207-1
- https://ubuntu.com/security/notices/USN-6222-1
- https://ubuntu.com/security/notices/USN-6223-1
- https://ubuntu.com/security/notices/USN-6256-1
- https://ubuntu.com/security/notices/USN-6056-1
- https://ubuntu.com/security/notices/USN-6071-1
- https://ubuntu.com/security/notices/USN-6072-1
- https://ubuntu.com/security/notices/USN-6231-1
- https://ubuntu.com/security/notices/USN-6206-1
- https://ubuntu.com/security/notices/USN-6224-1
- https://ubuntu.com/security/notices/USN-6228-1
- https://ubuntu.com/security/notices/USN-6235-1
- https://ubuntu.com/security/notices/LSN-0096-1
- https://ubuntu.com/security/notices/USN-6247-1
- https://ubuntu.com/security/notices/USN-6248-1
- https://ubuntu.com/security/notices/USN-6460-1
- https://ubuntu.com/security/notices/LSN-0098-1
- https://ubuntu.com/security/notices/USN-5791-1
- https://ubuntu.com/security/notices/USN-5792-1
- https://ubuntu.com/security/notices/USN-5793-1
- https://ubuntu.com/security/notices/USN-5792-2
- https://ubuntu.com/security/notices/USN-5793-2
- https://ubuntu.com/security/notices/USN-5793-3
- https://ubuntu.com/security/notices/USN-5793-4
- https://ubuntu.com/security/notices/USN-5877-1
- https://ubuntu.com/security/notices/USN-5791-2
- https://ubuntu.com/security/notices/USN-5791-3
- https://ubuntu.com/security/notices/USN-5815-1
- https://ubuntu.com/security/notices/USN-6001-1
- https://ubuntu.com/security/notices/USN-6013-1
- https://ubuntu.com/security/notices/USN-6014-1
- https://ubuntu.com/security/notices/USN-6252-1 (Advisory)
Child vulnerabilities
(Contains the following vulnerabilities)
- agent/weakness
- agent/type
- agent/severity
- agent/references
- agent/last-modified-date
- agent/first-publish-date
- agent/softwarecombine
- agent/title
- agent/event
- agent/description
- agent/tags
- collector/usn
- source/Ubuntu
- anchor-related/USN-6246-1
- anchor-related/USN-6250-1
- anchor-related/USN-6251-1
- anchor-related/USN-6254-1
- anchor-related/USN-6255-1
- anchor-related/USN-6260-1
- anchor-related/USN-6261-1
- anchor-related/USN-6285-1
- anchor-related/USN-6385-1
- anchor-related/USN-6033-1
- anchor-related/USN-6175-1
- anchor-related/USN-6186-1
- anchor-related/USN-6221-1
- anchor-related/USN-6284-1
- anchor-related/USN-6300-1
- anchor-related/USN-6301-1
- anchor-related/USN-6311-1
- anchor-related/USN-6312-1
- anchor-related/USN-6314-1
- anchor-related/USN-6331-1
- anchor-related/USN-6332-1
- anchor-related/USN-6337-1
- anchor-related/USN-6347-1
- anchor-related/USN-6283-1
- anchor-related/USN-6340-1
- anchor-related/USN-6349-1
- anchor-related/USN-6340-2
- anchor-related/USN-6357-1
- anchor-related/USN-6397-1
- anchor-related/USN-6045-1
- anchor-related/USN-6123-1
- anchor-related/USN-6124-1
- anchor-related/USN-6171-1
- anchor-related/USN-6172-1
- anchor-related/USN-6185-1
- anchor-related/USN-6187-1
- anchor-related/USN-6207-1
- anchor-related/USN-6222-1
- anchor-related/USN-6223-1
- anchor-related/USN-6256-1
- anchor-related/USN-6056-1
- anchor-related/USN-6071-1
- anchor-related/USN-6072-1
- anchor-related/USN-6231-1
- anchor-related/USN-6206-1
- anchor-related/USN-6224-1
- anchor-related/USN-6228-1
- anchor-related/USN-6235-1
- anchor-related/USN-6247-1
- anchor-related/USN-6248-1
- anchor-related/USN-6460-1
- anchor-related/USN-5791-1
- anchor-related/USN-5792-1
- anchor-related/USN-5793-1
- anchor-related/USN-5792-2
- anchor-related/USN-5793-2
- anchor-related/USN-5793-3
- anchor-related/USN-5793-4
- anchor-related/USN-5877-1
- anchor-related/USN-5791-2
- anchor-related/USN-5791-3
- anchor-related/USN-5815-1
- anchor-related/USN-6001-1
- anchor-related/USN-6013-1
- anchor-related/USN-6014-1
- agent/software-canonical-lookup
- package-manager/ubuntu
- vendor/ubuntu
- canonical/ubuntu ubuntu
- version/ubuntu ubuntu/18.04
- version/ubuntu ubuntu/16.04
- version/ubuntu ubuntu/14.04