USN-6412-1: Linux kernel vulnerabilities
First published: Thu Oct 05 2023(Updated: )
Hyunwoo Kim discovered that the DVB Core driver in the Linux kernel contained a race condition during device removal, leading to a use-after- free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-45886, CVE-2022-45919) Hyunwoo Kim discovered that the Technotrend/Hauppauge USB DEC driver in the Linux kernel did not properly handle device removal events. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2022-45887) It was discovered that the NTFS file system implementation in the Linux kernel did not properly validate MFT flags in certain situations. An attacker could use this to construct a malicious NTFS image that, when mounted and operated on, could cause a denial of service (system crash). (CVE-2022-48425) It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker could use this to cause a denial of service (excessive CPU consumption). (CVE-2023-1206) Daniel Trujillo, Johannes Wikner, and Kaveh Razavi discovered that some AMD processors utilising speculative execution and branch prediction may allow unauthorised memory reads via a speculative side-channel attack. A local attacker could use this to expose sensitive information, including kernel memory. (CVE-2023-20569) It was discovered that the IPv6 RPL protocol implementation in the Linux kernel did not properly handle user-supplied data. A remote attacker could use this to cause a denial of service (system crash). (CVE-2023-2156) Yang Lan discovered that the GFS2 file system implementation in the Linux kernel could attempt to dereference a null pointer in some situations. An attacker could use this to construct a malicious GFS2 image that, when mounted and operated on, could cause a denial of service (system crash). (CVE-2023-3212) It was discovered that the KSMBD implementation in the Linux kernel did not properly validate buffer sizes in certain operations, leading to an integer underflow and out-of-bounds read vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-38427) Chih-Yen Chang discovered that the KSMBD implementation in the Linux kernel did not properly validate packet header sizes in certain situations, leading to an out-of-bounds read vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-38431) Andy Nguyen discovered that the KVM implementation for AMD processors in the Linux kernel with Secure Encrypted Virtualization (SEV) contained a race condition when accessing the GHCB page. A local attacker in a SEV guest VM could possibly use this to cause a denial of service (host system crash). (CVE-2023-4155) It was discovered that the TUN/TAP driver in the Linux kernel did not properly initialize socket data. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-4194) Maxim Suhanov discovered that the exFAT file system implementation in the Linux kernel did not properly check a file name length, leading to an out- of-bounds write vulnerability. An attacker could use this to construct a malicious exFAT image that, when mounted and operated on, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4273)
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| ubuntu/linux-image-6.2.0-1006-starfive | <6.2.0-1006.7 | 6.2.0-1006.7 |
| =23.04 | ||
| All of | ||
| ubuntu/linux-image-6.2.0-1013-aws | <6.2.0-1013.13 | 6.2.0-1013.13 |
| =23.04 | ||
| All of | ||
| ubuntu/linux-image-6.2.0-1013-oracle | <6.2.0-1013.13 | 6.2.0-1013.13 |
| =23.04 | ||
| All of | ||
| ubuntu/linux-image-6.2.0-1014-azure | <6.2.0-1014.14 | 6.2.0-1014.14 |
| =23.04 | ||
| All of | ||
| ubuntu/linux-image-6.2.0-1014-kvm | <6.2.0-1014.14 | 6.2.0-1014.14 |
| =23.04 | ||
| All of | ||
| ubuntu/linux-image-6.2.0-1014-lowlatency | <6.2.0-1014.14 | 6.2.0-1014.14 |
| =23.04 | ||
| All of | ||
| ubuntu/linux-image-6.2.0-1014-lowlatency-64k | <6.2.0-1014.14 | 6.2.0-1014.14 |
| =23.04 | ||
| All of | ||
| ubuntu/linux-image-6.2.0-1014-raspi | <6.2.0-1014.16 | 6.2.0-1014.16 |
| =23.04 | ||
| All of | ||
| ubuntu/linux-image-6.2.0-1016-gcp | <6.2.0-1016.18 | 6.2.0-1016.18 |
| =23.04 | ||
| All of | ||
| ubuntu/linux-image-6.2.0-34-generic | <6.2.0-34.34 | 6.2.0-34.34 |
| =23.04 | ||
| All of | ||
| ubuntu/linux-image-6.2.0-34-generic-64k | <6.2.0-34.34 | 6.2.0-34.34 |
| =23.04 | ||
| All of | ||
| ubuntu/linux-image-6.2.0-34-generic-lpae | <6.2.0-34.34 | 6.2.0-34.34 |
| =23.04 | ||
| All of | ||
| ubuntu/linux-image-aws | <6.2.0.1013.14 | 6.2.0.1013.14 |
| =23.04 | ||
| All of | ||
| ubuntu/linux-image-azure | <6.2.0.1014.14 | 6.2.0.1014.14 |
| =23.04 | ||
| All of | ||
| ubuntu/linux-image-gcp | <6.2.0.1016.16 | 6.2.0.1016.16 |
| =23.04 | ||
| All of | ||
| ubuntu/linux-image-generic | <6.2.0.34.34 | 6.2.0.34.34 |
| =23.04 | ||
| All of | ||
| ubuntu/linux-image-generic-64k | <6.2.0.34.34 | 6.2.0.34.34 |
| =23.04 | ||
| All of | ||
| ubuntu/linux-image-generic-lpae | <6.2.0.34.34 | 6.2.0.34.34 |
| =23.04 | ||
| All of | ||
| ubuntu/linux-image-kvm | <6.2.0.1014.14 | 6.2.0.1014.14 |
| =23.04 | ||
| All of | ||
| ubuntu/linux-image-lowlatency | <6.2.0.1014.14 | 6.2.0.1014.14 |
| =23.04 | ||
| All of | ||
| ubuntu/linux-image-lowlatency-64k | <6.2.0.1014.14 | 6.2.0.1014.14 |
| =23.04 | ||
| All of | ||
| ubuntu/linux-image-oracle | <6.2.0.1013.13 | 6.2.0.1013.13 |
| =23.04 | ||
| All of | ||
| ubuntu/linux-image-raspi | <6.2.0.1014.17 | 6.2.0.1014.17 |
| =23.04 | ||
| All of | ||
| ubuntu/linux-image-raspi-nolpae | <6.2.0.1014.17 | 6.2.0.1014.17 |
| =23.04 | ||
| All of | ||
| ubuntu/linux-image-starfive | <6.2.0.1006.9 | 6.2.0.1006.9 |
| =23.04 | ||
| All of | ||
| ubuntu/linux-image-virtual | <6.2.0.34.34 | 6.2.0.34.34 |
| =23.04 | ||
| All of | ||
| ubuntu/linux-image-6.2.0-1013-aws | <6.2.0-1013.13~22.04.1 | 6.2.0-1013.13~22.04.1 |
| =22.04 | ||
| All of | ||
| ubuntu/linux-image-6.2.0-1014-azure | <6.2.0-1014.14~22.04.1 | 6.2.0-1014.14~22.04.1 |
| =22.04 | ||
| All of | ||
| ubuntu/linux-image-6.2.0-1014-azure-fde | <6.2.0-1014.14~22.04.1.1 | 6.2.0-1014.14~22.04.1.1 |
| =22.04 | ||
| All of | ||
| ubuntu/linux-image-6.2.0-1014-lowlatency | <6.2.0-1014.14~22.04.1 | 6.2.0-1014.14~22.04.1 |
| =22.04 | ||
| All of | ||
| ubuntu/linux-image-6.2.0-1014-lowlatency-64k | <6.2.0-1014.14~22.04.1 | 6.2.0-1014.14~22.04.1 |
| =22.04 | ||
| All of | ||
| ubuntu/linux-image-6.2.0-1016-gcp | <6.2.0-1016.18~22.04.1 | 6.2.0-1016.18~22.04.1 |
| =22.04 | ||
| All of | ||
| ubuntu/linux-image-6.2.0-34-generic | <6.2.0-34.34~22.04.1 | 6.2.0-34.34~22.04.1 |
| =22.04 | ||
| All of | ||
| ubuntu/linux-image-6.2.0-34-generic-64k | <6.2.0-34.34~22.04.1 | 6.2.0-34.34~22.04.1 |
| =22.04 | ||
| All of | ||
| ubuntu/linux-image-6.2.0-34-generic-lpae | <6.2.0-34.34~22.04.1 | 6.2.0-34.34~22.04.1 |
| =22.04 | ||
| All of | ||
| ubuntu/linux-image-aws | <6.2.0.1013.13~22.04.1 | 6.2.0.1013.13~22.04.1 |
| =22.04 | ||
| All of | ||
| ubuntu/linux-image-azure | <6.2.0.1014.14~22.04.1 | 6.2.0.1014.14~22.04.1 |
| =22.04 | ||
| All of | ||
| ubuntu/linux-image-azure-fde | <6.2.0.1014.14~22.04.1.11 | 6.2.0.1014.14~22.04.1.11 |
| =22.04 | ||
| All of | ||
| ubuntu/linux-image-gcp | <6.2.0.1016.18~22.04.1 | 6.2.0.1016.18~22.04.1 |
| =22.04 | ||
| All of | ||
| ubuntu/linux-image-generic-64k-hwe-22.04 | <6.2.0.34.34~22.04.11 | 6.2.0.34.34~22.04.11 |
| =22.04 | ||
| All of | ||
| ubuntu/linux-image-generic-hwe-22.04 | <6.2.0.34.34~22.04.11 | 6.2.0.34.34~22.04.11 |
| =22.04 | ||
| All of | ||
| ubuntu/linux-image-generic-lpae-hwe-22.04 | <6.2.0.34.34~22.04.11 | 6.2.0.34.34~22.04.11 |
| =22.04 | ||
| All of | ||
| ubuntu/linux-image-lowlatency-64k-hwe-22.04 | <6.2.0.1014.14~22.04.11 | 6.2.0.1014.14~22.04.11 |
| =22.04 | ||
| All of | ||
| ubuntu/linux-image-lowlatency-hwe-22.04 | <6.2.0.1014.14~22.04.11 | 6.2.0.1014.14~22.04.11 |
| =22.04 | ||
| All of | ||
| ubuntu/linux-image-virtual-hwe-22.04 | <6.2.0.34.34~22.04.11 | 6.2.0.34.34~22.04.11 |
| =22.04 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://ubuntu.com/security/CVE-2023-38427
- https://ubuntu.com/security/CVE-2023-4273
- https://ubuntu.com/security/CVE-2023-1206
- https://ubuntu.com/security/CVE-2022-45919
- https://ubuntu.com/security/CVE-2022-48425
- https://ubuntu.com/security/CVE-2022-45887
- https://ubuntu.com/security/CVE-2023-4155
- https://ubuntu.com/security/CVE-2022-45886
- https://ubuntu.com/security/CVE-2023-20569
- https://ubuntu.com/security/CVE-2023-3212
- https://ubuntu.com/security/CVE-2023-38431
- https://ubuntu.com/security/CVE-2023-4194
- https://ubuntu.com/security/CVE-2023-2156
- https://ubuntu.com/security/notices/USN-6466-1
- https://ubuntu.com/security/notices/USN-6725-1
- https://ubuntu.com/security/notices/USN-6725-2
- https://ubuntu.com/security/notices/USN-6343-1
- https://ubuntu.com/security/notices/USN-6385-1
- https://ubuntu.com/security/notices/USN-6416-1
- https://ubuntu.com/security/notices/USN-6416-2
- https://ubuntu.com/security/notices/USN-6416-3
- https://ubuntu.com/security/notices/USN-6445-1
- https://ubuntu.com/security/notices/USN-6445-2
- https://ubuntu.com/security/notices/USN-6417-1
- https://ubuntu.com/security/notices/USN-6439-1
- https://ubuntu.com/security/notices/USN-6440-1
- https://ubuntu.com/security/notices/USN-6440-2
- https://ubuntu.com/security/notices/USN-6439-2
- https://ubuntu.com/security/notices/USN-6440-3
- https://ubuntu.com/security/notices/USN-6460-1
- https://ubuntu.com/security/notices/USN-6339-1
- https://ubuntu.com/security/notices/USN-6350-1
- https://ubuntu.com/security/notices/USN-6351-1
- https://ubuntu.com/security/notices/USN-6339-2
- https://ubuntu.com/security/notices/USN-6339-3
- https://ubuntu.com/security/notices/USN-6339-4
- https://ubuntu.com/security/notices/USN-6319-1
- https://ubuntu.com/security/notices/USN-6415-1
- https://ubuntu.com/security/notices/USN-6231-1
- https://ubuntu.com/security/notices/USN-6388-1
- https://ubuntu.com/security/notices/USN-6396-1
- https://ubuntu.com/security/notices/USN-6396-2
- https://ubuntu.com/security/notices/USN-6396-3
- https://ubuntu.com/security/notices/USN-6173-1
- https://launchpad.net/ubuntu/+source/linux-starfive/6.2.0-1006.7
- https://launchpad.net/ubuntu/+source/linux-signed-aws/6.2.0-1013.13
- https://launchpad.net/ubuntu/+source/linux-signed-oracle/6.2.0-1013.13
- https://launchpad.net/ubuntu/+source/linux-signed-azure/6.2.0-1014.14
- https://launchpad.net/ubuntu/+source/linux-signed-kvm/6.2.0-1014.14
- https://launchpad.net/ubuntu/+source/linux-signed-lowlatency/6.2.0-1014.14
- https://launchpad.net/ubuntu/+source/linux-raspi/6.2.0-1014.16
- https://launchpad.net/ubuntu/+source/linux-signed-gcp/6.2.0-1016.18
- https://launchpad.net/ubuntu/+source/linux-signed/6.2.0-34.34
- https://launchpad.net/ubuntu/+source/linux/6.2.0-34.34
- https://launchpad.net/ubuntu/+source/linux-meta-aws/6.2.0.1013.14
- https://launchpad.net/ubuntu/+source/linux-meta-azure/6.2.0.1014.14
- https://launchpad.net/ubuntu/+source/linux-meta-gcp/6.2.0.1016.16
- https://launchpad.net/ubuntu/+source/linux-meta/6.2.0.34.34
- https://launchpad.net/ubuntu/+source/linux-meta-kvm/6.2.0.1014.14
- https://launchpad.net/ubuntu/+source/linux-meta-lowlatency/6.2.0.1014.14
- https://launchpad.net/ubuntu/+source/linux-meta-oracle/6.2.0.1013.13
- https://launchpad.net/ubuntu/+source/linux-meta-raspi/6.2.0.1014.17
- https://launchpad.net/ubuntu/+source/linux-meta-starfive/6.2.0.1006.9
- https://launchpad.net/ubuntu/+source/linux-signed-aws-6.2/6.2.0-1013.13~22.04.1
- https://launchpad.net/ubuntu/+source/linux-signed-azure-6.2/6.2.0-1014.14~22.04.1
- https://launchpad.net/ubuntu/+source/linux-signed-azure-fde-6.2/6.2.0-1014.14~22.04.1.1
- https://launchpad.net/ubuntu/+source/linux-signed-lowlatency-hwe-6.2/6.2.0-1014.14~22.04.1
- https://launchpad.net/ubuntu/+source/linux-signed-gcp-6.2/6.2.0-1016.18~22.04.1
- https://launchpad.net/ubuntu/+source/linux-signed-hwe-6.2/6.2.0-34.34~22.04.1
- https://launchpad.net/ubuntu/+source/linux-hwe-6.2/6.2.0-34.34~22.04.1
- https://launchpad.net/ubuntu/+source/linux-meta-aws-6.2/6.2.0.1013.13~22.04.1
- https://launchpad.net/ubuntu/+source/linux-meta-azure-6.2/6.2.0.1014.14~22.04.1
- https://launchpad.net/ubuntu/+source/linux-meta-azure-fde-6.2/6.2.0.1014.14~22.04.1.11
- https://launchpad.net/ubuntu/+source/linux-meta-gcp-6.2/6.2.0.1016.18~22.04.1
- https://launchpad.net/ubuntu/+source/linux-meta-hwe-6.2/6.2.0.34.34~22.04.11
- https://launchpad.net/ubuntu/+source/linux-meta-lowlatency-hwe-6.2/6.2.0.1014.14~22.04.11
- https://ubuntu.com/security/notices/USN-6412-1 (Advisory)
Child vulnerabilities
(Contains the following vulnerabilities)
- agent/severity
- agent/type
- agent/softwarecombine
- agent/title
- agent/weakness
- agent/description
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/references
- agent/tags
- agent/trending
- collector/usn
- source/Ubuntu
- agent/software-canonical-lookup
- package-manager/ubuntu
- vendor/ubuntu
- canonical/ubuntu ubuntu
- version/ubuntu ubuntu/23.04
- version/ubuntu ubuntu/22.04