USN-6532-1: Linux kernel vulnerabilities
First published: Tue Dec 05 2023(Updated: )
Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information. (CVE-2023-20593) Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-31085) Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate some attributes passed from userspace. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2023-39189) Sunjoo Park discovered that the netfilter subsystem in the Linux kernel did not properly validate u32 packets content, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39192) Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate SCTP data, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39193) Lucas Leong discovered that the Netlink Transformation (XFRM) subsystem in the Linux kernel did not properly handle state filters, leading to an out- of-bounds read vulnerability. A privileged local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39194) Kyle Zeng discovered that the IPv4 implementation in the Linux kernel did not properly handle socket buffers (skb) when performing IP routing in certain circumstances, leading to a null pointer dereference vulnerability. A privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-42754) It was discovered that the USB ENE card reader driver in the Linux kernel did not properly allocate enough memory when processing the storage device boot blocks. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-45862) Manfred Rudigier discovered that the Intel(R) PCI-Express Gigabit (igb) Ethernet driver in the Linux kernel did not properly validate received frames that are larger than the set MTU size, leading to a buffer overflow vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-45871) Budimir Markovic discovered that the perf subsystem in the Linux kernel did not properly handle event groups, leading to an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-5717)
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| ubuntu/linux-image-4.4.0-1126-kvm | <4.4.0-1126.136 | 4.4.0-1126.136 |
| Ubuntu Ubuntu | =16.04 | |
| All of | ||
| ubuntu/linux-image-4.4.0-1163-aws | <4.4.0-1163.178 | 4.4.0-1163.178 |
| Ubuntu Ubuntu | =16.04 | |
| All of | ||
| ubuntu/linux-image-4.4.0-248-generic | <4.4.0-248.282 | 4.4.0-248.282 |
| Ubuntu Ubuntu | =16.04 | |
| All of | ||
| ubuntu/linux-image-4.4.0-248-lowlatency | <4.4.0-248.282 | 4.4.0-248.282 |
| Ubuntu Ubuntu | =16.04 | |
| All of | ||
| ubuntu/linux-image-aws | <4.4.0.1163.167 | 4.4.0.1163.167 |
| Ubuntu Ubuntu | =16.04 | |
| All of | ||
| ubuntu/linux-image-generic | <4.4.0.248.254 | 4.4.0.248.254 |
| Ubuntu Ubuntu | =16.04 | |
| All of | ||
| ubuntu/linux-image-generic-lts-xenial | <4.4.0.248.254 | 4.4.0.248.254 |
| Ubuntu Ubuntu | =16.04 | |
| All of | ||
| ubuntu/linux-image-kvm | <4.4.0.1126.123 | 4.4.0.1126.123 |
| Ubuntu Ubuntu | =16.04 | |
| All of | ||
| ubuntu/linux-image-lowlatency | <4.4.0.248.254 | 4.4.0.248.254 |
| Ubuntu Ubuntu | =16.04 | |
| All of | ||
| ubuntu/linux-image-lowlatency-lts-xenial | <4.4.0.248.254 | 4.4.0.248.254 |
| Ubuntu Ubuntu | =16.04 | |
| All of | ||
| ubuntu/linux-image-virtual | <4.4.0.248.254 | 4.4.0.248.254 |
| Ubuntu Ubuntu | =16.04 | |
| All of | ||
| ubuntu/linux-image-virtual-lts-xenial | <4.4.0.248.254 | 4.4.0.248.254 |
| Ubuntu Ubuntu | =16.04 | |
| All of | ||
| ubuntu/linux-image-4.4.0-1125-aws | <4.4.0-1125.131 | 4.4.0-1125.131 |
| Ubuntu Ubuntu | =14.04 | |
| All of | ||
| ubuntu/linux-image-4.4.0-248-generic | <4.4.0-248.282~14.04.1 | 4.4.0-248.282~14.04.1 |
| Ubuntu Ubuntu | =14.04 | |
| All of | ||
| ubuntu/linux-image-4.4.0-248-lowlatency | <4.4.0-248.282~14.04.1 | 4.4.0-248.282~14.04.1 |
| Ubuntu Ubuntu | =14.04 | |
| All of | ||
| ubuntu/linux-image-aws | <4.4.0.1125.122 | 4.4.0.1125.122 |
| Ubuntu Ubuntu | =14.04 | |
| All of | ||
| ubuntu/linux-image-generic-lts-xenial | <4.4.0.248.215 | 4.4.0.248.215 |
| Ubuntu Ubuntu | =14.04 | |
| All of | ||
| ubuntu/linux-image-lowlatency-lts-xenial | <4.4.0.248.215 | 4.4.0.248.215 |
| Ubuntu Ubuntu | =14.04 | |
| All of | ||
| ubuntu/linux-image-virtual-lts-xenial | <4.4.0.248.215 | 4.4.0.248.215 |
| Ubuntu Ubuntu | =14.04 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://ubuntu.com/security/CVE-2023-45871
- https://ubuntu.com/security/CVE-2023-20593
- https://ubuntu.com/security/CVE-2023-39194
- https://ubuntu.com/security/CVE-2023-39193
- https://ubuntu.com/security/CVE-2023-42754
- https://ubuntu.com/security/CVE-2023-39192
- https://ubuntu.com/security/CVE-2023-45862
- https://ubuntu.com/security/CVE-2023-39189
- https://ubuntu.com/security/CVE-2023-31085
- https://ubuntu.com/security/CVE-2023-5717
- https://ubuntu.com/security/notices/USN-6494-1
- https://ubuntu.com/security/notices/USN-6495-1
- https://ubuntu.com/security/notices/USN-6496-1
- https://ubuntu.com/security/notices/USN-6502-1
- https://ubuntu.com/security/notices/USN-6516-1
- https://ubuntu.com/security/notices/USN-6502-2
- https://ubuntu.com/security/notices/USN-6502-3
- https://ubuntu.com/security/notices/USN-6520-1
- https://ubuntu.com/security/notices/USN-6494-2
- https://ubuntu.com/security/notices/USN-6495-2
- https://ubuntu.com/security/notices/USN-6496-2
- https://ubuntu.com/security/notices/USN-6502-4
- https://ubuntu.com/security/notices/USN-6244-1
- https://ubuntu.com/security/notices/USN-6315-1
- https://ubuntu.com/security/notices/USN-6316-1
- https://ubuntu.com/security/notices/USN-6317-1
- https://ubuntu.com/security/notices/USN-6318-1
- https://ubuntu.com/security/notices/USN-6321-1
- https://ubuntu.com/security/notices/USN-6324-1
- https://ubuntu.com/security/notices/USN-6325-1
- https://ubuntu.com/security/notices/USN-6328-1
- https://ubuntu.com/security/notices/USN-6329-1
- https://ubuntu.com/security/notices/USN-6330-1
- https://ubuntu.com/security/notices/USN-6331-1
- https://ubuntu.com/security/notices/USN-6332-1
- https://ubuntu.com/security/notices/USN-6342-1
- https://ubuntu.com/security/notices/USN-6346-1
- https://ubuntu.com/security/notices/USN-6348-1
- https://ubuntu.com/security/notices/USN-6342-2
- https://ubuntu.com/security/notices/USN-6357-1
- https://ubuntu.com/security/notices/USN-6385-1
- https://ubuntu.com/security/notices/USN-6397-1
- https://ubuntu.com/security/notices/USN-6534-1
- https://ubuntu.com/security/notices/USN-6549-1
- https://ubuntu.com/security/notices/USN-6548-1
- https://ubuntu.com/security/notices/USN-6534-2
- https://ubuntu.com/security/notices/USN-6549-2
- https://ubuntu.com/security/notices/USN-6548-2
- https://ubuntu.com/security/notices/USN-6534-3
- https://ubuntu.com/security/notices/USN-6548-3
- https://ubuntu.com/security/notices/USN-6549-3
- https://ubuntu.com/security/notices/USN-6549-4
- https://ubuntu.com/security/notices/USN-6548-4
- https://ubuntu.com/security/notices/USN-6549-5
- https://ubuntu.com/security/notices/USN-6548-5
- https://ubuntu.com/security/notices/USN-6635-1
- https://ubuntu.com/security/notices/USN-6461-1
- https://ubuntu.com/security/notices/USN-6536-1
- https://ubuntu.com/security/notices/USN-6537-1
- https://ubuntu.com/security/notices/USN-6573-1
- https://ubuntu.com/security/notices/USN-6503-1
- https://ubuntu.com/security/notices/USN-6572-1
- https://ubuntu.com/security/notices/USN-6497-1
- https://ubuntu.com/security/notices/USN-6532-1 (Advisory)
Child vulnerabilities
(Contains the following vulnerabilities)
Frequently Asked Questions
What is the severity of USN-6532-1?
The severity of USN-6532-1 is not specified.
How does the Linux kernel vulnerability CVE-2023-20593 affect AMD processors?
The CVE-2023-20593 vulnerability in the Linux kernel can expose sensitive information on some AMD processors due to improper handling of speculative execution.
How does the Linux kernel vulnerability CVE-2023-39194 affect the UBI driver?
The CVE-2023-39194 vulnerability in the Linux kernel can lead to improper checking in the UBI driver.
What is the recommended remedy for the Linux kernel vulnerability in Ubuntu 16.04 with package linux-image-4.4.0-1126-kvm?
The recommended remedy for the Linux kernel vulnerability in Ubuntu 16.04 with package linux-image-4.4.0-1126-kvm is to install version 4.4.0-1126.136.
What is the recommended remedy for the Linux kernel vulnerability in Ubuntu 14.04 with package linux-image-generic-lts-xenial?
The recommended remedy for the Linux kernel vulnerability in Ubuntu 14.04 with package linux-image-generic-lts-xenial is to install version 4.4.0.248.215.
- agent/weakness
- agent/severity
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- agent/title
- agent/references
- agent/softwarecombine
- agent/description
- agent/event
- agent/tags
- collector/usn
- source/Ubuntu
- anchor-related/USN-6494-1
- anchor-related/USN-6495-1
- anchor-related/USN-6496-1
- anchor-related/USN-6502-1
- anchor-related/USN-6516-1
- anchor-related/USN-6502-2
- anchor-related/USN-6502-3
- anchor-related/USN-6520-1
- anchor-related/USN-6494-2
- anchor-related/USN-6495-2
- anchor-related/USN-6496-2
- anchor-related/USN-6502-4
- anchor-related/USN-6244-1
- anchor-related/USN-6315-1
- anchor-related/USN-6316-1
- anchor-related/USN-6317-1
- anchor-related/USN-6318-1
- anchor-related/USN-6321-1
- anchor-related/USN-6324-1
- anchor-related/USN-6325-1
- anchor-related/USN-6328-1
- anchor-related/USN-6329-1
- anchor-related/USN-6330-1
- anchor-related/USN-6331-1
- anchor-related/USN-6332-1
- anchor-related/USN-6342-1
- anchor-related/USN-6346-1
- anchor-related/USN-6348-1
- anchor-related/USN-6342-2
- anchor-related/USN-6357-1
- anchor-related/USN-6385-1
- anchor-related/USN-6397-1
- anchor-related/USN-6534-1
- anchor-related/USN-6549-1
- anchor-related/USN-6548-1
- anchor-related/USN-6534-2
- anchor-related/USN-6549-2
- anchor-related/USN-6548-2
- anchor-related/USN-6534-3
- anchor-related/USN-6548-3
- anchor-related/USN-6549-3
- anchor-related/USN-6549-4
- anchor-related/USN-6548-4
- anchor-related/USN-6549-5
- anchor-related/USN-6548-5
- anchor-related/USN-6635-1
- anchor-related/USN-6461-1
- anchor-related/USN-6536-1
- anchor-related/USN-6537-1
- anchor-related/USN-6573-1
- anchor-related/USN-6503-1
- anchor-related/USN-6572-1
- anchor-related/USN-6497-1
- agent/software-canonical-lookup
- package-manager/ubuntu
- vendor/ubuntu
- canonical/ubuntu ubuntu
- version/ubuntu ubuntu/16.04
- version/ubuntu ubuntu/14.04