USN-6680-2: Linux kernel vulnerabilities

First published: Fri Mar 08 2024(Updated: )

黄思聪 discovered that the NFC Controller Interface (NCI) implementation in the Linux kernel did not properly handle certain memory allocation failure conditions, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-46343) It was discovered that a race condition existed in the Bluetooth subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51779) It was discovered that a race condition existed in the Rose X.25 protocol implementation in the Linux kernel, leading to a use-after- free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51782) Alon Zahavi discovered that the NVMe-oF/TCP subsystem of the Linux kernel did not properly handle connect command payloads in certain situations, leading to an out-of-bounds read vulnerability. A remote attacker could use this to expose sensitive information (kernel memory). (CVE-2023-6121) Jann Horn discovered that the io_uring subsystem in the Linux kernel contained an out-of-bounds access vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-6560) Dan Carpenter discovered that the netfilter subsystem in the Linux kernel did not store data in properly sized memory locations. A local user could use this to cause a denial of service (system crash). (CVE-2024-0607) Supraja Sridhara, Benedict Schlüter, Mark Kuhne, Andrin Bertschi, and Shweta Shinde discovered that the Confidential Computing framework in the Linux kernel for x86 platforms did not properly handle 32-bit emulation on TDX and SEV. An attacker with access to the VMM could use this to cause a denial of service (guest crash) or possibly execute arbitrary code. (CVE-2024-25744)

Affected Software	Affected Version	How to fix
All of
ubuntu/linux-image-6.5.0-1016-azure	<6.5.0-1016.16	6.5.0-1016.16
Ubuntu Ubuntu	=23.10
All of
ubuntu/linux-image-6.5.0-1016-azure-fde	<6.5.0-1016.16	6.5.0-1016.16
Ubuntu Ubuntu	=23.10
All of
ubuntu/linux-image-azure	<6.5.0.1016.18	6.5.0.1016.18
Ubuntu Ubuntu	=23.10
All of
ubuntu/linux-image-azure-fde	<6.5.0.1016.18	6.5.0.1016.18
Ubuntu Ubuntu	=23.10
All of
ubuntu/linux-image-6.5.0-1016-azure	<6.5.0-1016.16~22.04.1	6.5.0-1016.16~22.04.1
Ubuntu Ubuntu	=22.04
All of
ubuntu/linux-image-6.5.0-1016-azure-fde	<6.5.0-1016.16~22.04.1	6.5.0-1016.16~22.04.1
Ubuntu Ubuntu	=22.04
All of
ubuntu/linux-image-6.5.0-25-generic	<6.5.0-25.25~22.04.1	6.5.0-25.25~22.04.1
Ubuntu Ubuntu	=22.04
All of
ubuntu/linux-image-6.5.0-25-generic-64k	<6.5.0-25.25~22.04.1	6.5.0-25.25~22.04.1
Ubuntu Ubuntu	=22.04
All of
ubuntu/linux-image-azure	<6.5.0.1016.16~22.04.1	6.5.0.1016.16~22.04.1
Ubuntu Ubuntu	=22.04
All of
ubuntu/linux-image-azure-fde	<6.5.0.1016.16~22.04.1	6.5.0.1016.16~22.04.1
Ubuntu Ubuntu	=22.04
All of
ubuntu/linux-image-generic-64k-hwe-22.04	<6.5.0.25.25~22.04.12	6.5.0.25.25~22.04.12
Ubuntu Ubuntu	=22.04
All of
ubuntu/linux-image-generic-hwe-22.04	<6.5.0.25.25~22.04.12	6.5.0.25.25~22.04.12
Ubuntu Ubuntu	=22.04
All of
ubuntu/linux-image-virtual-hwe-22.04	<6.5.0.25.25~22.04.12	6.5.0.25.25~22.04.12
Ubuntu Ubuntu	=22.04

Never miss a vulnerability like this again

Reference Links

Child vulnerabilities

(Contains the following vulnerabilities)

agent/title
agent/weakness
agent/severity
agent/last-modified-date
agent/softwarecombine
agent/event
agent/type
agent/description
agent/first-publish-date
agent/references
agent/trending
agent/tags
collector/usn
source/Ubuntu
agent/software-canonical-lookup
package-manager/ubuntu
vendor/ubuntu
canonical/ubuntu ubuntu
version/ubuntu ubuntu/23.10
version/ubuntu ubuntu/22.04

USN-6680-2: Linux kernel vulnerabilities

Never miss a vulnerability like this again

Reference Links

Child vulnerabilities

Company

Resources

Contact