UbuntuUSN-6207-1Linux kernel (Intel IoTG) vulnerabilities
Releases
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
Packages
- linux-intel-iotg - Linux kernel for Intel IoT platforms
- linux-intel-iotg-5.15 - Linux kernel for Intel IoT platforms
Details
It was discovered that the TUN/TAP driver in the Linux kernel did not
properly initialize socket data. A local attacker could use this to cause a
denial of service (system crash). (CVE-2023-1076)
It was discovered that the Real-Time Scheduling Class implementation in the
Linux kernel contained a type confusion vulnerability in some situations. A
local attacker could use this to cause a denial of service (system crash).
(CVE-2023-1077)
It was discovered that the ASUS HID driver in the Linux kernel did not
properly handle device removal, leading to a use-after-free vulnerability.
A local attacker with physical access could plug in a specially crafted USB
device to cause a denial of service (system crash). (CVE-2023-1079)
It was discovered that the Xircom PCMCIA network device driver in the Linux
kernel did not properly handle device removal events. A physically
proximate attacker could use this to cause a denial of service (system
crash). (CVE-2023-1670)
It was discovered that a race condition existed in the Xen transport layer
implementation for the 9P file system protocol in the Linux kernel, leading
to a use-after-free vulnerability. A local attacker could use this to cause
a denial of service (guest crash) or expose sensitive information (guest
kernel memory). (CVE-2023-1859)
Jose Oliveira and Rodrigo Branco discovered that the Spectre Variant 2
mitigations with prctl syscall were insufficient in some situations. A
local attacker could possibly use this to expose sensitive information.
(CVE-2023-1998)
It was discovered that the BigBen Interactive Kids’ gamepad driver in the
Linux kernel did not properly handle device removal, leading to a use-
after-free vulnerability. A local attacker with physical access could plug
in a specially crafted USB device to cause a denial of service (system
crash). (CVE-2023-25012)
It was discovered that a use-after-free vulnerability existed in the HFS+
file system implementation in the Linux kernel. A local attacker could
possibly use this to cause a denial of service (system crash).
(CVE-2023-2985)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 22.04 | noarch | linux-image-5.15.0-1033-intel-iotg | <Â 5.15.0-1033.38 | UNKNOWN |
| Ubuntu | 22.04 | noarch | linux-image-5.15.0-1033-intel-iotg-dbgsym | <Â 5.15.0-1033.38 | UNKNOWN |
| Ubuntu | 22.04 | noarch | linux-image-intel-iotg | <Â 5.15.0.1033.32 | UNKNOWN |
| Ubuntu | 22.04 | noarch | linux-headers-intel-iotg | <Â 5.15.0.1033.32 | UNKNOWN |
| Ubuntu | 22.04 | noarch | linux-intel-iotg | <Â 5.15.0.1033.32 | UNKNOWN |
| Ubuntu | 22.04 | noarch | linux-tools-intel-iotg | <Â 5.15.0.1033.32 | UNKNOWN |
| Ubuntu | 20.04 | noarch | linux-image-intel-iotg | <Â 5.15.0.1033.38~20.04.24 | UNKNOWN |
| Ubuntu | 20.04 | noarch | linux-cloud-tools-intel | <Â 5.15.0.1033.38~20.04.24 | UNKNOWN |
| Ubuntu | 20.04 | noarch | linux-headers-intel | <Â 5.15.0.1033.38~20.04.24 | UNKNOWN |
| Ubuntu | 20.04 | noarch | linux-headers-intel-iotg | <Â 5.15.0.1033.38~20.04.24 | UNKNOWN |
Related
