Lucene search

UbuntuUSN-6520-1

HistoryNov 28, 2023 - 12:00 a.m.

Linux kernel (StarFive) vulnerabilities

2023-11-2800:00:00

ubuntu.com

infiniband rdma

bluetooth hci

ubi driver

netlink transformation

ksmbd implementation

nfc implementation

siano usb mdtv

cypress touchscreen driver

ceph file system

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.6 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

69.3%

JSON

Releases

Ubuntu 22.04 LTS

Packages

linux-starfive-6.2 - Linux kernel for StarFive processors

Details

Ivan D Barrera, Christopher Bednarz, Mustafa Ismail, and Shiraz Saleem
discovered that the InfiniBand RDMA driver in the Linux kernel did not
properly check for zero-length STAG or MR registration. A remote attacker
could possibly use this to execute arbitrary code. (CVE-2023-25775)

Yu Hao and Weiteng Chen discovered that the Bluetooth HCI UART driver in
the Linux kernel contained a race condition, leading to a null pointer
dereference vulnerability. A local attacker could use this to cause a
denial of service (system crash). (CVE-2023-31083)

Yu Hao discovered that the UBI driver in the Linux kernel did not properly
check for MTD with zero erasesize during device attachment. A local
privileged attacker could use this to cause a denial of service (system
crash). (CVE-2023-31085)

Lin Ma discovered that the Netlink Transformation (XFRM) subsystem in the
Linux kernel contained a null pointer dereference vulnerability in some
situations. A local privileged attacker could use this to cause a denial of
service (system crash). (CVE-2023-3772)

Chih-Yen Chang discovered that the KSMBD implementation in the Linux kernel
did not properly validate SMB request protocol IDs, leading to a out-of-
bounds read vulnerability. A remote attacker could possibly use this to
cause a denial of service (system crash). (CVE-2023-38430)

Chih-Yen Chang discovered that the KSMBD implementation in the Linux kernel
did not properly validate command payload size, leading to a out-of-bounds
read vulnerability. A remote attacker could possibly use this to cause a
denial of service (system crash). (CVE-2023-38432)

It was discovered that the NFC implementation in the Linux kernel contained
a use-after-free vulnerability when performing peer-to-peer communication
in certain conditions. A privileged attacker could use this to cause a
denial of service (system crash) or possibly expose sensitive information
(kernel memory). (CVE-2023-3863)

Laurence Wit discovered that the KSMBD implementation in the Linux kernel
did not properly validate a buffer size in certain situations, leading to
an out-of-bounds read vulnerability. A remote attacker could use this to
cause a denial of service (system crash) or possibly expose sensitive
information. (CVE-2023-3865)

Laurence Wit discovered that the KSMBD implementation in the Linux kernel
contained a null pointer dereference vulnerability when handling handling
chained requests. A remote attacker could use this to cause a denial of
service (system crash). (CVE-2023-3866)

It was discovered that the KSMBD implementation in the Linux kernel did not
properly handle session setup requests, leading to an out-of-bounds read
vulnerability. A remote attacker could use this to expose sensitive
information. (CVE-2023-3867)

It was discovered that the Siano USB MDTV receiver device driver in the
Linux kernel did not properly handle device initialization failures in
certain situations, leading to a use-after-free vulnerability. A physically
proximate attacker could use this cause a denial of service (system crash).
(CVE-2023-4132)

It was discovered that a race condition existed in the Cypress touchscreen
driver in the Linux kernel during device removal, leading to a use-after-
free vulnerability. A physically proximate attacker could use this to cause
a denial of service (system crash) or possibly execute arbitrary code.
(CVE-2023-4134)

Thelford Williams discovered that the Ceph file system messenger protocol
implementation in the Linux kernel did not properly validate frame segment
length in certain situation, leading to a buffer overflow vulnerability. A
remote attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2023-44466)

Manfred Rudigier discovered that the Intel® PCI-Express Gigabit (igb)
Ethernet driver in the Linux kernel did not properly validate received
frames that are larger than the set MTU size, leading to a buffer overflow
vulnerability. An attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2023-45871)

Maxim Levitsky discovered that the KVM nested virtualization (SVM)
implementation for AMD processors in the Linux kernel did not properly
handle x2AVIC MSRs. An attacker in a guest VM could use this to cause a
denial of service (host kernel crash). (CVE-2023-5090)

It was discovered that the SMB network file sharing protocol implementation
in the Linux kernel did not properly handle certain error conditions,
leading to a use-after-free vulnerability. A local attacker could use this
to cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2023-5345)

OSVersionArchitecturePackageVersionFilename
Ubuntu22.04noarchlinux-image-6.2.0-1009-starfive< 6.2.0-1009.10~22.04.1UNKNOWN
Ubuntu22.04noarchlinux-buildinfo-6.2.0-1009-starfive< 6.2.0-1009.10~22.04.1UNKNOWN
Ubuntu22.04noarchlinux-headers-6.2.0-1009-starfive< 6.2.0-1009.10~22.04.1UNKNOWN
Ubuntu22.04noarchlinux-image-6.2.0-1009-starfive-dbgsym< 6.2.0-1009.10~22.04.1UNKNOWN
Ubuntu22.04noarchlinux-modules-6.2.0-1009-starfive< 6.2.0-1009.10~22.04.1UNKNOWN
Ubuntu22.04noarchlinux-modules-extra-6.2.0-1009-starfive< 6.2.0-1009.10~22.04.1UNKNOWN
Ubuntu22.04noarchlinux-starfive-6.2-headers-6.2.0-1009< 6.2.0-1009.10~22.04.1UNKNOWN
Ubuntu22.04noarchlinux-starfive-6.2-tools-6.2.0-1009< 6.2.0-1009.10~22.04.1UNKNOWN
Ubuntu22.04noarchlinux-tools-6.2.0-1009-starfive< 6.2.0-1009.10~22.04.1UNKNOWN
Ubuntu22.04noarchlinux-image-starfive< 6.2.0.1009.10~22.04.2UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Ubuntu	22.04	noarch	linux-image-6.2.0-1009-starfive	< 6.2.0-1009.10~22.04.1	UNKNOWN
Ubuntu	22.04	noarch	linux-buildinfo-6.2.0-1009-starfive	< 6.2.0-1009.10~22.04.1	UNKNOWN
Ubuntu	22.04	noarch	linux-headers-6.2.0-1009-starfive	< 6.2.0-1009.10~22.04.1	UNKNOWN
Ubuntu	22.04	noarch	linux-image-6.2.0-1009-starfive-dbgsym	< 6.2.0-1009.10~22.04.1	UNKNOWN
Ubuntu	22.04	noarch	linux-modules-6.2.0-1009-starfive	< 6.2.0-1009.10~22.04.1	UNKNOWN
Ubuntu	22.04	noarch	linux-modules-extra-6.2.0-1009-starfive	< 6.2.0-1009.10~22.04.1	UNKNOWN
Ubuntu	22.04	noarch	linux-starfive-6.2-headers-6.2.0-1009	< 6.2.0-1009.10~22.04.1	UNKNOWN
Ubuntu	22.04	noarch	linux-starfive-6.2-tools-6.2.0-1009	< 6.2.0-1009.10~22.04.1	UNKNOWN
Ubuntu	22.04	noarch	linux-tools-6.2.0-1009-starfive	< 6.2.0-1009.10~22.04.1	UNKNOWN
Ubuntu	22.04	noarch	linux-image-starfive	< 6.2.0.1009.10~22.04.2	UNKNOWN