Lucene search
OracleLinuxELSA-2023-5069HistorySep 15, 2023 - 12:00 a.m.
kernel security, bug fix, and enhancement update
2023-09-1500:00:00
linux.oracle.com
9
kernel security
bug fix
enhancement
x86
tsx control
msrs
amd
arm64
efi
netfilter
nf_tables
nft_msg_newrule
nft_trans_prepare_error
use-after-free
oob access
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.9 High
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:S/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
49.7%
- [5.14.0-284.30.0.1_2.OL9]
- x86/tsx: Add a feature bit for TSX control MSR support {CVE-2023-1637}
- x86/speculation: Restore speculation related MSRs {CVE-2023-1637}
- x86/pm: Save the MSR validity status at context setup {CVE-2023-1637}
- x86/pm: Fix false positive kmemleak report in msr_build_context() {CVE-2023-1637}
- x86/cpu: Restore AMD’s DE_CFG MSR after resume {CVE-2023-1637}
- x86/pm: Add enumeration check before spec MSRs {CVE-2023-1637}
- arm64: efi: Execute runtime services from a dedicated {CVE-2023-21102}
- netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE {CVE-2023-3390}
- netfilter: nf_tables: add NFT_TRANS_PREPARE_ERROR to deal with bound set/chain {CVE-2023-3390}
- netfilter: nf_tables: unbind non-anonymous set if rule construction fails {CVE-2023-3390}
- netfilter: nf_tables: disallow rule addition to bound chain via NFTA_RULE_CHAIN_ID {CVE-2023-4147}
- netfilter: nf_tables: do not ignore genmask when looking up chain by id {CVE-2023-31248}
- netfilter: nf_tables: prevent OOB access in nft_byteorder_eval {CVE-2023-35001}
- netfilter: nft_set_pipapo: fix improper element removal {CVE-2023-4004}
- net/sched: cls_fw: Fix improper refcount update leads to use-after-free {CVE-2023-3776}
Related
nessus
nessus
Oracle Linux 9 : kernel (ELSA-2023-5069)
2023-09-15 00:00:00
Rocky Linux 9 : kernel-rt (RLSA-2023:5091)
2023-09-19 00:00:00
RHEL 9 : kernel-rt (RHSA-2023:5091)
2023-09-12 00:00:00
osv
osv
Important: kernel-rt security and bug fix update
2023-09-19 12:09:59
Important: kernel security, bug fix, and enhancement update
2023-09-12 00:00:00
Important: kernel-rt security and bug fix update
2023-09-12 00:00:00
rocky
rocky
kernel-rt security and bug fix update
2023-09-19 12:09:59
kernel security, bug fix, and enhancement update
2023-09-26 13:26:05
kernel security, bug fix, and enhancement update
2023-10-06 22:19:15
redhat
redhat
(RHSA-2023:5091) Important: kernel-rt security and bug fix update
2023-09-12 07:45:53
(RHSA-2023:5093) Important: kpatch-patch security update
2023-09-12 07:46:19
(RHSA-2023:5069) Important: kernel security, bug fix, and enhancement update
2023-09-12 07:41:41
almalinux
almalinux
Important: kernel-rt security and bug fix update
2023-09-12 00:00:00
Important: kernel security, bug fix, and enhancement update
2023-09-12 00:00:00
Important: kernel security, bug fix, and enhancement update
2023-09-19 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2023-4.0-0457
2023-08-25 00:00:00
mageia
mageia
Updated kernel packages fix security vulnerabilities
2023-07-19 22:53:31
Updated kernel-linus packages fix security vulnerabilities
2023-07-27 01:07:49
openvas
openvas
Mageia: Security Advisory (MGASA-2023-0237)
2023-07-20 00:00:00
openSUSE: Security Advisory for the Linux Kernel RT (Live Patch 5 for SLE 15 SP4) (SUSE-SU-2023:4166-1)
2024-03-04 00:00:00
Fedora: Security Advisory for kernel-headers (FEDORA-2023-3661f028b8)
2023-07-26 00:00:00
ibm
ibm
fedora
fedora
[SECURITY] Fedora 37 Update: kernel-headers-6.4.4-100.fc37
2023-07-23 01:25:12
[SECURITY] Fedora 37 Update: kernel-6.4.4-100.fc37
2023-07-23 01:25:12
[SECURITY] Fedora 38 Update: kernel-headers-6.4.4-200.fc38
2023-07-23 01:30:41
ubuntu
ubuntu
Linux kernel (Intel IoTG) vulnerabilities
2023-07-26 00:00:00
Linux kernel vulnerabilities
2023-07-25 00:00:00
Kernel Live Patch Security Notice
2023-09-05 00:00:00
debian
debian
[SECURITY] [DLA 3512-1] linux-5.10 security update
2023-08-02 15:01:01
[SECURITY] [DSA 5453-1] linux security update
2023-07-16 21:40:23
oraclelinux
oraclelinux
kernel security, bug fix, and enhancement update
2023-09-21 00:00:00
redhatcve
redhatcve
debiancve
debiancve
cbl_mariner
cbl_mariner
prion
prion
Code injection
2023-05-15 22:15:00
Privilege escalation
2023-07-05 19:15:00
Out-of-bounds
2023-07-05 19:15:00
ubuntucve
ubuntucve
cve
cve
cnvd
cnvd
Google Android elevation of privilege vulnerability (CNVD-2023-41879)
2023-05-18 00:00:00
Linux kernel memory misreference vulnerability (CNVD-2023-62923)
2023-08-03 00:00:00
Linux kernel memory misreference vulnerability (CNVD-2023-64509)
2023-08-12 00:00:00
zdi
zdi
githubexploit
githubexploit
Exploit for Out-of-bounds Write in Linux Linux Kernel
2023-09-04 03:25:01
Exploit for Out-of-bounds Write in Linux Linux Kernel
2023-09-01 07:41:23
f5
f5
K000137871 : Linux kernel vulnerability CVE-2023-35001
2023-12-12 00:00:00
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.9 High
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:S/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
49.7%
Related for ELSA-2023-5069