Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:USN-6686-3
HistoryMar 19, 2024 - 3:27 p.m.

linux-oracle, linux-oracle-5.15 vulnerabilities

2024-03-1915:27:23
Google
osv.dev
9
linux kernel
designware usb3
cypress touchscreen
nfc controller interface
io_uring
bluetooth subsystem
rose x.25 protocol
nvme-of/tcp
virtio
netfilter subsystem
vulnerability
denial of service
system crash
use-after-free
arbitrary code execution
race condition
null pointer dereference
out-of-bounds read
sensitive information
kernel memory
local attacker
remote attacker
software

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.8 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

67.9%

JSON

It was discovered that the DesignWare USB3 for Qualcomm SoCs driver in the
Linux kernel did not properly handle certain error conditions during device
registration. A local attacker could possibly use this to cause a denial of
service (system crash). (CVE-2023-22995)

It was discovered that a race condition existed in the Cypress touchscreen
driver in the Linux kernel during device removal, leading to a use-after-
free vulnerability. A physically proximate attacker could use this to cause
a denial of service (system crash) or possibly execute arbitrary code.
(CVE-2023-4134)

黄思聪 discovered that the NFC Controller Interface (NCI) implementation in
the Linux kernel did not properly handle certain memory allocation failure
conditions, leading to a null pointer dereference vulnerability. A local
attacker could use this to cause a denial of service (system crash).
(CVE-2023-46343)

It was discovered that the io_uring subsystem in the Linux kernel contained
a race condition, leading to a null pointer dereference vulnerability. A
local attacker could use this to cause a denial of service (system crash).
(CVE-2023-46862)

It was discovered that a race condition existed in the Bluetooth subsystem
of the Linux kernel, leading to a use-after-free vulnerability. A local
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2023-51779)

It was discovered that a race condition existed in the Rose X.25 protocol
implementation in the Linux kernel, leading to a use-after- free
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2023-51782)

Alon Zahavi discovered that the NVMe-oF/TCP subsystem of the Linux kernel
did not properly handle connect command payloads in certain situations,
leading to an out-of-bounds read vulnerability. A remote attacker could use
this to expose sensitive information (kernel memory). (CVE-2023-6121)

It was discovered that the VirtIO subsystem in the Linux kernel did not
properly initialize memory in some situations. A local attacker could use
this to possibly expose sensitive information (kernel memory).
(CVE-2024-0340)

Dan Carpenter discovered that the netfilter subsystem in the Linux kernel
did not store data in properly sized memory locations. A local user could
use this to cause a denial of service (system crash). (CVE-2024-0607)

Related

osv 24
openvas 26
nessus 51
ubuntu 19
slackware 1
redhatcve 8
debiancve 9
ubuntucve 10
cvelist 8
cve 8
cbl_mariner 9
nvd 8
prion 8
cnvd 2
oraclelinux 3
photon 4
debian 1
osv
osv
linux, linux-azure, linux-azure-5.15, linux-azure-fde, linux-azure-fde-5.15, linux-gcp, linux-gcp-5.15, linux-gke, linux-gkeop, linux-gkeop-5.15, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-lowlatency-hwe-5.15, linux-nvidia vulnerabilities
2024-03-08 00:30:45
linux-lowlatency, linux-raspi vulnerabilities
2024-03-13 17:17:13
linux-intel-iotg, linux-intel-iotg-5.15 vulnerabilities
2024-03-27 21:03:51
openvas
openvas
Ubuntu: Security Advisory (USN-6686-3)
2024-03-21 00:00:00
Ubuntu: Security Advisory (USN-6686-4)
2024-03-21 00:00:00
Ubuntu: Security Advisory (USN-6686-2)
2024-03-14 00:00:00
nessus
nessus
Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel (Oracle) vulnerabilities (USN-6686-3)
2024-03-20 00:00:00
Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel (Intel IoTG) vulnerabilities (USN-6686-5)
2024-03-27 00:00:00
Ubuntu 22.04 LTS : Linux kernel (KVM) vulnerabilities (USN-6686-4)
2024-03-20 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2024-03-08 00:00:00
Linux kernel (Oracle) vulnerabilities
2024-03-19 00:00:00
Linux kernel (Intel IoTG) vulnerabilities
2024-03-27 00:00:00
slackware
slackware
[slackware-security] Slackware 15.0 kernel
2023-12-26 00:24:31
redhatcve
redhatcve
CVE-2023-22995
2023-03-01 18:06:55
CVE-2023-46862
2023-10-30 13:43:22
CVE-2024-0340
2024-01-09 12:31:08
debiancve
debiancve
CVE-2023-51782
2024-01-11 19:15:12
CVE-2023-46862
2023-10-29 04:15:11
CVE-2024-0340
2024-01-09 18:15:47
ubuntucve
ubuntucve
CVE-2023-51782
2024-01-11 00:00:00
CVE-2023-22995
2023-02-28 00:00:00
CVE-2023-51779
2024-01-02 00:00:00
cvelist
cvelist
CVE-2023-46862
2023-10-29 00:00:00
CVE-2023-51779
2023-12-25 00:00:00
CVE-2023-46343
2024-01-23 00:00:00
cve
cve
CVE-2023-22995
2023-02-28 05:15:12
CVE-2023-51779
2024-02-29 01:42:05
CVE-2023-46862
2023-10-29 04:15:11
cbl_mariner
cbl_mariner
CVE-2023-51782 affecting package kernel for versions less than 5.15.148.1-1
2024-02-25 03:00:06
CVE-2024-0340 affecting package kernel for versions less than 5.15.153.1-1
2024-04-09 20:48:36
CVE-2023-46343 affecting package kernel for versions less than 5.15.148.1-1
2024-02-25 03:00:06
nvd
nvd
CVE-2023-51782
2024-01-11 19:15:12
CVE-2024-0340
2024-01-09 18:15:47
CVE-2023-46343
2024-01-23 10:15:10
prion
prion
Path traversal
2023-02-28 05:15:00
Race condition
2024-02-29 01:42:00
Design/Logic Flaw
2024-01-09 18:15:00
cnvd
cnvd
Linux kernel code issue vulnerability (CNVD-2024-06235)
2024-01-12 00:00:00
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. An out-of-bounds access vulnerability exists in the Linux Kernel. The affected version has an out-of-bounds access vulnerability in the receive_encrypted_standard in the smb client subcomponent fs/smb/client/smb2ops.c due to a lack of memory checksum. An out-of-bounds access vulnerability exists, which can be exploited by an attacker to conduct a DOS attack.
2024-01-26 00:00:00
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2024-04-08 00:00:00
Unbreakable Enterprise kernel-container security update
2024-04-08 00:00:00
Unbreakable Enterprise kernel-container security update
2024-04-08 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2024-4.0-0548
2024-01-13 00:00:00
Critical Photon OS Security Update - PHSA-2024-4.0-0556
2024-01-25 00:00:00
Moderate Photon OS Security Update - PHSA-2024-3.0-0734
2024-03-01 00:00:00
debian
debian
[SECURITY] [DSA 5593-1] linux security update
2024-01-01 13:25:21

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.8 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

67.9%

JSON
Related for OSV:USN-6686-3
osv24openvas26nessus51ubuntu19slackware1redhatcve8debiancve9ubuntucve10cvelist8cve8cbl_mariner9nvd8prion8cnvd2oraclelinux3photon4debian1