Amazon Linux 2 : kernel (ALASKERNEL-5.15-2023-014)

The version of kernel installed on the remote host is prior to 5.15.93-55.139. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.15-2023-014 advisory. 2023-11-09: CVE-2023-3567 was added to this advisory. A flaw was found in the Linux kernel's Layer 2...

GSD-2023-1002038 net: openvswitch: fix flow memory leak in ovs_flow_cmd_new

net: openvswitch: fix flow memory leak in ovsflowcmdnew This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.93 by commit...

GSD-2023-1002034 scsi: iscsi_tcp: Fix UAF during logout when accessing the shost ipaddress

scsi: iscsitcp: Fix UAF during logout when accessing the shost ipaddress This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.93 by commit...

GSD-2023-1002032 kernel/irq/irqdomain.c: fix memory leak with using debugfs_lookup()

kernel/irq/irqdomain.c: fix memory leak with using debugfslookup This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.93 by commit...

GSD-2023-1002025 wifi: brcmfmac: Check the count value of channel spec to prevent out-of-bounds reads

wifi: brcmfmac: Check the count value of channel spec to prevent out-of-bounds reads This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.93 by...

PT-2023-35122 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.93 Description: The issue concerns a potential array out-of-bound in the add secret dac path function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel...

PT-2023-35111 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.93 Description: The issue concerns checking font dimension limits. It was introduced in version v2.6.22 and fixed in version v5.15.93. The actual impact and attack plausibility have not yet been proven...

PT-2023-35112 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.93 Description: The issue is related to the vcs read function, where the load of the struct vc data pointer is moved to avoid a use-after-free UAF condition. The actual impact and attack plausibility have...

PT-2023-35106 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.93 Description: A potential double-free issue was identified. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior to v5.15.93, update to...