Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-6132-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6132-1 advisory. Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch...

USN-6127-1 linux, linux-aws, linux-aws-5.15, linux-azure, linux-azure-5.15, linux-gcp, linux-gcp-5.15, linux-gke, linux-gke-5.15, linux-gkeop, linux-hwe-5.15, linux-hwe-5.19, linux-ibm, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-oracle, linux-oracle-5.15, linux-raspi vulnerabilities

Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrar...

CVE-2023-2612

Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu Linux kernel contained a race condition when handling inode locking in some situations. A local attacker could use this to cause a denial of service kernel deadlock...

CVE-2023-2612

Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu Linux kernel contained a race condition when handling inode locking in some situations. A local attacker could use this to cause a denial of service kernel deadlock...

Race condition

Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu Linux kernel contained a race condition when handling inode locking in some situations. A local attacker could use this to cause a denial of service kernel deadlock...

Ubuntu: Security Advisory (USN-6122-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-6127-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6127-1 advisory. Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch...

CVE-2023-2612 shiftfs lock unbalance in Ubuntu-specific kernels

Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu Linux kernel contained a race condition when handling inode locking in some situations. A local attacker could use this to cause a denial of service kernel deadlock...

USN-6122-1: Linux kernel (OEM) vulnerabilities

Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrar...

PT-2023-3081 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Ubuntu Linux kernel affected versions not specified Description: The shiftfs file system in the Ubuntu Linux kernel contains a race condition when handling inode locking in some situations. A local attacker could use this to cause a denial of...

CVE-2023-2612

Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu Linux kernel contained a race condition when handling inode locking in some situations. A local attacker could use this to cause a denial of service kernel deadlock...

UBUNTU-CVE-2023-2612

Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu Linux kernel contained a race condition when handling inode locking in some situations. A local attacker could use this to cause a denial of service kernel deadlock...

Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6124-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6124-1 advisory. Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests,...

PT-2025-49664

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists within the nilfs2 file system during the unmount process. Specifically, the nilfs root structure may be accessed after being freed, potentially leading to a...

A use-after-free vulnerability was found in the Linux kernel's ext4 filesystem in the way it handled the extra inode size for extended attributes. This flaw could allow a privileged local user to cause a system crash or other undefined behaviors.

...

Medium: kernel

Issue Overview: bpf: incorrect verifier pruning due to missing register precision taints, which may lead to out-of-band read/write access due to an incorrect verifier conclusion. CVE-2023-2163 A use-after-free vulnerability was found in the Linux kernel's ext4 filesystem in the way it handled the...

The vulnerability of the inode_init_owner() function in the fs/inode.c file of the XFS file system’s kernel of the Linux operating system allows a malicious actor to escalate their privileges and gain access to protected information. It can also cause service interruptions.

The vulnerability of the inodeinitowner function in the fs/inode.c file of the XFS file system in the Linux operating system is related to the incorrect setting of access group attributes during file creation. Exploiting this vulnerability can allow an attacker to enhance their privileges and gai...

kernel: ext4: fix uninititialized value in 'ext4_evict_inode'

An uninitialized variable flaw was found in the Linux kernel's ext4 filesystem in the inode eviction path. A local user can trigger this issue by creating filesystem operations that cause inode allocation to fail before the iflags field is initialized, followed by inode cleanup that attempts to...

kernel: ext4: silence the warning when evicting inode with dioread_nolock

In the Linux kernel, the following vulnerability has been resolved: ext4: silence the warning when evicting inode with dioreadnolock When evicting an inode with default dioreadnolock, it could be raced by the unwritten extents converting kworker after writeback some new allocated dirty blocks. It...

kernel: ext4: use-after-free in ext4_xattr_set_entry()

A use-after-free vulnerability was found in the Linux kernel's ext4 filesystem in the way it handled the extra inode size for extended attributes. This flaw allows a privileged local user to cause a system crash or other undefined behaviors...