399 matches found
USN-6444-1: Linux kernel vulnerabilities
Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized network frontend, leading to a buffer overflow. An attacker in a guest VM could use this to cause a denial of service host system crash or...
CLSA-2023-1697744819 Fix of 8 CVEs
CVE-url: https://ubuntu.com/security/CVE-2023-42755 - net/sched: Retire rsvp classifier CVE-url: https://ubuntu.com/security/CVE-2023-39194 - net: xfrm: Fix xfrmaddressfilter OOB read CVE-url: https://ubuntu.com/security/CVE-2023-39192 - netfilter: xtu32: validate user space input CVE-url:...
CLSA-2023-1697744683 Fix of 8 CVEs
CVE-url: https://ubuntu.com/security/CVE-2023-42755 - net/sched: Retire rsvp classifier CVE-url: https://ubuntu.com/security/CVE-2023-39194 - net: xfrm: Fix xfrmaddressfilter OOB read CVE-url: https://ubuntu.com/security/CVE-2023-39192 - netfilter: xtu32: validate user space input CVE-url:...
kernel: net/sched: cls_fw component can be exploited as result of failure in tcf_change_indev function
A use-after-free vulnerability was found in fwsetparms in net/sched/clsfw.c in network scheduler sub-component in the Linux Kernel. This issue occurs due to a missing sanity check during cleanup at the time of failure, leading to a misleading reference. This may allow a local attacker to gain loc...
kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route
This record is a duplicate of CVE-2023-4206, CVE-2023-4207, and CVE-2023-4208. Do not use this CVE record: CVE-2023-4128...
USN-6396-3: Linux kernel (Azure) vulnerabilities
It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. CVE-2022-27672 Daniel Moghimi discovered that some IntelR Processors...
USN-6396-3 linux-azure vulnerabilities
It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. CVE-2022-27672 Daniel Moghimi discovered that some IntelR Processors...
kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route
This record is a duplicate of CVE-2023-4206, CVE-2023-4207, and CVE-2023-4208. Do not use this CVE record: CVE-2023-4128...
kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route
This record is a duplicate of CVE-2023-4206, CVE-2023-4207, and CVE-2023-4208. Do not use this CVE record: CVE-2023-4128...
kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route
This record is a duplicate of CVE-2023-4206, CVE-2023-4207, and CVE-2023-4208. Do not use this CVE record: CVE-2023-4128...
kernel: cls_flower: out-of-bounds write in fl_set_geneve_opt()
A flaw was found in the TC flower classifier clsflower in the Networking subsystem of the Linux kernel. This issue occurs when sending two TCAFLOWERKEYENCOPTSGENEVE packets with a total size of 252 bytes, which results in an out-of-bounds write when the third packet enters flsetgeneveopt,...
kernel: cls_flower: out-of-bounds write in fl_set_geneve_opt()
A flaw was found in the TC flower classifier clsflower in the Networking subsystem of the Linux kernel. This issue occurs when sending two TCAFLOWERKEYENCOPTSGENEVE packets with a total size of 252 bytes, which results in an out-of-bounds write when the third packet enters flsetgeneveopt,...
kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route
This record is a duplicate of CVE-2023-4206, CVE-2023-4207, and CVE-2023-4208. Do not use this CVE record: CVE-2023-4128...
kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route
This record is a duplicate of CVE-2023-4206, CVE-2023-4207, and CVE-2023-4208. Do not use this CVE record: CVE-2023-4128...
LSN-0098-1: Kernel Live Patch Security Notice
It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service system crash or possibly execute arbitrary code.CVE-2023-3090 It...
kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route
This record is a duplicate of CVE-2023-4206, CVE-2023-4207, and CVE-2023-4208. Do not use this CVE record: CVE-2023-4128...
kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route
This record is a duplicate of CVE-2023-4206, CVE-2023-4207, and CVE-2023-4208. Do not use this CVE record: CVE-2023-4128...
Ubuntu: Security Advisory (USN-6396-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2023-42755
A flaw was found in the IPv4 Resource Reservation Protocol RSVP classifier in the Linux kernel. The xprt pointer may go beyond the linear part of the skb, leading to an out-of-bounds read in the rsvpclassify function. This issue may allow a local user to crash the system and cause a denial of...
UBUNTU-CVE-2023-42755
A flaw was found in the IPv4 Resource Reservation Protocol RSVP classifier in the Linux kernel. The xprt pointer may go beyond the linear part of the skb, leading to an out-of-bounds read in the rsvpclassify function. This issue may allow a local user to crash the system and cause a denial of...