USN-6383-1 linux, linux-aws, linux-aws-6.2, linux-azure, linux-azure-6.2, linux-azure-fde-6.2, linux-gcp, linux-gcp-6.2, linux-hwe-6.2, linux-ibm, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-6.2, linux-oracle, linux-raspi, linux-starfive vulnerabilities

Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. CVE-2023-20588 It was discovered...

kernel: cls_flower: out-of-bounds write in fl_set_geneve_opt()

A flaw was found in the TC flower classifier clsflower in the Networking subsystem of the Linux kernel. This issue occurs when sending two TCAFLOWERKEYENCOPTSGENEVE packets with a total size of 252 bytes, which results in an out-of-bounds write when the third packet enters flsetgeneveopt,...

kernel: cls_flower: out-of-bounds write in fl_set_geneve_opt()

A flaw was found in the TC flower classifier clsflower in the Networking subsystem of the Linux kernel. This issue occurs when sending two TCAFLOWERKEYENCOPTSGENEVE packets with a total size of 252 bytes, which results in an out-of-bounds write when the third packet enters flsetgeneveopt,...

kernel: net/sched: cls_fw component can be exploited as result of failure in tcf_change_indev function

A use-after-free vulnerability was found in fwsetparms in net/sched/clsfw.c in network scheduler sub-component in the Linux Kernel. This issue occurs due to a missing sanity check during cleanup at the time of failure, leading to a misleading reference. This may allow a local attacker to gain loc...

kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route

This record is a duplicate of CVE-2023-4206, CVE-2023-4207, and CVE-2023-4208. Do not use this CVE record: CVE-2023-4128...

kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route

This record is a duplicate of CVE-2023-4206, CVE-2023-4207, and CVE-2023-4208. Do not use this CVE record: CVE-2023-4128...

kernel: cls_flower: out-of-bounds write in fl_set_geneve_opt()

A flaw was found in the TC flower classifier clsflower in the Networking subsystem of the Linux kernel. This issue occurs when sending two TCAFLOWERKEYENCOPTSGENEVE packets with a total size of 252 bytes, which results in an out-of-bounds write when the third packet enters flsetgeneveopt,...

OESA-2023-1637 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: A use-after-free vulnerability in the Linux kernel's net/sched: clsroute component can be exploited to achieve local privilege escalation. When route4change is called on an existing filter, the whole tcfresult struct is always...

kernel: net/sched: cls_fw component can be exploited as result of failure in tcf_change_indev function

A use-after-free vulnerability was found in fwsetparms in net/sched/clsfw.c in network scheduler sub-component in the Linux Kernel. This issue occurs due to a missing sanity check during cleanup at the time of failure, leading to a misleading reference. This may allow a local attacker to gain loc...

Use-after-free in Linux kernel's net/sched: cls_fw component

...

Ubuntu: Security Advisory (USN-6343-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6348-1 linux-intel-iotg-5.15, linux-raspi vulnerabilities

Daniel Moghimi discovered that some IntelR Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. CVE-2022-40982 Tavis Ormandy discovered that some AMD processors...

USN-6346-1 linux-raspi, linux-raspi-5.4 vulnerabilities

Daniel Moghimi discovered that some IntelR Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. CVE-2022-40982 Tavis Ormandy discovered that some AMD processors...

USN-6346-1: Linux kernel (Raspberry Pi) vulnerabilities

Daniel Moghimi discovered that some IntelR Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. CVE-2022-40982 Tavis Ormandy discovered that some AMD processors...

USN-6343-1: Linux kernel (OEM) vulnerabilities

It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker could use this to cause a denial of service excessive CPU consumption. CVE-2023-1206 Ross Lagerwall discovered that the Xen netback backend...

LSN-0097-1: Kernel Live Patch Security Notice

It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service system crash or possibly execute arbitrary code.CVE-2023-3090...

kernel: cls_flower: out-of-bounds write in fl_set_geneve_opt()

A flaw was found in the TC flower classifier clsflower in the Networking subsystem of the Linux kernel. This issue occurs when sending two TCAFLOWERKEYENCOPTSGENEVE packets with a total size of 252 bytes, which results in an out-of-bounds write when the third packet enters flsetgeneveopt,...

kernel: cls_flower: out-of-bounds write in fl_set_geneve_opt()

A flaw was found in the TC flower classifier clsflower in the Networking subsystem of the Linux kernel. This issue occurs when sending two TCAFLOWERKEYENCOPTSGENEVE packets with a total size of 252 bytes, which results in an out-of-bounds write when the third packet enters flsetgeneveopt,...

kernel: cls_flower: out-of-bounds write in fl_set_geneve_opt()

A flaw was found in the TC flower classifier clsflower in the Networking subsystem of the Linux kernel. This issue occurs when sending two TCAFLOWERKEYENCOPTSGENEVE packets with a total size of 252 bytes, which results in an out-of-bounds write when the third packet enters flsetgeneveopt,...

Ubuntu: Security Advisory (USN-6324-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...