Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6071-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6071-1 advisory. It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel did not properly perform filter deactivation in some...

Race condition

A use-after-free flaw was found in iouring/poll.c in iopollcheckevents in the iouring subcomponent in the Linux Kernel due to a race condition of pollrefs. This flaw may cause a NULL pointer dereference...

CVE-2023-0468

A use-after-free flaw was found in iouring/poll.c in iopollcheckevents in the iouring subcomponent in the Linux Kernel due to a race condition of pollrefs. This flaw may cause a NULL pointer dereference...

CVE-2023-0469

A use-after-free flaw was found in iouring/filetable.c in ioinstallfixedfile in the iouring subcomponent in the Linux Kernel during call cleanup. This flaw may lead to a denial of service...

CVE-2023-0468

A use-after-free flaw was found in iouring/poll.c in iopollcheckevents in the iouring subcomponent in the Linux Kernel due to a race condition of pollrefs. This flaw may cause a NULL pointer dereference...

CVE-2023-0469

A use-after-free flaw was found in iouring/filetable.c in ioinstallfixedfile in the iouring subcomponent in the Linux Kernel during call cleanup. This flaw may lead to a denial of service...

Amazon Linux 2 : kernel, --advisory ALAS2-2022-1888 (ALAS-2022-1888)

The version of kernel installed on the remote host is prior to 4.14.299-223.520. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1888 advisory. In v4l2m2mquerybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. Th...