7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 High
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:S/C:P/I:P/A:P
0.0005 Low
EPSS
Percentile
14.6%
Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in
the netfilter subsystem of the Linux kernel when processing batch requests,
leading to a use-after-free vulnerability. A local attacker could use this
to cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2023-32233)
Reima Ishii discovered that the nested KVM implementation for Intel x86
processors in the Linux kernel did not properly validate control registers
in certain situations. An attacker in a guest VM could use this to cause a
denial of service (guest crash). (CVE-2023-30456)
Gwnaun Jung discovered that the SFB packet scheduling implementation in the
Linux kernel contained a use-after-free vulnerability. A local attacker
could use this to cause a denial of service (system crash) or possibly
execute arbitrary code. (CVE-2022-3586)
It was discovered that the Intel i915 graphics driver in the Linux kernel
did not perform a GPU TLB flush in some situations. A local attacker could
use this to cause a denial of service or possibly execute arbitrary code.
(CVE-2022-4139)
It was discovered that the Xircom PCMCIA network device driver in the Linux
kernel did not properly handle device removal events. A physically
proximate attacker could use this to cause a denial of service (system
crash). (CVE-2023-1670)
Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu
Linux kernel contained a race condition when handling inode locking in some
situations. A local attacker could use this to cause a denial of service
(kernel deadlock). (CVE-2023-2612)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 22.04 | noarch | linux-image-oem-22.04 | < 5.17.0.1032.30 | UNKNOWN |
Ubuntu | 22.04 | noarch | linux-headers-oem-22.04 | < 5.17.0.1032.30 | UNKNOWN |
Ubuntu | 22.04 | noarch | linux-headers-oem-22.04a | < 5.17.0.1032.30 | UNKNOWN |
Ubuntu | 22.04 | noarch | linux-image-oem-22.04a | < 5.17.0.1032.30 | UNKNOWN |
Ubuntu | 22.04 | noarch | linux-modules-ipu6-oem-22.04 | < 5.17.0.1032.30 | UNKNOWN |
Ubuntu | 22.04 | noarch | linux-modules-ipu6-oem-22.04a | < 5.17.0.1032.30 | UNKNOWN |
Ubuntu | 22.04 | noarch | linux-modules-ivsc-oem-22.04 | < 5.17.0.1032.30 | UNKNOWN |
Ubuntu | 22.04 | noarch | linux-modules-ivsc-oem-22.04a | < 5.17.0.1032.30 | UNKNOWN |
Ubuntu | 22.04 | noarch | linux-modules-iwlwifi-oem-22.04 | < 5.17.0.1032.30 | UNKNOWN |
Ubuntu | 22.04 | noarch | linux-modules-iwlwifi-oem-22.04a | < 5.17.0.1032.30 | UNKNOWN |
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 High
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:S/C:P/I:P/A:P
0.0005 Low
EPSS
Percentile
14.6%