Lucene search

UbuntuUSN-6443-1

HistoryOct 19, 2023 - 12:00 a.m.

Linux kernel (OEM) vulnerabilities

2023-10-1900:00:00

ubuntu.com

ubuntu

linux kernel

networking stack

resource reservation protocol

netfilter subsystem

cve-2023-42752

cve-2023-42755

cve-2023-42756

cve-2023-4881

cve-2023-5197

denial of service

arbitrary code

system crash

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

22.0%

JSON

Releases

Ubuntu 22.04 LTS

Packages

linux-oem-6.1 - Linux kernel for OEM systems

Details

Kyle Zeng discovered that the networking stack implementation in the Linux
kernel did not properly validate skb object size in certain conditions. An
attacker could use this cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2023-42752)

Kyle Zeng discovered that the IPv4 Resource Reservation Protocol (RSVP)
classifier implementation in the Linux kernel contained an out-of-bounds
read vulnerability. A local attacker could use this to cause a denial of
service (system crash). Please note that kernel packet classifier support
for RSVP has been removed to resolve this vulnerability. (CVE-2023-42755)

Kyle Zeng discovered that the netfilter subsystem in the Linux kernel
contained a race condition in IP set operations in certain situations. A
local attacker could use this to cause a denial of service (system crash).
(CVE-2023-42756)

Alex Birnberg discovered that the netfilter subsystem in the Linux kernel
did not properly validate register length, leading to an out-of- bounds
write vulnerability. A local attacker could possibly use this to cause a
denial of service (system crash). (CVE-2023-4881)

Kevin Rich discovered that the netfilter subsystem in the Linux kernel did
not properly handle removal of rules from chain bindings in certain
circumstances, leading to a use-after-free vulnerability. A local attacker
could possibly use this to cause a denial of service (system crash) or
execute arbitrary code. (CVE-2023-5197)

OSVersionArchitecturePackageVersionFilename
Ubuntu22.04noarchlinux-image-6.1.0-1024-oem< 6.1.0-1024.24UNKNOWN
Ubuntu22.04noarchlinux-image-6.1.0-1024-oem-dbgsym< 6.1.0-1024.24UNKNOWN
Ubuntu22.04noarchlinux-image-oem-22.04< 6.1.0.1024.25UNKNOWN
Ubuntu22.04noarchlinux-headers-oem-22.04< 6.1.0.1024.25UNKNOWN
Ubuntu22.04noarchlinux-headers-oem-22.04a< 6.1.0.1024.25UNKNOWN
Ubuntu22.04noarchlinux-headers-oem-22.04b< 6.1.0.1024.25UNKNOWN
Ubuntu22.04noarchlinux-headers-oem-22.04c< 6.1.0.1024.25UNKNOWN
Ubuntu22.04noarchlinux-image-oem-22.04a< 6.1.0.1024.25UNKNOWN
Ubuntu22.04noarchlinux-image-oem-22.04b< 6.1.0.1024.25UNKNOWN
Ubuntu22.04noarchlinux-image-oem-22.04c< 6.1.0.1024.25UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Ubuntu	22.04	noarch	linux-image-6.1.0-1024-oem	< 6.1.0-1024.24	UNKNOWN
Ubuntu	22.04	noarch	linux-image-6.1.0-1024-oem-dbgsym	< 6.1.0-1024.24	UNKNOWN
Ubuntu	22.04	noarch	linux-image-oem-22.04	< 6.1.0.1024.25	UNKNOWN
Ubuntu	22.04	noarch	linux-headers-oem-22.04	< 6.1.0.1024.25	UNKNOWN
Ubuntu	22.04	noarch	linux-headers-oem-22.04a	< 6.1.0.1024.25	UNKNOWN
Ubuntu	22.04	noarch	linux-headers-oem-22.04b	< 6.1.0.1024.25	UNKNOWN
Ubuntu	22.04	noarch	linux-headers-oem-22.04c	< 6.1.0.1024.25	UNKNOWN
Ubuntu	22.04	noarch	linux-image-oem-22.04a	< 6.1.0.1024.25	UNKNOWN
Ubuntu	22.04	noarch	linux-image-oem-22.04b	< 6.1.0.1024.25	UNKNOWN
Ubuntu	22.04	noarch	linux-image-oem-22.04c	< 6.1.0.1024.25	UNKNOWN