CVSS3
Attack Vector
ADJACENT
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
19.7%
Yu Hao discovered that the UBI driver in the Linux kernel did not properly
check for MTD with zero erasesize during device attachment. A local
privileged attacker could use this to cause a denial of service (system
crash). (CVE-2023-31085)
Manfred Rudigier discovered that the Intel® PCI-Express Gigabit (igb)
Ethernet driver in the Linux kernel did not properly validate received
frames that are larger than the set MTU size, leading to a buffer overflow
vulnerability. An attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2023-45871)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 20.04 | noarch | linux-image-5.4.0-1081-gkeop | < 5.4.0-1081.85 | UNKNOWN |
Ubuntu | 20.04 | noarch | linux-image-5.4.0-1081-gkeop-dbgsym | < 5.4.0-1081.85 | UNKNOWN |
Ubuntu | 20.04 | noarch | linux-image-5.4.0-1118-gcp | < 5.4.0-1118.127 | UNKNOWN |
Ubuntu | 20.04 | noarch | linux-image-5.4.0-1118-gcp-dbgsym | < 5.4.0-1118.127 | UNKNOWN |
Ubuntu | 20.04 | noarch | linux-image-5.4.0-1120-azure | < 5.4.0-1120.127 | UNKNOWN |
Ubuntu | 20.04 | noarch | linux-image-5.4.0-1120-azure-dbgsym | < 5.4.0-1120.127 | UNKNOWN |
Ubuntu | 20.04 | noarch | linux-image-azure-lts-20.04 | < 5.4.0.1120.113 | UNKNOWN |
Ubuntu | 20.04 | noarch | linux-azure-lts-20.04 | < 5.4.0.1120.113 | UNKNOWN |
Ubuntu | 20.04 | noarch | linux-cloud-tools-azure-lts-20.04 | < 5.4.0.1120.113 | UNKNOWN |
Ubuntu | 20.04 | noarch | linux-headers-azure-lts-20.04 | < 5.4.0.1120.113 | UNKNOWN |