Lucene search

UbuntuUSN-6497-1

HistoryNov 21, 2023 - 12:00 a.m.

Linux kernel (OEM) vulnerabilities

2023-11-2100:00:00

ubuntu.com

ubuntu 22.04 lts

linux kernel

oem systems

kvm nested virtualization

amd processors

x2avic msrs

denial of service

nvme-of/tcp subsystem

queue initialization

use-after-free vulnerability

perf subsystem

event groups

out-of-bounds write vulnerability

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.7 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.017 Low

EPSS

Percentile

87.5%

JSON

Releases

Ubuntu 22.04 LTS

Packages

linux-oem-6.1 - Linux kernel for OEM systems

Details

Maxim Levitsky discovered that the KVM nested virtualization (SVM)
implementation for AMD processors in the Linux kernel did not properly
handle x2AVIC MSRs. An attacker in a guest VM could use this to cause a
denial of service (host kernel crash). (CVE-2023-5090)

Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel
did not properly handle queue initialization failures in certain
situations, leading to a use-after-free vulnerability. A remote attacker
could use this to cause a denial of service (system crash) or possibly
execute arbitrary code. (CVE-2023-5178)

Budimir Markovic discovered that the perf subsystem in the Linux kernel
did not properly handle event groups, leading to an out-of-bounds write
vulnerability. A local attacker could use this to cause a denial of
service (system crash) or possibly execute arbitrary code. (CVE-2023-5717)

OSVersionArchitecturePackageVersionFilename
Ubuntu22.04noarchlinux-image-6.1.0-1026-oem< 6.1.0-1026.26UNKNOWN
Ubuntu22.04noarchlinux-image-6.1.0-1026-oem-dbgsym< 6.1.0-1026.26UNKNOWN
Ubuntu22.04noarchlinux-image-oem-22.04< 6.1.0.1026.27UNKNOWN
Ubuntu22.04noarchlinux-headers-oem-22.04< 6.1.0.1026.27UNKNOWN
Ubuntu22.04noarchlinux-headers-oem-22.04a< 6.1.0.1026.27UNKNOWN
Ubuntu22.04noarchlinux-headers-oem-22.04b< 6.1.0.1026.27UNKNOWN
Ubuntu22.04noarchlinux-headers-oem-22.04c< 6.1.0.1026.27UNKNOWN
Ubuntu22.04noarchlinux-image-oem-22.04a< 6.1.0.1026.27UNKNOWN
Ubuntu22.04noarchlinux-image-oem-22.04b< 6.1.0.1026.27UNKNOWN
Ubuntu22.04noarchlinux-image-oem-22.04c< 6.1.0.1026.27UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Ubuntu	22.04	noarch	linux-image-6.1.0-1026-oem	< 6.1.0-1026.26	UNKNOWN
Ubuntu	22.04	noarch	linux-image-6.1.0-1026-oem-dbgsym	< 6.1.0-1026.26	UNKNOWN
Ubuntu	22.04	noarch	linux-image-oem-22.04	< 6.1.0.1026.27	UNKNOWN
Ubuntu	22.04	noarch	linux-headers-oem-22.04	< 6.1.0.1026.27	UNKNOWN
Ubuntu	22.04	noarch	linux-headers-oem-22.04a	< 6.1.0.1026.27	UNKNOWN
Ubuntu	22.04	noarch	linux-headers-oem-22.04b	< 6.1.0.1026.27	UNKNOWN
Ubuntu	22.04	noarch	linux-headers-oem-22.04c	< 6.1.0.1026.27	UNKNOWN
Ubuntu	22.04	noarch	linux-image-oem-22.04a	< 6.1.0.1026.27	UNKNOWN
Ubuntu	22.04	noarch	linux-image-oem-22.04b	< 6.1.0.1026.27	UNKNOWN
Ubuntu	22.04	noarch	linux-image-oem-22.04c	< 6.1.0.1026.27	UNKNOWN