Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntuUbuntuUSN-6536-1
HistoryDec 06, 2023 - 12:00 a.m.

Linux kernel vulnerabilities

2023-12-0600:00:00
ubuntu.com
36
netfilter validation failure
ipv4 socket buffer handling
ext4 file system vulnerability
virtio ring implementation issue
nvme-of/tcp queue initialization
perf subsystem event group handling

8.9 High

AI Score

Confidence

High

0.017 Low

EPSS

Percentile

87.5%

JSON

Releases

  • Ubuntu 23.10
  • Ubuntu 22.04 LTS

Packages

  • linux - Linux kernel
  • linux-aws - Linux kernel for Amazon Web Services (AWS) systems
  • linux-laptop - Linux kernel for Lenovo X13s ARM laptops
  • linux-lowlatency - Linux low latency kernel
  • linux-oem-6.5 - Linux kernel for OEM systems
  • linux-oracle - Linux kernel for Oracle Cloud systems
  • linux-raspi - Linux kernel for Raspberry Pi systems
  • linux-starfive - Linux kernel for StarFive processors

Details

Lucas Leong discovered that the netfilter subsystem in the Linux kernel did
not properly validate some attributes passed from userspace. A local
attacker could use this to cause a denial of service (system crash) or
possibly expose sensitive information (kernel memory). (CVE-2023-39189)

Kyle Zeng discovered that the IPv4 implementation in the Linux kernel did
not properly handle socket buffers (skb) when performing IP routing in
certain circumstances, leading to a null pointer dereference vulnerability.
A privileged attacker could use this to cause a denial of service (system
crash). (CVE-2023-42754)

Yikebaer Aizezi discovered that the ext4 file system implementation in the
Linux kernel contained a use-after-free vulnerability when handling inode
extent metadata. An attacker could use this to construct a malicious ext4
file system image that, when mounted, could cause a denial of service
(system crash). (CVE-2023-45898)

Jason Wang discovered that the virtio ring implementation in the Linux
kernel did not properly handle iov buffers in some situations. A local
attacker in a guest VM could use this to cause a denial of service (host
system crash). (CVE-2023-5158)

Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel
did not properly handle queue initialization failures in certain
situations, leading to a use-after-free vulnerability. A remote attacker
could use this to cause a denial of service (system crash) or possibly
execute arbitrary code. (CVE-2023-5178)

Budimir Markovic discovered that the perf subsystem in the Linux kernel did
not properly handle event groups, leading to an out-of-bounds write
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2023-5717)

OSVersionArchitecturePackageVersionFilename
Ubuntu23.10noarchlinux-image-6.5.0-1005-starfive< 6.5.0-1005.6UNKNOWN
Ubuntu23.10noarchlinux-buildinfo-6.5.0-1005-starfive< 6.5.0-1005.6UNKNOWN
Ubuntu23.10noarchlinux-headers-6.5.0-1005-starfive< 6.5.0-1005.6UNKNOWN
Ubuntu23.10noarchlinux-image-6.5.0-1005-starfive-dbgsym< 6.5.0-1005.6UNKNOWN
Ubuntu23.10noarchlinux-modules-6.5.0-1005-starfive< 6.5.0-1005.6UNKNOWN
Ubuntu23.10noarchlinux-modules-extra-6.5.0-1005-starfive< 6.5.0-1005.6UNKNOWN
Ubuntu23.10noarchlinux-starfive-headers-6.5.0-1005< 6.5.0-1005.6UNKNOWN
Ubuntu23.10noarchlinux-starfive-tools-6.5.0-1005< 6.5.0-1005.6UNKNOWN
Ubuntu23.10noarchlinux-tools-6.5.0-1005-starfive< 6.5.0-1005.6UNKNOWN
Ubuntu23.10noarchlinux-image-6.5.0-1007-laptop< 6.5.0-1007.10UNKNOWN
Rows per page:
1-10 of 1611

Related

ubuntu 21
nessus 59
osv 22
openvas 33
cbl_mariner 7
cve 6
prion 6
debiancve 6
redhatcve 6
ubuntucve 6
cvelist 6
amazon 3
photon 5
oraclelinux 3
redhat 3
githubexploit 1
rosalinux 3
fedora 3
ubuntu
ubuntu
Linux kernel (Azure) vulnerabilities
2024-01-09 00:00:00
Linux kernel (GCP) vulnerabilities
2023-12-06 00:00:00
Linux kernel (Low Latency) vulnerabilities
2023-12-13 00:00:00
nessus
nessus
Ubuntu 23.10 : Linux kernel (Azure) vulnerabilities (USN-6573-1)
2024-01-09 00:00:00
Ubuntu 22.04 LTS / 23.10 : Linux kernel vulnerabilities (USN-6536-1)
2023-12-06 00:00:00
Ubuntu 23.10 : Linux kernel (GCP) vulnerabilities (USN-6537-1)
2023-12-06 00:00:00
osv
osv
linux-azure vulnerabilities
2024-01-09 18:30:25
linux, linux-aws, linux-laptop, linux-lowlatency, linux-oem-6.5, linux-oracle, linux-raspi, linux-starfive vulnerabilities
2023-12-06 13:34:16
linux-gcp vulnerabilities
2023-12-06 13:55:09
openvas
openvas
Ubuntu: Security Advisory (USN-6536-1)
2023-12-07 00:00:00
Ubuntu: Security Advisory (USN-6573-1)
2024-01-10 00:00:00
Ubuntu: Security Advisory (USN-6537-1)
2023-12-07 00:00:00
cbl_mariner
cbl_mariner
CVE-2023-45898 affecting package kernel for versions less than 5.15.135.1-2
2023-11-08 02:07:28
CVE-2023-42754 affecting package kernel for versions less than 5.15.135.1-2
2023-11-08 02:07:28
CVE-2023-5717 affecting package kernel for versions less than 5.15.137.1-1
2023-11-17 23:23:29
cve
cve
CVE-2023-45898
2023-10-16 03:15:09
CVE-2023-42754
2023-10-05 18:25:22
CVE-2023-5158
2023-09-25 16:15:15
prion
prion
Design/Logic Flaw
2023-10-16 03:15:00
Null pointer dereference
2023-10-05 19:15:00
Design/Logic Flaw
2023-09-25 16:15:00
debiancve
debiancve
CVE-2023-45898
2023-10-16 03:15:09
CVE-2023-42754
2023-10-05 18:25:22
CVE-2023-5158
2023-09-25 16:15:15
redhatcve
redhatcve
CVE-2023-45898
2023-10-23 22:00:21
CVE-2023-42754
2023-10-05 10:54:28
CVE-2023-5158
2023-09-25 12:24:54
ubuntucve
ubuntucve
CVE-2023-45898
2023-10-16 00:00:00
CVE-2023-42754
2023-10-05 00:00:00
CVE-2023-5158
2023-09-25 00:00:00
cvelist
cvelist
CVE-2023-45898
2023-10-16 00:00:00
CVE-2023-42754 Kernel: ipv4: null pointer dereference in ipv4_send_dest_unreach()
2023-10-05 18:25:22
CVE-2023-5158 Possible dos from guest to host invringh_kiov_advance in vhost driver at drivers/vhost/vringh.c
2023-09-25 15:55:15
amazon
amazon
Important: kernel
2023-11-10 17:32:00
Medium: kernel
2023-10-30 23:59:00
Important: kernel
2023-11-09 19:19:00
photon
photon
Important Photon OS Security Update - PHSA-2023-5.0-0130
2023-10-30 00:00:00
Important Photon OS Security Update - PHSA-2023-4.0-0510
2023-11-12 00:00:00
Important Photon OS Security Update - PHSA-2023-4.0-0483
2023-10-05 00:00:00
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2023-12-13 00:00:00
Unbreakable Enterprise kernel-container security update
2023-12-14 00:00:00
Unbreakable Enterprise kernel-container security update
2023-12-14 00:00:00
redhat
redhat
(RHSA-2023:7559) Important: kpatch-patch security update
2023-11-28 18:56:35
(RHSA-2023:7551) Important: kernel-rt security update
2023-11-28 16:15:31
(RHSA-2023:7557) Important: kernel security and bug fix update
2023-11-28 18:03:46
githubexploit
githubexploit
Exploit for CVE-2023-5178
2024-02-05 15:58:24
rosalinux
rosalinux
Advisory ROSA-SA-2024-2384
2024-03-28 06:52:37
Advisory ROSA-SA-2024-2383
2024-03-28 06:51:27
Advisory ROSA-SA-2024-2385
2024-03-28 06:53:29
fedora
fedora
[SECURITY] Fedora 37 Update: kernel-6.5.6-100.fc37
2023-10-10 01:33:41
[SECURITY] Fedora 38 Update: kernel-6.5.6-200.fc38
2023-10-10 01:36:33
[SECURITY] Fedora 39 Update: kernel-6.5.6-300.fc39
2023-10-09 22:27:11

8.9 High

AI Score

Confidence

High

0.017 Low

EPSS

Percentile

87.5%

JSON
Related for USN-6536-1
ubuntu21nessus59osv22openvas33cbl_mariner7cve6prion6debiancve6redhatcve6ubuntucve6cvelist6amazon3photon5oraclelinux3redhat3githubexploit1rosalinux3fedora3