UbuntuUSN-6652-1Linux kernel (Azure) vulnerabilities
Releases
- Ubuntu 23.10
Packages
- linux-azure - Linux kernel for Microsoft Azure Cloud systems
Details
Marek Marczykowski-Górecki discovered that the Xen event channel
infrastructure implementation in the Linux kernel contained a race
condition. An attacker in a guest VM could possibly use this to cause a
denial of service (paravirtualized device unavailability). (CVE-2023-34324)
Zheng Wang discovered a use-after-free in the Renesas Ethernet AVB driver
in the Linux kernel during device removal. A privileged attacker could use
this to cause a denial of service (system crash). (CVE-2023-35827)
Tom Dohrmann discovered that the Secure Encrypted Virtualization (SEV)
implementation for AMD processors in the Linux kernel contained a race
condition when accessing MMIO registers. A local attacker in a SEV guest VM
could possibly use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2023-46813)
It was discovered that the io_uring subsystem in the Linux kernel contained
a race condition, leading to a null pointer dereference vulnerability. A
local attacker could use this to cause a denial of service (system crash).
(CVE-2023-46862)
It was discovered that a race condition existed in the ATM (Asynchronous
Transfer Mode) subsystem of the Linux kernel, leading to a use-after-free
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2023-51780)
It was discovered that a race condition existed in the AppleTalk networking
subsystem of the Linux kernel, leading to a use-after-free vulnerability. A
local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2023-51781)
It was discovered that the netfilter subsystem in the Linux kernel did not
properly validate inner tunnel netlink attributes, leading to a null
pointer dereference vulnerability. A local attacker could use this to cause
a denial of service (system crash). (CVE-2023-5972)
It was discovered that the TLS subsystem in the Linux kernel did not
properly perform cryptographic operations in some situations, leading to a
null pointer dereference vulnerability. A local attacker could use this to
cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2023-6176)
Jann Horn discovered that a race condition existed in the Linux kernel when
handling io_uring over sockets, leading to a use-after-free vulnerability.
A local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2023-6531)
Xingyuan Mo discovered that the netfilter subsystem in the Linux kernel did
not properly handle dynset expressions passed from userspace, leading to a
null pointer dereference vulnerability. A local attacker could use this to
cause a denial of service (system crash). (CVE-2023-6622)
Zhenghan Wang discovered that the generic ID allocator implementation in
the Linux kernel did not properly check for null bitmap when releasing IDs.
A local attacker could use this to cause a denial of service (system
crash). (CVE-2023-6915)
Robert Morris discovered that the CIFS network file system implementation
in the Linux kernel did not properly validate certain server commands
fields, leading to an out-of-bounds read vulnerability. An attacker could
use this to cause a denial of service (system crash) or possibly expose
sensitive information. (CVE-2024-0565)
Jann Horn discovered that the io_uring subsystem in the Linux kernel did
not properly handle the release of certain buffer rings. A local attacker
could use this to cause a denial of service (system crash) or possibly
execute arbitrary code. (CVE-2024-0582)
It was discovered that the TIPC protocol implementation in the Linux kernel
did not properly handle locking during tipc_crypto_key_revoke() operations.
A local attacker could use this to cause a denial of service (kernel
deadlock). (CVE-2024-0641)
Jann Horn discovered that the TLS subsystem in the Linux kernel did not
properly handle spliced messages, leading to an out-of-bounds write
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2024-0646)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 23.10 | noarch | linux-image-6.5.0-1015-azure | < 6.5.0-1015.15 | UNKNOWN |
| Ubuntu | 23.10 | noarch | linux-image-6.5.0-1015-azure-dbgsym | < 6.5.0-1015.15 | UNKNOWN |
| Ubuntu | 23.10 | noarch | linux-image-6.5.0-1015-azure-fde | < 6.5.0-1015.15 | UNKNOWN |
| Ubuntu | 23.10 | noarch | linux-image-6.5.0-1015-azure-fde-dbgsym | < 6.5.0-1015.15 | UNKNOWN |
| Ubuntu | 23.10 | noarch | linux-image-azure | < 6.5.0.1015.17 | UNKNOWN |
| Ubuntu | 23.10 | noarch | linux-azure | < 6.5.0.1015.17 | UNKNOWN |
| Ubuntu | 23.10 | noarch | linux-azure-fde | < 6.5.0.1015.17 | UNKNOWN |
| Ubuntu | 23.10 | noarch | linux-cloud-tools-azure | < 6.5.0.1015.17 | UNKNOWN |
| Ubuntu | 23.10 | noarch | linux-headers-azure | < 6.5.0.1015.17 | UNKNOWN |
| Ubuntu | 23.10 | noarch | linux-image-azure-fde | < 6.5.0.1015.17 | UNKNOWN |
References
ubuntu.com/security/CVE-2023-34324
ubuntu.com/security/CVE-2023-35827
ubuntu.com/security/CVE-2023-46813
ubuntu.com/security/CVE-2023-46862
ubuntu.com/security/CVE-2023-51780
ubuntu.com/security/CVE-2023-51781
ubuntu.com/security/CVE-2023-5972
ubuntu.com/security/CVE-2023-6176
ubuntu.com/security/CVE-2023-6531
ubuntu.com/security/CVE-2023-6622
ubuntu.com/security/CVE-2023-6915
ubuntu.com/security/CVE-2024-0565
ubuntu.com/security/CVE-2024-0582
ubuntu.com/security/CVE-2024-0641
ubuntu.com/security/CVE-2024-0646
Related
