UbuntuUSN-6818-2Linux kernel (ARM laptop) vulnerabilities
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.7 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
49.9%
Releases
- Ubuntu 23.10
Packages
- linux-laptop - Linux kernel for Lenovo X13s ARM laptops
Details
Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel
did not properly validate H2C PDU data, leading to a null pointer
dereference vulnerability. A remote attacker could use this to cause a
denial of service (system crash). (CVE-2023-6356, CVE-2023-6535,
CVE-2023-6536)
It was discovered that the Intel Data Streaming and Intel Analytics
Accelerator drivers in the Linux kernel allowed direct access to the
devices for unprivileged users and virtual machines. A local attacker could
use this to cause a denial of service. (CVE-2024-21823)
Chenyuan Yang discovered that the RDS Protocol implementation in the Linux
kernel contained an out-of-bounds read vulnerability. An attacker could use
this to possibly cause a denial of service (system crash). (CVE-2024-23849)
It was discovered that a race condition existed in the Bluetooth subsystem
in the Linux kernel, leading to a null pointer dereference vulnerability. A
privileged local attacker could use this to possibly cause a denial of
service (system crash). (CVE-2024-24860)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- Core kernel;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- Android drivers;
- Drivers core;
- Power management core;
- Bus devices;
- Device frequency scaling framework;
- DMA engine subsystem;
- EDAC drivers;
- ARM SCMI message protocol;
- GPU drivers;
- IIO ADC drivers;
- InfiniBand drivers;
- IOMMU subsystem;
- Media drivers;
- Multifunction device drivers;
- MTD block device drivers;
- Network drivers;
- NVME drivers;
- Device tree and open firmware driver;
- PCI driver for MicroSemi Switchtec;
- Power supply drivers;
- RPMSG subsystem;
- SCSI drivers;
- QCOM SoC drivers;
- SPMI drivers;
- Thermal drivers;
- TTY drivers;
- VFIO drivers;
- BTRFS file system;
- Ceph distributed file system;
- EFI Variable file system;
- EROFS file system;
- Ext4 file system;
- F2FS file system;
- GFS2 file system;
- JFS file system;
- Network file systems library;
- Network file system server daemon;
- File systems infrastructure;
- Pstore file system;
- ReiserFS file system;
- SMB network file system;
- BPF subsystem;
- Memory management;
- TLS protocol;
- Ethernet bridge;
- Networking core;
- IPv4 networking;
- IPv6 networking;
- Logical Link layer;
- MAC80211 subsystem;
- Multipath TCP;
- Netfilter;
- NetLabel subsystem;
- Network traffic control;
- SMC sockets;
- Sun RPC protocol;
- AppArmor security module;
- Intel ASoC drivers;
- MediaTek ASoC drivers;
- USB sound devices;
(CVE-2023-52598, CVE-2023-52676, CVE-2023-52609, CVE-2024-26620,
CVE-2023-52487, CVE-2023-52465, CVE-2023-52473, CVE-2023-52467,
CVE-2024-26583, CVE-2023-52669, CVE-2023-52664, CVE-2023-52449,
CVE-2023-52614, CVE-2024-26595, CVE-2023-52611, CVE-2023-52696,
CVE-2023-52591, CVE-2023-52491, CVE-2024-35839, CVE-2023-52679,
CVE-2024-26607, CVE-2023-52587, CVE-2023-52469, CVE-2023-52608,
CVE-2023-52617, CVE-2023-52698, CVE-2024-26673, CVE-2024-35835,
CVE-2024-26808, CVE-2024-26668, CVE-2023-52626, CVE-2023-52621,
CVE-2024-35837, CVE-2023-52489, CVE-2023-52597, CVE-2024-26649,
CVE-2024-26615, CVE-2024-35838, CVE-2023-52693, CVE-2023-52497,
CVE-2024-35842, CVE-2024-26618, CVE-2024-26610, CVE-2024-26631,
CVE-2024-26644, CVE-2024-26627, CVE-2023-52677, CVE-2023-52472,
CVE-2023-52627, CVE-2023-52486, CVE-2023-52632, CVE-2023-52494,
CVE-2023-52468, CVE-2024-26634, CVE-2023-52588, CVE-2024-26646,
CVE-2024-26584, CVE-2023-52443, CVE-2023-52691, CVE-2024-26612,
CVE-2023-52595, CVE-2024-26592, CVE-2024-26623, CVE-2023-52492,
CVE-2024-26670, CVE-2023-52583, CVE-2023-52681, CVE-2023-52635,
CVE-2023-52457, CVE-2023-52445, CVE-2024-26629, CVE-2024-26594,
CVE-2023-52675, CVE-2023-52488, CVE-2023-52446, CVE-2024-26625,
CVE-2023-52697, CVE-2023-52453, CVE-2023-52498, CVE-2023-52686,
CVE-2023-52593, CVE-2023-52612, CVE-2023-52687, CVE-2023-52470,
CVE-2023-52455, CVE-2023-52444, CVE-2024-26608, CVE-2024-26633,
CVE-2024-26645, CVE-2023-52451, CVE-2023-52456, CVE-2024-26640,
CVE-2023-52670, CVE-2023-52589, CVE-2024-26598, CVE-2024-35841,
CVE-2024-26647, CVE-2024-26636, CVE-2023-52680, CVE-2023-52616,
CVE-2023-52685, CVE-2024-26582, CVE-2024-26638, CVE-2023-52694,
CVE-2024-35840, CVE-2023-52448, CVE-2023-52623, CVE-2023-52462,
CVE-2023-52452, CVE-2024-26641, CVE-2023-52683, CVE-2023-52682,
CVE-2023-52594, CVE-2023-52490, CVE-2023-52493, CVE-2023-52633,
CVE-2023-52606, CVE-2024-26669, CVE-2023-52584, CVE-2024-26585,
CVE-2023-52610, CVE-2023-52672, CVE-2023-52450, CVE-2023-52666,
CVE-2023-52458, CVE-2023-52622, CVE-2023-52674, CVE-2023-52619,
CVE-2024-26586, CVE-2023-52667, CVE-2024-26616, CVE-2023-52463,
CVE-2024-26632, CVE-2023-52447, CVE-2023-52692, CVE-2023-52678,
CVE-2023-52607, CVE-2023-52618, CVE-2023-52464, CVE-2024-26671,
CVE-2023-52599, CVE-2023-52454, CVE-2023-52495, CVE-2023-52690)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 23.10 | noarch | linux-image-6.5.0-1017-laptop | < 6.5.0-1017.20 | UNKNOWN |
| Ubuntu | 23.10 | noarch | linux-buildinfo-6.5.0-1017-laptop | < 6.5.0-1017.20 | UNKNOWN |
| Ubuntu | 23.10 | noarch | linux-headers-6.5.0-1017-laptop | < 6.5.0-1017.20 | UNKNOWN |
| Ubuntu | 23.10 | noarch | linux-image-6.5.0-1017-laptop-dbgsym | < 6.5.0-1017.20 | UNKNOWN |
| Ubuntu | 23.10 | noarch | linux-laptop-headers-6.5.0-1017 | < 6.5.0-1017.20 | UNKNOWN |
| Ubuntu | 23.10 | noarch | linux-laptop-tools-6.5.0-1017 | < 6.5.0-1017.20 | UNKNOWN |
| Ubuntu | 23.10 | noarch | linux-modules-6.5.0-1017-laptop | < 6.5.0-1017.20 | UNKNOWN |
| Ubuntu | 23.10 | noarch | linux-tools-6.5.0-1017-laptop | < 6.5.0-1017.20 | UNKNOWN |
| Ubuntu | 23.10 | noarch | linux-image-laptop-23.10 | < 6.5.0.1017.20 | UNKNOWN |
| Ubuntu | 23.10 | noarch | linux-headers-laptop-23.10 | < 6.5.0.1017.20 | UNKNOWN |
References
ubuntu.com/security/CVE-2023-52443
ubuntu.com/security/CVE-2023-52444
ubuntu.com/security/CVE-2023-52445
ubuntu.com/security/CVE-2023-52446
ubuntu.com/security/CVE-2023-52447
ubuntu.com/security/CVE-2023-52448
ubuntu.com/security/CVE-2023-52449
ubuntu.com/security/CVE-2023-52450
ubuntu.com/security/CVE-2023-52451
ubuntu.com/security/CVE-2023-52452
ubuntu.com/security/CVE-2023-52453
ubuntu.com/security/CVE-2023-52454
ubuntu.com/security/CVE-2023-52455
ubuntu.com/security/CVE-2023-52456
ubuntu.com/security/CVE-2023-52457
ubuntu.com/security/CVE-2023-52458
ubuntu.com/security/CVE-2023-52462
ubuntu.com/security/CVE-2023-52463
ubuntu.com/security/CVE-2023-52464
ubuntu.com/security/CVE-2023-52465
ubuntu.com/security/CVE-2023-52467
ubuntu.com/security/CVE-2023-52468
ubuntu.com/security/CVE-2023-52469
ubuntu.com/security/CVE-2023-52470
ubuntu.com/security/CVE-2023-52472
ubuntu.com/security/CVE-2023-52473
ubuntu.com/security/CVE-2023-52486
ubuntu.com/security/CVE-2023-52487
ubuntu.com/security/CVE-2023-52488
ubuntu.com/security/CVE-2023-52489
ubuntu.com/security/CVE-2023-52490
ubuntu.com/security/CVE-2023-52491
ubuntu.com/security/CVE-2023-52492
ubuntu.com/security/CVE-2023-52493
ubuntu.com/security/CVE-2023-52494
ubuntu.com/security/CVE-2023-52495
ubuntu.com/security/CVE-2023-52497
ubuntu.com/security/CVE-2023-52498
ubuntu.com/security/CVE-2023-52583
ubuntu.com/security/CVE-2023-52584
ubuntu.com/security/CVE-2023-52587
ubuntu.com/security/CVE-2023-52588
ubuntu.com/security/CVE-2023-52589
ubuntu.com/security/CVE-2023-52591
ubuntu.com/security/CVE-2023-52593
ubuntu.com/security/CVE-2023-52594
ubuntu.com/security/CVE-2023-52595
ubuntu.com/security/CVE-2023-52597
ubuntu.com/security/CVE-2023-52598
ubuntu.com/security/CVE-2023-52599
ubuntu.com/security/CVE-2023-52606
ubuntu.com/security/CVE-2023-52607
ubuntu.com/security/CVE-2023-52608
ubuntu.com/security/CVE-2023-52609
ubuntu.com/security/CVE-2023-52610
ubuntu.com/security/CVE-2023-52611
ubuntu.com/security/CVE-2023-52612
ubuntu.com/security/CVE-2023-52614
ubuntu.com/security/CVE-2023-52616
ubuntu.com/security/CVE-2023-52617
ubuntu.com/security/CVE-2023-52618
ubuntu.com/security/CVE-2023-52619
ubuntu.com/security/CVE-2023-52621
ubuntu.com/security/CVE-2023-52622
ubuntu.com/security/CVE-2023-52623
ubuntu.com/security/CVE-2023-52626
ubuntu.com/security/CVE-2023-52627
ubuntu.com/security/CVE-2023-52632
ubuntu.com/security/CVE-2023-52633
ubuntu.com/security/CVE-2023-52635
ubuntu.com/security/CVE-2023-52664
ubuntu.com/security/CVE-2023-52666
ubuntu.com/security/CVE-2023-52667
ubuntu.com/security/CVE-2023-52669
ubuntu.com/security/CVE-2023-52670
ubuntu.com/security/CVE-2023-52672
ubuntu.com/security/CVE-2023-52674
ubuntu.com/security/CVE-2023-52675
ubuntu.com/security/CVE-2023-52676
ubuntu.com/security/CVE-2023-52677
ubuntu.com/security/CVE-2023-52678
ubuntu.com/security/CVE-2023-52679
ubuntu.com/security/CVE-2023-52680
ubuntu.com/security/CVE-2023-52681
ubuntu.com/security/CVE-2023-52682
ubuntu.com/security/CVE-2023-52683
ubuntu.com/security/CVE-2023-52685
ubuntu.com/security/CVE-2023-52686
ubuntu.com/security/CVE-2023-52687
ubuntu.com/security/CVE-2023-52690
ubuntu.com/security/CVE-2023-52691
ubuntu.com/security/CVE-2023-52692
ubuntu.com/security/CVE-2023-52693
ubuntu.com/security/CVE-2023-52694
ubuntu.com/security/CVE-2023-52696
ubuntu.com/security/CVE-2023-52697
ubuntu.com/security/CVE-2023-52698
ubuntu.com/security/CVE-2023-6356
ubuntu.com/security/CVE-2023-6535
ubuntu.com/security/CVE-2023-6536
ubuntu.com/security/CVE-2024-21823
ubuntu.com/security/CVE-2024-23849
ubuntu.com/security/CVE-2024-24860
ubuntu.com/security/CVE-2024-26582
ubuntu.com/security/CVE-2024-26583
ubuntu.com/security/CVE-2024-26584
ubuntu.com/security/CVE-2024-26585
ubuntu.com/security/CVE-2024-26586
ubuntu.com/security/CVE-2024-26592
ubuntu.com/security/CVE-2024-26594
ubuntu.com/security/CVE-2024-26595
ubuntu.com/security/CVE-2024-26598
ubuntu.com/security/CVE-2024-26607
ubuntu.com/security/CVE-2024-26608
ubuntu.com/security/CVE-2024-26610
ubuntu.com/security/CVE-2024-26612
ubuntu.com/security/CVE-2024-26615
ubuntu.com/security/CVE-2024-26616
ubuntu.com/security/CVE-2024-26618
ubuntu.com/security/CVE-2024-26620
ubuntu.com/security/CVE-2024-26623
ubuntu.com/security/CVE-2024-26625
ubuntu.com/security/CVE-2024-26627
ubuntu.com/security/CVE-2024-26629
ubuntu.com/security/CVE-2024-26631
ubuntu.com/security/CVE-2024-26632
ubuntu.com/security/CVE-2024-26633
ubuntu.com/security/CVE-2024-26634
ubuntu.com/security/CVE-2024-26636
ubuntu.com/security/CVE-2024-26638
ubuntu.com/security/CVE-2024-26640
ubuntu.com/security/CVE-2024-26641
ubuntu.com/security/CVE-2024-26644
ubuntu.com/security/CVE-2024-26645
ubuntu.com/security/CVE-2024-26646
ubuntu.com/security/CVE-2024-26647
ubuntu.com/security/CVE-2024-26649
ubuntu.com/security/CVE-2024-26668
ubuntu.com/security/CVE-2024-26669
ubuntu.com/security/CVE-2024-26670
ubuntu.com/security/CVE-2024-26671
ubuntu.com/security/CVE-2024-26673
ubuntu.com/security/CVE-2024-26808
ubuntu.com/security/CVE-2024-35835
ubuntu.com/security/CVE-2024-35837
ubuntu.com/security/CVE-2024-35838
ubuntu.com/security/CVE-2024-35839
ubuntu.com/security/CVE-2024-35840
ubuntu.com/security/CVE-2024-35841
ubuntu.com/security/CVE-2024-35842
Related
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.7 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
49.9%