📚 USN-6439-1: Linux kernel vulnerabilities
Nachrichtenbereich: 🐧 Unix Server
🔗 Quelle: ubuntu.com
It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker could use this to cause a denial of service (excessive CPU consumption). (CVE-2023-1206) Yu Hao and Weiteng Chen discovered that the Bluetooth HCI UART driver in the Linux kernel contained a race condition, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-31083) Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized network frontend, leading to a buffer overflow. An attacker in a guest VM could use this to cause a denial of service (host system crash) or possibly execute arbitrary code. (CVE-2023-34319) Lin Ma discovered that the Netlink Transformation (XFRM) subsystem in the Linux kernel contained a null pointer dereference vulnerability in some situations. A local privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-3772) Kyle Zeng discovered that the networking stack implementation in the Linux kernel did not properly validate skb object size in certain conditions. An attacker could use this cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-42752) Kyle Zeng discovered that the netfiler subsystem in the Linux kernel did not properly calculate array offsets, leading to a out-of-bounds write vulnerability. A local user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-42753) Kyle Zeng discovered that the IPv4 Resource Reservation Protocol (RSVP) classifier implementation in the Linux kernel contained an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash). Please note that kernel packet classifier support for RSVP has been removed to resolve this vulnerability. (CVE-2023-42755) Bing-Jhong Billy Jheng discovered that the Unix domain socket implementation in the Linux kernel contained a race condition in certain situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4622) Budimir Markovic discovered that the qdisc implementation in the Linux kernel did not properly validate inner classes, leading to a use-after-free vulnerability. A local user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4623) Alex Birnberg discovered that the netfilter subsystem in the Linux kernel did not properly validate register length, leading to an out-of- bounds write vulnerability. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-4881) It was discovered that the Quick Fair Queueing scheduler implementation in the Linux kernel did not properly handle network packets in certain conditions, leading to a use after free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4921) ...
📰 USN-6898-3: Linux kernel kernel vulnerabilities
📈 21.38 Punkte
🐧 Unix Server
📰 USN-4393-1: Linux kernel vulnerabilities
📈 17.16 Punkte
🐧 Unix Server
📰 USN-5515-1: Linux kernel vulnerabilities
📈 17.16 Punkte
🐧 Unix Server
📰 USN-6918-1: Linux kernel vulnerabilities
📈 17.16 Punkte
🐧 Unix Server
📰 USN-4917-1: Linux kernel vulnerabilities
📈 17.16 Punkte
🐧 Unix Server
📰 USN-6872-1: Linux kernel vulnerabilities
📈 17.16 Punkte
🐧 Unix Server
📰 USN-5809-1: Linux kernel (OEM) vulnerabilities
📈 17.16 Punkte
🐧 Unix Server
📰 USN-7020-2: Linux kernel vulnerabilities
📈 17.16 Punkte
🐧 Unix Server
📰 USN-5728-3: Linux kernel (GCP) vulnerabilities
📈 17.16 Punkte
🐧 Unix Server
📰 USN-6031-1: Linux kernel (OEM) vulnerabilities
📈 17.16 Punkte
🐧 Unix Server
📰 USN-6603-1: Linux kernel (AWS) vulnerabilities
📈 17.16 Punkte
🐧 Unix Server
📰 USN-6494-1: Linux kernel vulnerabilities
📈 17.16 Punkte
🐧 Unix Server
📰 USN-6774-1: Linux kernel vulnerabilities
📈 17.16 Punkte
🐧 Unix Server
📰 USN-6681-1: Linux kernel vulnerabilities
📈 17.16 Punkte
🐧 Unix Server
📰 USN-2978-1: Linux kernel vulnerabilities
📈 17.16 Punkte
🐧 Unix Server
📰 USN-2907-1: Linux kernel vulnerabilities
📈 17.16 Punkte
🐧 Unix Server
📰 USN-3145-1: Linux kernel vulnerabilities
📈 17.16 Punkte
🐧 Unix Server
📰 USN-3049-1: Linux kernel vulnerabilities
📈 17.16 Punkte
🐧 Unix Server
📰 USN-3364-1: Linux kernel vulnerabilities
📈 17.16 Punkte
🐧 Unix Server
📰 USN-3265-1: Linux kernel vulnerabilities
📈 17.16 Punkte
🐧 Unix Server
📰 USN-3083-1: Linux kernel vulnerabilities
📈 17.16 Punkte
🐧 Unix Server
📰 USN-2997-1: Linux kernel (OMAP4) vulnerabilities
📈 17.16 Punkte
🐧 Unix Server
📰 USN-3468-2: Linux kernel (HWE) vulnerabilities
📈 17.16 Punkte
🐧 Unix Server
📰 USN-3167-2: Linux kernel (OMAP4) vulnerabilities
📈 17.16 Punkte
🐧 Unix Server
📰 USN-4287-1: Linux kernel vulnerabilities
📈 17.16 Punkte
🐧 Unix Server