Ubuntu update for linux-oem-6.0
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 37 |
| CVE-ID | CVE-2022-27672 CVE-2022-4269 CVE-2023-0458 CVE-2023-1075 CVE-2023-1076 CVE-2023-1206 CVE-2023-1380 CVE-2023-1611 CVE-2023-2002 CVE-2023-20593 CVE-2023-2162 CVE-2023-2163 CVE-2023-2235 CVE-2023-2269 CVE-2023-28328 CVE-2023-28466 CVE-2023-2898 CVE-2023-3090 CVE-2023-3141 CVE-2023-31436 CVE-2023-3220 CVE-2023-32269 CVE-2023-3390 CVE-2023-3609 CVE-2023-3610 CVE-2023-3611 CVE-2023-3776 CVE-2023-3777 CVE-2023-3863 CVE-2023-3995 CVE-2023-4004 CVE-2023-4015 CVE-2023-40283 CVE-2023-4128 CVE-2023-4194 CVE-2023-4273 CVE-2023-4569 |
| CWE-ID | CWE-1342 CWE-833 CWE-476 CWE-843 CWE-400 CWE-125 CWE-416 CWE-264 CWE-787 CWE-667 CWE-362 CWE-399 CWE-119 CWE-121 CWE-401 |
| Exploitation vector | Network |
| Public exploit |
Public exploit code for vulnerability #9 is available. Public exploit code for vulnerability #31 is available. |
| Vulnerable software |
Ubuntu Operating systems & Components / Operating system linux-image-oem-22.04b (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-6.0.0-1021-oem (Ubuntu package) Operating systems & Components / Operating system package or component |
| Vendor | Canonical Ltd. |
Security Bulletin
This security bulletin contains information about 37 vulnerabilities.
1) Cross-thread return address predictions
EUVDB-ID: #VU72470
Risk: Low
CVSSv4.0: 0.4 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-27672
CWE-ID:
CWE-1342 - Information Exposure through Microarchitectural State after Transient Execution
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to certain AMD processors may speculatively execute instructions at an incorrect return site after an SMT mode switch that may potentially lead to information disclosure.
MitigationUpdate the affected package linux-oem-6.0 to the latest version.
Vulnerable software versionsUbuntu: 22.04
linux-image-oem-22.04b (Ubuntu package): before 6.0.0.1021.21
linux-image-6.0.0-1021-oem (Ubuntu package): before 6.0.0-1021.21
CPE2.3- cpe:2.3:o:canonical:ubuntu:22.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:linux-image-oem-22.04b_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-6.0.0-1021-oem_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-6385-1
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Deadlock
EUVDB-ID: #VU73186
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-4269
CWE-ID:
CWE-833 - Deadlock
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an error in the Linux kernel Traffic Control (TC) subsystem. A local user can use a specific network configuration (redirecting egress packets to ingress using TC action "mirred") to trigger a CPU soft lockup.
MitigationUpdate the affected package linux-oem-6.0 to the latest version.
Vulnerable software versionsUbuntu: 22.04
linux-image-oem-22.04b (Ubuntu package): before 6.0.0.1021.21
linux-image-6.0.0-1021-oem (Ubuntu package): before 6.0.0-1021.21
CPE2.3- cpe:2.3:o:canonical:linux-image-oem-22.04b_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-6.0.0-1021-oem_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-6385-1
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) NULL pointer dereference
EUVDB-ID: #VU76223
Risk: Low
CVSSv4.0: 1.9 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-0458
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in the do_prlimit() function. A local user can pass specially crafted data to the system and perform a denial of service (DoS) attack.
MitigationUpdate the affected package linux-oem-6.0 to the latest version.
Vulnerable software versionsUbuntu: 22.04
linux-image-oem-22.04b (Ubuntu package): before 6.0.0.1021.21
linux-image-6.0.0-1021-oem (Ubuntu package): before 6.0.0-1021.21
CPE2.3- cpe:2.3:o:canonical:linux-image-oem-22.04b_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-6.0.0-1021-oem_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-6385-1
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Type Confusion
EUVDB-ID: #VU72700
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-1075
CWE-ID:
CWE-843 - Type confusion
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a type confusion error within the tls_is_tx_ready() function in the net/tls stack of the Linux Kernel. A local user can trigger a type confusion error and execute arbitrary code with elevated privileges.
Update the affected package linux-oem-6.0 to the latest version.
Vulnerable software versionsUbuntu: 22.04
linux-image-oem-22.04b (Ubuntu package): before 6.0.0.1021.21
linux-image-6.0.0-1021-oem (Ubuntu package): before 6.0.0-1021.21
CPE2.3- cpe:2.3:o:canonical:linux-image-oem-22.04b_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-6.0.0-1021-oem_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-6385-1
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Type Confusion
EUVDB-ID: #VU72742
Risk: Low
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-1076
CWE-ID:
CWE-843 - Type confusion
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a type confusion error during initialization of TUN/TAP sockets. A local user can trigger a type confusion error and execute arbitrary code with elevated privileges.
Update the affected package linux-oem-6.0 to the latest version.
Vulnerable software versionsUbuntu: 22.04
linux-image-oem-22.04b (Ubuntu package): before 6.0.0.1021.21
linux-image-6.0.0-1021-oem (Ubuntu package): before 6.0.0-1021.21
CPE2.3- cpe:2.3:o:canonical:linux-image-oem-22.04b_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-6.0.0-1021-oem_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-6385-1
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Resource exhaustion
EUVDB-ID: #VU77953
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-1206
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a hash collision flaw in the IPv6 connection lookup table in the Linux kernel’s IPv6 functionality when an attacker makes a new kind of SYN flood attack. A remote attacker can increase the CPU usage of the server that accepts IPV6 connections up to 95%.
MitigationUpdate the affected package linux-oem-6.0 to the latest version.
Vulnerable software versionsUbuntu: 22.04
linux-image-oem-22.04b (Ubuntu package): before 6.0.0.1021.21
linux-image-6.0.0-1021-oem (Ubuntu package): before 6.0.0-1021.21
CPE2.3- cpe:2.3:o:canonical:linux-image-oem-22.04b_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-6.0.0-1021-oem_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-6385-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Out-of-bounds read
EUVDB-ID: #VU73280
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-1380
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition within the Broadcom Full MAC Wi-Fi driver (brcmfmac.ko). A local user can trigger an out-of-bounds read error and read contents of kernel memory on the system.
MitigationUpdate the affected package linux-oem-6.0 to the latest version.
Vulnerable software versionsUbuntu: 22.04
linux-image-oem-22.04b (Ubuntu package): before 6.0.0.1021.21
linux-image-6.0.0-1021-oem (Ubuntu package): before 6.0.0-1021.21
CPE2.3- cpe:2.3:o:canonical:linux-image-oem-22.04b_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-6.0.0-1021-oem_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-6385-1
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Use-after-free
EUVDB-ID: #VU75204
Risk: Low
CVSSv4.0: 1.9 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-1611
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the btrfs_search_slot() function in fs/btrfs/ctree.c. A local user can trigger a use-after-free error and crash the kernel.
Update the affected package linux-oem-6.0 to the latest version.
Vulnerable software versionsUbuntu: 22.04
linux-image-oem-22.04b (Ubuntu package): before 6.0.0.1021.21
linux-image-6.0.0-1021-oem (Ubuntu package): before 6.0.0-1021.21
CPE2.3- cpe:2.3:o:canonical:linux-image-oem-22.04b_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-6.0.0-1021-oem_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-6385-1
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU75163
Risk: Low
CVSSv4.0: 1.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/U:Clear]
CVE-ID: CVE-2023-2002
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: Yes
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to improper permissions check in the Bluetooth subsystem when handling ioctl system calls of HCI sockets. A local user can acquire a trusted socket, leading to unauthorized execution of management commands.
Update the affected package linux-oem-6.0 to the latest version.
Vulnerable software versionsUbuntu: 22.04
linux-image-oem-22.04b (Ubuntu package): before 6.0.0.1021.21
linux-image-6.0.0-1021-oem (Ubuntu package): before 6.0.0-1021.21
CPE2.3- cpe:2.3:o:canonical:linux-image-oem-22.04b_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-6.0.0-1021-oem_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-6385-1
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
10) Use-after-free
EUVDB-ID: #VU78572
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-20593
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error in AMD Zen2 processors. A local user can trigger a use-after-free error and execute arbitrary code on the system.
Note, the vulnerability was dubbed Zenbleed.
Update the affected package linux-oem-6.0 to the latest version.
Vulnerable software versionsUbuntu: 22.04
linux-image-oem-22.04b (Ubuntu package): before 6.0.0.1021.21
linux-image-6.0.0-1021-oem (Ubuntu package): before 6.0.0-1021.21
CPE2.3- cpe:2.3:o:canonical:linux-image-oem-22.04b_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-6.0.0-1021-oem_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-6385-1
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Use-after-free
EUVDB-ID: #VU75994
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-2162
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to a use-after-free error within the scsi_sw_tcp_session_create() function in drivers/scsi/iscsi_tcp.c in SCSI sub-component in the Linux Kernel. A local user can trigger a use-after-free error and gain access to sensitive information.
Update the affected package linux-oem-6.0 to the latest version.
Vulnerable software versionsUbuntu: 22.04
linux-image-oem-22.04b (Ubuntu package): before 6.0.0.1021.21
linux-image-6.0.0-1021-oem (Ubuntu package): before 6.0.0-1021.21
CPE2.3- cpe:2.3:o:canonical:linux-image-oem-22.04b_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-6.0.0-1021-oem_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-6385-1
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Out-of-bounds write
EUVDB-ID: #VU79673
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-2163
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
Description The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error in BPF verifier caused by improper marking of
registers for precision tracking in certain situations. A local user can trigger an out-of-bounds write and execute arbitrary code with elevated privileges.
Update the affected package linux-oem-6.0 to the latest version.
Vulnerable software versionsUbuntu: 22.04
linux-image-oem-22.04b (Ubuntu package): before 6.0.0.1021.21
linux-image-6.0.0-1021-oem (Ubuntu package): before 6.0.0-1021.21
CPE2.3- cpe:2.3:o:canonical:linux-image-oem-22.04b_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-6.0.0-1021-oem_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-6385-1
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Use-after-free
EUVDB-ID: #VU75997
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-2235
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error in the Linux Kernel Performance Events system. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.
Update the affected package linux-oem-6.0 to the latest version.
Vulnerable software versionsUbuntu: 22.04
linux-image-oem-22.04b (Ubuntu package): before 6.0.0.1021.21
linux-image-6.0.0-1021-oem (Ubuntu package): before 6.0.0-1021.21
CPE2.3- cpe:2.3:o:canonical:linux-image-oem-22.04b_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-6.0.0-1021-oem_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-6385-1
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) Improper locking
EUVDB-ID: #VU77243
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-2269
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service attack (DoS).
The vulnerability exists due to double-locking error in table_clear in drivers/md/dm-ioctl.c. A local user can perform a denial of service (DoS) attack.
Update the affected package linux-oem-6.0 to the latest version.
Vulnerable software versionsUbuntu: 22.04
linux-image-oem-22.04b (Ubuntu package): before 6.0.0.1021.21
linux-image-6.0.0-1021-oem (Ubuntu package): before 6.0.0-1021.21
CPE2.3- cpe:2.3:o:canonical:linux-image-oem-22.04b_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-6.0.0-1021-oem_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-6385-1
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
15) NULL pointer dereference
EUVDB-ID: #VU74126
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-28328
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the az6027 driver in drivers/media/usb/dev-usb/az6027.c in the Linux Kernel. A local user can pass specially crafted data to the application and perform a denial of service (DoS) attack.
MitigationUpdate the affected package linux-oem-6.0 to the latest version.
Vulnerable software versionsUbuntu: 22.04
linux-image-oem-22.04b (Ubuntu package): before 6.0.0.1021.21
linux-image-6.0.0-1021-oem (Ubuntu package): before 6.0.0-1021.21
CPE2.3- cpe:2.3:o:canonical:linux-image-oem-22.04b_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-6.0.0-1021-oem_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-6385-1
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
16) Race condition
EUVDB-ID: #VU74628
Risk: Low
CVSSv4.0: 4.4 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-28466
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition caused by a missing lock_sock call within the do_tls_getsockopt() function in net/tls/tls_main.c. A local user can exploit the race and gain unauthorized access to sensitive information and escalate privileges on the system.
MitigationUpdate the affected package linux-oem-6.0 to the latest version.
Vulnerable software versionsUbuntu: 22.04
linux-image-oem-22.04b (Ubuntu package): before 6.0.0.1021.21
linux-image-6.0.0-1021-oem (Ubuntu package): before 6.0.0-1021.21
CPE2.3- cpe:2.3:o:canonical:linux-image-oem-22.04b_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-6.0.0-1021-oem_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-6385-1
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
17) NULL pointer dereference
EUVDB-ID: #VU79476
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-2898
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the f2fs_write_end_io() function in fs/f2fs/data.c. A local user can pass specially crafted data to the system and perform a denial of service (DoS) attack.
MitigationUpdate the affected package linux-oem-6.0 to the latest version.
Vulnerable software versionsUbuntu: 22.04
linux-image-oem-22.04b (Ubuntu package): before 6.0.0.1021.21
linux-image-6.0.0-1021-oem (Ubuntu package): before 6.0.0-1021.21
CPE2.3- cpe:2.3:o:canonical:linux-image-oem-22.04b_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-6.0.0-1021-oem_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-6385-1
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
18) Out-of-bounds write
EUVDB-ID: #VU78010
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-3090
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
Description The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the ipvlan network driver in Linux kernel. A local user can trigger an out-of-bounds write and execute arbitrary code with elevated privileges.
Update the affected package linux-oem-6.0 to the latest version.
Vulnerable software versionsUbuntu: 22.04
linux-image-oem-22.04b (Ubuntu package): before 6.0.0.1021.21
linux-image-6.0.0-1021-oem (Ubuntu package): before 6.0.0-1021.21
CPE2.3- cpe:2.3:o:canonical:linux-image-oem-22.04b_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-6.0.0-1021-oem_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-6385-1
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
19) Use-after-free
EUVDB-ID: #VU77955
Risk: Low
CVSSv4.0: 4.5 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-3141
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the r592_remove() function of drivers/memstick/host/r592.c in media access in the Linux kernel. A local user can trigger a use-after-free error and escalate privileges on the system.
Update the affected package linux-oem-6.0 to the latest version.
Vulnerable software versionsUbuntu: 22.04
linux-image-oem-22.04b (Ubuntu package): before 6.0.0.1021.21
linux-image-6.0.0-1021-oem (Ubuntu package): before 6.0.0-1021.21
CPE2.3- cpe:2.3:o:canonical:linux-image-oem-22.04b_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-6.0.0-1021-oem_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-6385-1
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
20) Out-of-bounds write
EUVDB-ID: #VU76098
Risk: Low
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-31436
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
Description The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the qfq_change_class() function in net/sched/sch_qfq.c when handling the MTU value provided to the QFQ Scheduler. A local user can trigger an out-of-bounds write and execute arbitrary code with elevated privileges.
Update the affected package linux-oem-6.0 to the latest version.
Vulnerable software versionsUbuntu: 22.04
linux-image-oem-22.04b (Ubuntu package): before 6.0.0.1021.21
linux-image-6.0.0-1021-oem (Ubuntu package): before 6.0.0-1021.21
CPE2.3- cpe:2.3:o:canonical:linux-image-oem-22.04b_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-6.0.0-1021-oem_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-6385-1
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
21) NULL pointer dereference
EUVDB-ID: #VU78471
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-3220
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the dpu_crtc_atomic_check() function in drivers/gpu/drm/msm/disp/dpu1/dpu_crtc.c. A local user can pass specially crafted data to the application and perform a denial of service (DoS) attack.
MitigationUpdate the affected package linux-oem-6.0 to the latest version.
Vulnerable software versionsUbuntu: 22.04
linux-image-oem-22.04b (Ubuntu package): before 6.0.0.1021.21
linux-image-6.0.0-1021-oem (Ubuntu package): before 6.0.0-1021.21
CPE2.3- cpe:2.3:o:canonical:linux-image-oem-22.04b_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-6.0.0-1021-oem_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-6385-1
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
22) Use-after-free
EUVDB-ID: #VU76221
Risk: Low
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-32269
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error in net/netrom/af_netrom.c. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.
Successful exploitation of the vulnerability requires that the system has netrom routing configured or the attacker must have the CAP_NET_ADMIN capability.
MitigationUpdate the affected package linux-oem-6.0 to the latest version.
Vulnerable software versionsUbuntu: 22.04
linux-image-oem-22.04b (Ubuntu package): before 6.0.0.1021.21
linux-image-6.0.0-1021-oem (Ubuntu package): before 6.0.0-1021.21
CPE2.3- cpe:2.3:o:canonical:linux-image-oem-22.04b_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-6.0.0-1021-oem_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-6385-1
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
23) Use-after-free
EUVDB-ID: #VU78007
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-3390
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within net/netfilter/nf_tables_api.c in the Linux kernel netfilter subsystem. A local user can trigger a use-after-fee error and escalate privileges on the system.
Update the affected package linux-oem-6.0 to the latest version.
Vulnerable software versionsUbuntu: 22.04
linux-image-oem-22.04b (Ubuntu package): before 6.0.0.1021.21
linux-image-6.0.0-1021-oem (Ubuntu package): before 6.0.0-1021.21
CPE2.3- cpe:2.3:o:canonical:linux-image-oem-22.04b_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-6.0.0-1021-oem_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-6385-1
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
24) Use-after-free
EUVDB-ID: #VU78941
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-3609
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the the Linux kernel net/sched: cls_u32 component. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.
Update the affected package linux-oem-6.0 to the latest version.
Vulnerable software versionsUbuntu: 22.04
linux-image-oem-22.04b (Ubuntu package): before 6.0.0.1021.21
linux-image-6.0.0-1021-oem (Ubuntu package): before 6.0.0-1021.21
CPE2.3- cpe:2.3:o:canonical:linux-image-oem-22.04b_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-6.0.0-1021-oem_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-6385-1
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
25) Use-after-free
EUVDB-ID: #VU78779
Risk: Low
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-3610
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nf_tables component in Linux kernel netfilter. A local user with CAP_NET_ADMIN capability can trigger a use-after-free error and execute arbitrary code with elevated privileges.
Update the affected package linux-oem-6.0 to the latest version.
Vulnerable software versionsUbuntu: 22.04
linux-image-oem-22.04b (Ubuntu package): before 6.0.0.1021.21
linux-image-6.0.0-1021-oem (Ubuntu package): before 6.0.0-1021.21
CPE2.3- cpe:2.3:o:canonical:linux-image-oem-22.04b_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-6.0.0-1021-oem_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-6385-1
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
26) Out-of-bounds write
EUVDB-ID: #VU78943
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-3611
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
Description The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error in the qfq_change_agg() function in net/sched/sch_qfq.c within the Linux kernel net/sched: sch_qfq component. A local user trigger an out-of-bounds write and execute arbitrary code on the target system.
MitigationUpdate the affected package linux-oem-6.0 to the latest version.
Vulnerable software versionsUbuntu: 22.04
linux-image-oem-22.04b (Ubuntu package): before 6.0.0.1021.21
linux-image-6.0.0-1021-oem (Ubuntu package): before 6.0.0-1021.21
CPE2.3- cpe:2.3:o:canonical:linux-image-oem-22.04b_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-6.0.0-1021-oem_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-6385-1
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
27) Use-after-free
EUVDB-ID: #VU79285
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-3776
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the the Linux kernel's net/sched: cls_fw component. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.
Update the affected package linux-oem-6.0 to the latest version.
Vulnerable software versionsUbuntu: 22.04
linux-image-oem-22.04b (Ubuntu package): before 6.0.0.1021.21
linux-image-6.0.0-1021-oem (Ubuntu package): before 6.0.0-1021.21
CPE2.3- cpe:2.3:o:canonical:linux-image-oem-22.04b_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-6.0.0-1021-oem_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-6385-1
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
28) Resource management error
EUVDB-ID: #VU80121
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-3777
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to improper handling of table rules flush in certain circumstances within the netfilter subsystem in net/netfilter/nf_tables_api.c. A local user can perform a denial of service (DoS) attack or execute arbitrary code with elevated privileges.
Update the affected package linux-oem-6.0 to the latest version.
Vulnerable software versionsUbuntu: 22.04
linux-image-oem-22.04b (Ubuntu package): before 6.0.0.1021.21
linux-image-6.0.0-1021-oem (Ubuntu package): before 6.0.0-1021.21
CPE2.3- cpe:2.3:o:canonical:linux-image-oem-22.04b_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-6.0.0-1021-oem_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-6385-1
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
29) Use-after-free
EUVDB-ID: #VU79479
Risk: Low
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-3863
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nfc_llcp_find_local() function in net/nfc/llcp_core.c in NFC implementation in Linux kernel. A local user can execute arbitrary code with elevated privileges.
Update the affected package linux-oem-6.0 to the latest version.
Vulnerable software versionsUbuntu: 22.04
linux-image-oem-22.04b (Ubuntu package): before 6.0.0.1021.21
linux-image-6.0.0-1021-oem (Ubuntu package): before 6.0.0-1021.21
CPE2.3- cpe:2.3:o:canonical:linux-image-oem-22.04b_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-6.0.0-1021-oem_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-6385-1
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
30) Buffer overflow
EUVDB-ID: #VU80124
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-3995
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the netfilter subsystem in net/netfilter/nf_tables_api.c when handling rule additions to bound chains. A local user can trigger memory corruption and execute arbitrary code on the target system.
Update the affected package linux-oem-6.0 to the latest version.
Vulnerable software versionsUbuntu: 22.04
linux-image-oem-22.04b (Ubuntu package): before 6.0.0.1021.21
linux-image-6.0.0-1021-oem (Ubuntu package): before 6.0.0-1021.21
CPE2.3- cpe:2.3:o:canonical:linux-image-oem-22.04b_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-6.0.0-1021-oem_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-6385-1
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
31) Use-after-free
EUVDB-ID: #VU79498
Risk: Low
CVSSv4.0: 7.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear]
CVE-ID: CVE-2023-4004
CWE-ID:
CWE-416 - Use After Free
Exploit availability: Yes
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error in the way a user triggers the nft_pipapo_remove function with the element, without a NFT_SET_EXT_KEY_END. A local user can execute arbitrary code with elevated privileges.
Update the affected package linux-oem-6.0 to the latest version.
Vulnerable software versionsUbuntu: 22.04
linux-image-oem-22.04b (Ubuntu package): before 6.0.0.1021.21
linux-image-6.0.0-1021-oem (Ubuntu package): before 6.0.0-1021.21
CPE2.3- cpe:2.3:o:canonical:linux-image-oem-22.04b_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-6.0.0-1021-oem_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-6385-1
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
32) Buffer overflow
EUVDB-ID: #VU80123
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-4015
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the netfilter subsystem in net/netfilter/nft_immediate.c when handling bound chain deactivation. A local user can trigger memory corruption and execute arbitrary code with elevated privileges.
Update the affected package linux-oem-6.0 to the latest version.
Vulnerable software versionsUbuntu: 22.04
linux-image-oem-22.04b (Ubuntu package): before 6.0.0.1021.21
linux-image-6.0.0-1021-oem (Ubuntu package): before 6.0.0-1021.21
CPE2.3- cpe:2.3:o:canonical:linux-image-oem-22.04b_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-6.0.0-1021-oem_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-6385-1
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
33) Use-after-free
EUVDB-ID: #VU79714
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-40283
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the l2cap_sock_release() function in net/bluetooth/l2cap_sock.c. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.
Update the affected package linux-oem-6.0 to the latest version.
Vulnerable software versionsUbuntu: 22.04
linux-image-oem-22.04b (Ubuntu package): before 6.0.0.1021.21
linux-image-6.0.0-1021-oem (Ubuntu package): before 6.0.0-1021.21
CPE2.3- cpe:2.3:o:canonical:linux-image-oem-22.04b_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-6.0.0-1021-oem_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-6385-1
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
34) Use-after-free
EUVDB-ID: #VU79486
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-4128
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within net/sched/cls_fw.c in classifiers (cls_fw, cls_u32, and cls_route) in the Linux Kernel. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.
Update the affected package linux-oem-6.0 to the latest version.
Vulnerable software versionsUbuntu: 22.04
linux-image-oem-22.04b (Ubuntu package): before 6.0.0.1021.21
linux-image-6.0.0-1021-oem (Ubuntu package): before 6.0.0-1021.21
CPE2.3- cpe:2.3:o:canonical:linux-image-oem-22.04b_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-6.0.0-1021-oem_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-6385-1
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
35) Type Confusion
EUVDB-ID: #VU79485
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-4194
CWE-ID:
CWE-843 - Type confusion
Exploit availability: No
DescriptionThe vulnerability allows a local user to bypass implemented security restrictions.
The vulnerability exists due to a type confusion error in TUN/TAP functionality. A local user can bypass network filters and gain unauthorized access to some resources.
The vulnerability exists due to incomplete fix for #VU72742 (CVE-2023-1076).
Update the affected package linux-oem-6.0 to the latest version.
Vulnerable software versionsUbuntu: 22.04
linux-image-oem-22.04b (Ubuntu package): before 6.0.0.1021.21
linux-image-6.0.0-1021-oem (Ubuntu package): before 6.0.0-1021.21
CPE2.3- cpe:2.3:o:canonical:linux-image-oem-22.04b_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-6.0.0-1021-oem_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-6385-1
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
36) Stack-based buffer overflow
EUVDB-ID: #VU79487
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-4273
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error in the implementation of the file name reconstruction function in the exFAT driver in Linux kernel. A local user can trigger a stack overflow and execute arbitrary code with elevated privileges.
Update the affected package linux-oem-6.0 to the latest version.
Vulnerable software versionsUbuntu: 22.04
linux-image-oem-22.04b (Ubuntu package): before 6.0.0.1021.21
linux-image-6.0.0-1021-oem (Ubuntu package): before 6.0.0-1021.21
CPE2.3- cpe:2.3:o:canonical:linux-image-oem-22.04b_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-6.0.0-1021-oem_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-6385-1
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
37) Memory leak
EUVDB-ID: #VU80584
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-4569
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform DoS attack on the target system.
The vulnerability exists due memory leak within the nft_set_catchall_flush() function in net/netfilter/nf_tables_api.c. A local user can perform a denial of service attack.
MitigationUpdate the affected package linux-oem-6.0 to the latest version.
Vulnerable software versionsUbuntu: 22.04
linux-image-oem-22.04b (Ubuntu package): before 6.0.0.1021.21
linux-image-6.0.0-1021-oem (Ubuntu package): before 6.0.0-1021.21
CPE2.3- cpe:2.3:o:canonical:linux-image-oem-22.04b_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-6.0.0-1021-oem_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-6385-1
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
