Ubuntu update for linux-aws-6.5
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 12 |
| CVE-ID | CVE-2023-46838 CVE-2023-50431 CVE-2023-52429 CVE-2024-23851 CVE-2023-6610 CVE-2024-22705 CVE-2024-23850 CVE-2023-52434 CVE-2023-52436 CVE-2023-52435 CVE-2023-52439 CVE-2023-52438 |
| CWE-ID | CWE-20 CWE-401 CWE-754 CWE-125 CWE-617 CWE-119 CWE-200 CWE-416 |
| Exploitation vector | Local network |
| Public exploit | N/A |
| Vulnerable software |
Ubuntu Operating systems & Components / Operating system linux-image-raspi (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-aws (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-6.5.0-1017-aws (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-raspi-nolpae (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-6.5.0-1014-raspi (Ubuntu package) Operating systems & Components / Operating system package or component |
| Vendor | Canonical Ltd. |
Security Bulletin
This security bulletin contains information about 12 vulnerabilities.
1) Input validation error
EUVDB-ID: #VU85682
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-46838
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows an unprivileged guest to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of network packets at the backend. An unprivileged guest can send zero-length packets to the OS kernel and perform a denial of service (DoS) attack.
MitigationUpdate the affected package linux-aws-6.5 to the latest version.
Vulnerable software versionsUbuntu: 22.04 - 23.10
linux-image-raspi (Ubuntu package): before 6.5.0.1014.15
linux-image-aws (Ubuntu package): before 6.5.0.1017.17~22.04.2
linux-image-6.5.0-1017-aws (Ubuntu package): before 6.5.0-1017.17~22.04.2
linux-image-raspi-nolpae (Ubuntu package): before 6.5.0.1014.15
linux-image-6.5.0-1014-raspi (Ubuntu package): before 6.5.0-1014.17
CPE2.3- cpe:2.3:o:canonical:ubuntu:22.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu:23.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:linux-image-raspi_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-aws_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-6.5.0-1017-aws_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-raspi-nolpae_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-6.5.0-1014-raspi_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-6724-2
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Memory leak
EUVDB-ID: #VU88285
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-50431
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due memory leak within the sec_attest_info() function in drivers/accel/habanalabs/common/habanalabs_ioctl.c. A local user can cause information leak to user space.
Update the affected package linux-aws-6.5 to the latest version.
Vulnerable software versionsUbuntu: 22.04 - 23.10
linux-image-raspi (Ubuntu package): before 6.5.0.1014.15
linux-image-aws (Ubuntu package): before 6.5.0.1017.17~22.04.2
linux-image-6.5.0-1017-aws (Ubuntu package): before 6.5.0-1017.17~22.04.2
linux-image-raspi-nolpae (Ubuntu package): before 6.5.0.1014.15
linux-image-6.5.0-1014-raspi (Ubuntu package): before 6.5.0-1014.17
CPE2.3- cpe:2.3:o:canonical:linux-image-raspi_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-aws_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-6.5.0-1017-aws_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-raspi-nolpae_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-6.5.0-1014-raspi_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-6724-2
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Improper Check for Unusual or Exceptional Conditions
EUVDB-ID: #VU87166
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52429
CWE-ID:
CWE-754 - Improper Check for Unusual or Exceptional Conditions
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the dm_table_create() function in drivers/md/dm-table.c. A local user can pass specially crafted data to the kernel and perform a denial of service (DoS) attack.
MitigationUpdate the affected package linux-aws-6.5 to the latest version.
Vulnerable software versionsUbuntu: 22.04 - 23.10
linux-image-raspi (Ubuntu package): before 6.5.0.1014.15
linux-image-aws (Ubuntu package): before 6.5.0.1017.17~22.04.2
linux-image-6.5.0-1017-aws (Ubuntu package): before 6.5.0-1017.17~22.04.2
linux-image-raspi-nolpae (Ubuntu package): before 6.5.0.1014.15
linux-image-6.5.0-1014-raspi (Ubuntu package): before 6.5.0-1014.17
CPE2.3- cpe:2.3:o:canonical:linux-image-raspi_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-aws_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-6.5.0-1017-aws_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-raspi-nolpae_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-6.5.0-1014-raspi_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-6724-2
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Out-of-bounds read
EUVDB-ID: #VU87595
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-23851
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary condition within the copy_params() function in drivers/md/dm-ioctl.c. A remote attacker can trigger an out-of-bounds read and perform a denial of service (DoS) attack.
Update the affected package linux-aws-6.5 to the latest version.
Vulnerable software versionsUbuntu: 22.04 - 23.10
linux-image-raspi (Ubuntu package): before 6.5.0.1014.15
linux-image-aws (Ubuntu package): before 6.5.0.1017.17~22.04.2
linux-image-6.5.0-1017-aws (Ubuntu package): before 6.5.0-1017.17~22.04.2
linux-image-raspi-nolpae (Ubuntu package): before 6.5.0.1014.15
linux-image-6.5.0-1014-raspi (Ubuntu package): before 6.5.0-1014.17
CPE2.3- cpe:2.3:o:canonical:linux-image-raspi_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-aws_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-6.5.0-1017-aws_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-raspi-nolpae_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-6.5.0-1014-raspi_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-6724-2
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Out-of-bounds read
EUVDB-ID: #VU85443
Risk: Low
CVSSv4.0: 4.5 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-6610
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to a boundary condition within the smb2_dump_detail() function in fs/smb/client/smb2ops.c. A local user can trigger an out-of-bounds read error and gain access to sensitive information or crash the kernel.
MitigationUpdate the affected package linux-aws-6.5 to the latest version.
Vulnerable software versionsUbuntu: 22.04 - 23.10
linux-image-raspi (Ubuntu package): before 6.5.0.1014.15
linux-image-aws (Ubuntu package): before 6.5.0.1017.17~22.04.2
linux-image-6.5.0-1017-aws (Ubuntu package): before 6.5.0-1017.17~22.04.2
linux-image-raspi-nolpae (Ubuntu package): before 6.5.0.1014.15
linux-image-6.5.0-1014-raspi (Ubuntu package): before 6.5.0-1014.17
CPE2.3- cpe:2.3:o:canonical:linux-image-raspi_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-aws_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-6.5.0-1017-aws_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-raspi-nolpae_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-6.5.0-1014-raspi_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-6724-2
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Out-of-bounds read
EUVDB-ID: #VU86554
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-22705
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition within the smb2_get_data_area_len() function in fs/smb/server/smb2misc.c in Linux kernel ksmbd. A local user can trigger an out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected package linux-aws-6.5 to the latest version.
Vulnerable software versionsUbuntu: 22.04 - 23.10
linux-image-raspi (Ubuntu package): before 6.5.0.1014.15
linux-image-aws (Ubuntu package): before 6.5.0.1017.17~22.04.2
linux-image-6.5.0-1017-aws (Ubuntu package): before 6.5.0-1017.17~22.04.2
linux-image-raspi-nolpae (Ubuntu package): before 6.5.0.1014.15
linux-image-6.5.0-1014-raspi (Ubuntu package): before 6.5.0-1014.17
CPE2.3- cpe:2.3:o:canonical:linux-image-raspi_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-aws_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-6.5.0-1017-aws_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-raspi-nolpae_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-6.5.0-1014-raspi_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-6724-2
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Reachable Assertion
EUVDB-ID: #VU87594
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-23850
CWE-ID:
CWE-617 - Reachable Assertion
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a reachable assertion within the btrfs_get_root_ref() function in fs/btrfs/disk-io.c. A local user can perform a denial of service (DoS) attack.
Update the affected package linux-aws-6.5 to the latest version.
Vulnerable software versionsUbuntu: 22.04 - 23.10
linux-image-raspi (Ubuntu package): before 6.5.0.1014.15
linux-image-aws (Ubuntu package): before 6.5.0.1017.17~22.04.2
linux-image-6.5.0-1017-aws (Ubuntu package): before 6.5.0-1017.17~22.04.2
linux-image-raspi-nolpae (Ubuntu package): before 6.5.0.1014.15
linux-image-6.5.0-1014-raspi (Ubuntu package): before 6.5.0-1014.17
CPE2.3- cpe:2.3:o:canonical:linux-image-raspi_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-aws_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-6.5.0-1017-aws_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-raspi-nolpae_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-6.5.0-1014-raspi_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-6724-2
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Buffer overflow
EUVDB-ID: #VU88283
Risk: Medium
CVSSv4.0: 6.1 [CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-52434
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the smb2_parse_contexts() function when parsing SMB packets. A remote user can send specially crafted SMB traffic to the affected system, trigger memory corruption and execute arbitrary code.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected package linux-aws-6.5 to the latest version.
Vulnerable software versionsUbuntu: 22.04 - 23.10
linux-image-raspi (Ubuntu package): before 6.5.0.1014.15
linux-image-aws (Ubuntu package): before 6.5.0.1017.17~22.04.2
linux-image-6.5.0-1017-aws (Ubuntu package): before 6.5.0-1017.17~22.04.2
linux-image-raspi-nolpae (Ubuntu package): before 6.5.0.1014.15
linux-image-6.5.0-1014-raspi (Ubuntu package): before 6.5.0-1014.17
CPE2.3- cpe:2.3:o:canonical:linux-image-raspi_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-aws_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-6.5.0-1017-aws_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-raspi-nolpae_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-6.5.0-1014-raspi_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-6724-2
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Information disclosure
EUVDB-ID: #VU87592
Risk: Low
CVSSv4.0: 0.4 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52436
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to the __f2fs_setxattr() function in fs/f2fs/xattr.c, does not empty by default the unused space in the xattr list. A local user can gain access to potentially sensitive information.
Update the affected package linux-aws-6.5 to the latest version.
Vulnerable software versionsUbuntu: 22.04 - 23.10
linux-image-raspi (Ubuntu package): before 6.5.0.1014.15
linux-image-aws (Ubuntu package): before 6.5.0.1017.17~22.04.2
linux-image-6.5.0-1017-aws (Ubuntu package): before 6.5.0-1017.17~22.04.2
linux-image-raspi-nolpae (Ubuntu package): before 6.5.0.1014.15
linux-image-6.5.0-1014-raspi (Ubuntu package): before 6.5.0-1014.17
CPE2.3- cpe:2.3:o:canonical:linux-image-raspi_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-aws_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-6.5.0-1017-aws_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-raspi-nolpae_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-6.5.0-1014-raspi_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-6724-2
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Buffer overflow
EUVDB-ID: #VU87748
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52435
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error within the skb_segment() function. A local user can trigger memory corruption and crash the kernel.
Update the affected package linux-aws-6.5 to the latest version.
Vulnerable software versionsUbuntu: 22.04 - 23.10
linux-image-raspi (Ubuntu package): before 6.5.0.1014.15
linux-image-aws (Ubuntu package): before 6.5.0.1017.17~22.04.2
linux-image-6.5.0-1017-aws (Ubuntu package): before 6.5.0-1017.17~22.04.2
linux-image-raspi-nolpae (Ubuntu package): before 6.5.0.1014.15
linux-image-6.5.0-1014-raspi (Ubuntu package): before 6.5.0-1014.17
CPE2.3- cpe:2.3:o:canonical:linux-image-raspi_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-aws_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-6.5.0-1017-aws_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-raspi-nolpae_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-6.5.0-1014-raspi_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-6724-2
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Use-after-free
EUVDB-ID: #VU87573
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52439
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the uio_open() function in drivers/uio/uio.c. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.
Update the affected package linux-aws-6.5 to the latest version.
Vulnerable software versionsUbuntu: 22.04 - 23.10
linux-image-raspi (Ubuntu package): before 6.5.0.1014.15
linux-image-aws (Ubuntu package): before 6.5.0.1017.17~22.04.2
linux-image-6.5.0-1017-aws (Ubuntu package): before 6.5.0-1017.17~22.04.2
linux-image-raspi-nolpae (Ubuntu package): before 6.5.0.1014.15
linux-image-6.5.0-1014-raspi (Ubuntu package): before 6.5.0-1014.17
CPE2.3- cpe:2.3:o:canonical:linux-image-raspi_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-aws_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-6.5.0-1017-aws_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-raspi-nolpae_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-6.5.0-1014-raspi_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-6724-2
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Use-after-free
EUVDB-ID: #VU87593
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52438
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the binder_alloc_free_page() function in drivers/android/binder_alloc.c. A local user can trigger a race condition and escalate privileges on the system.
Update the affected package linux-aws-6.5 to the latest version.
Vulnerable software versionsUbuntu: 22.04 - 23.10
linux-image-raspi (Ubuntu package): before 6.5.0.1014.15
linux-image-aws (Ubuntu package): before 6.5.0.1017.17~22.04.2
linux-image-6.5.0-1017-aws (Ubuntu package): before 6.5.0-1017.17~22.04.2
linux-image-raspi-nolpae (Ubuntu package): before 6.5.0.1014.15
linux-image-6.5.0-1014-raspi (Ubuntu package): before 6.5.0-1014.17
CPE2.3- cpe:2.3:o:canonical:linux-image-raspi_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-aws_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-6.5.0-1017-aws_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-raspi-nolpae_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-6.5.0-1014-raspi_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-6724-2
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
