LSN-0094-1
Vulnerability Summary
Timeline
Description
Kernel Live Patch Security Notice Lin Ma discovered a race condition in the io_uring subsystem in the Linux kernel, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash).(CVE-2023-0468) It was discovered that the Traffic-Control Index (TCINDEX) implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.(CVE-2023-1281)
Affected Systems
- ubuntu•linux
all | < 5.15.0-67.74 | < 4.15.0-209.220 | < 5.4.0-147.164 | < 5.15.0-70.77
- ubuntu•linux-aws
all | < 5.15.0-1031.35 | < 4.15.0-1154.167 | < 5.4.0-1100.108 | < 5.15.0-1034.38
- ubuntu•linux-aws-5.15
< 5.15.0-1031.35~20.04.1 | < 5.15.0-1034.38~20.04.1
- ubuntu•linux-aws-5.4
all | < 5.4.0-1100.108~18.04.1
- ubuntu•linux-aws-hwe
all | < 4.15.0-1154.167~16.04.1
- ubuntu•linux-azure
all | < 5.15.0-1034.41 | < 4.15.0-1163.178~16.04.1 | < 5.4.0-1106.112 | < 5.15.0-1036.43
- ubuntu•linux-azure-4.15
all | < 4.15.0-1163.178
- ubuntu•linux-azure-5.4
all | < 5.4.0-1106.112~18.04.1
- ubuntu•linux-gcp
all | < 5.15.0-1030.37 | < 4.15.0-1148.164~16.04.1 | < 5.4.0-1103.112 | < 5.15.0-1032.40
- ubuntu•linux-gcp-4.15
all | < 4.15.0-1148.164
- ubuntu•linux-gcp-5.15
< 5.15.0-1030.37~20.04.1 | < 5.15.0-1032.40~20.04.1
- ubuntu•linux-gcp-5.4
all | < 5.4.0-1103.112~18.04.1
- ubuntu•linux-gke
all | < 5.15.0-1028.33 | < 5.4.0-1097.104 | < 5.15.0-1031.36
- ubuntu•linux-gke-4.15
all
- ubuntu•linux-gke-5.15
< 5.15.0-1028.33~20.04.1 | < 5.15.0-1031.36~20.04.1
- ubuntu•linux-gke-5.4
all
- ubuntu•linux-gkeop
all | < 5.4.0-1067.71
- ubuntu•linux-gkeop-5.4
all
- ubuntu•linux-hwe
all | < 4.15.0-209.220~16.04.1
- ubuntu•linux-hwe-5.4
all | < 5.4.0-147.164~18.04.1
- ubuntu•linux-ibm
all | < 5.15.0-1026.29 | < 5.4.0-1047.52 | < 5.15.0-1028.31
- ubuntu•linux-ibm-5.4
all | < 5.4.0-1047.52~18.04.1
- ubuntu•linux-oem
all