LSN-0096-1

Advisory lineage Upstream: 10 Downstream: 0
Published: 25 Jul 2023, 08:28
Last modified:03 Jun 2026, 13:33

Vulnerability Summary

Overall Risk (default)
minimal
0/100
CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

25 Jul 2023, 08:28
Published
Vulnerability first disclosed
03 Jun 2026, 13:33
Last Modified
Vulnerability information updated

Description

Kernel Live Patch Security Notice It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform data buffer size validation in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service (system crash) or possibly expose sensitive information.(CVE-2023-1380) Reima Ishii discovered that the nested KVM implementation for Intel x86 processors in the Linux kernel did not properly validate control registers in certain situations. An attacker in a guest VM could use this to cause a denial of service (guest crash).(CVE-2023-30456) Mingi Cho discovered that the netfilter subsystem in the Linux kernel did not properly validate the status of a nft chain while performing a lookup by id, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.(CVE-2023-31248) Gwangun Jung discovered that the Quick Fair Queueing scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.(CVE-2023-31436) Tanguy Dubroca discovered that the netfilter subsystem in the Linux kernel did not properly handle certain pointer data type, leading to an out-of- bounds write vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.(CVE-2023-35001)

Affected Systems

  • ubuntulinux

    all | < 4.4.0-243.277 | < 4.15.0-214.225 | < 5.4.0-155.172 | < 5.15.0-78.85

  • ubuntulinux-aws

    all | < 4.4.0-1159.174 | < 5.4.0-1106.114

  • ubuntulinux-aws-hwe

    all | < 4.15.0-1159.172~16.04.1

  • ubuntulinux-azure

    all | < 4.15.0-1168.183~16.04.1 | < 5.4.0-1112.118 | < 5.15.0-1042.49

  • ubuntulinux-azure-5.4

    all | < 5.4.0-1112.118~18.04.1

  • ubuntulinux-gcp

    all | < 4.15.0-1153.170~16.04.1 | < 5.4.0-1109.118 | < 5.15.0-1038.46

  • ubuntulinux-gcp-4.15

    all | < 4.15.0-1153.170

  • ubuntulinux-gcp-5.15

    all | < 5.15.0-1038.46~20.04.1

  • ubuntulinux-gcp-5.4

    all | < 5.4.0-1109.118~18.04.1

  • ubuntulinux-gke

    all | < 5.4.0-1104.111 | < 5.15.0-1038.43

  • ubuntulinux-gke-5.15

    all | < 5.15.0-1038.43~20.04.1

  • ubuntulinux-gke-5.4

    all

  • ubuntulinux-gkeop

    all | < 5.4.0-1073.77

  • ubuntulinux-gkeop-5.4

    all

  • ubuntulinux-hwe

    all | < 4.15.0-214.225~16.04.1

  • ubuntulinux-hwe-5.15

    all | < 5.15.0-78.85~20.04.1

  • ubuntulinux-hwe-5.4

    all | < 5.4.0-155.172~18.04.1

  • ubuntulinux-ibm

    all | < 5.4.0-1053.58 | < 5.15.0-1034.37

  • ubuntulinux-ibm-5.4

    all | < 5.4.0-1053.58~18.04.1

  • ubuntulinux-lowlatency-hwe-5.15

    all | < 5.15.0-78.85~20.04.1

  • ubuntulinux-lts-xenial

    all | < 4.4.0-243.277~14.04.1

References (6)