LSN-0101-1

Advisory lineage Upstream: 10 Downstream: 0
Published: 12 Mar 2024, 13:45
Last modified:03 Jun 2026, 13:33

Vulnerability Summary

Overall Risk (default)
minimal
0/100
CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

12 Mar 2024, 13:45
Published
Vulnerability first disclosed
03 Jun 2026, 13:33
Last Modified
Vulnerability information updated

Description

Kernel Live Patch Security Notice Xingyuan Mo discovered that the netfilter subsystem in the Linux kernel did not properly handle inactive elements in its PIPAPO data structure, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.(CVE-2023-6817) It was discovered that the IGMP protocol implementation in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.(CVE-2023-6932) It was discovered that the netfilter connection tracker for netlink in the Linux kernel did not properly perform reference counting in some error conditions. A local attacker could possibly use this to cause a denial of service (memory exhaustion).(CVE-2023-7192) Kevin Rich discovered that the netfilter subsystem in the Linux kernel did not properly check deactivated elements in certain situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.(CVE-2024-0193) Jann Horn discovered that the TLS subsystem in the Linux kernel did not properly handle spliced messages, leading to an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.(CVE-2024-0646)

Affected Systems

  • ubuntulinux

    all | < 4.4.0-251.285 | < 4.15.0-222.233 | < 5.4.0-172.190 | < 5.15.0-97.107

  • ubuntulinux-aws

    all | < 4.4.0-1166.181 | < 4.15.0-1165.178 | < 5.4.0-1119.129 | < 5.15.0-1055.60

  • ubuntulinux-aws-5.15

    all | < 5.15.0-1055.60~20.04.1

  • ubuntulinux-aws-5.4

    all | < 5.4.0-1119.129~18.04.1

  • ubuntulinux-aws-6.5

    all | < 6.5.0-1012.12~22.04.1

  • ubuntulinux-aws-hwe

    all | < 4.15.0-1165.178~16.04.1

  • ubuntulinux-azure

    all | < 4.15.0-1174.189~16.04.1 | < 5.4.0-1124.131 | < 5.15.0-1057.65

  • ubuntulinux-azure-4.15

    all | < 4.15.0-1174.189

  • ubuntulinux-azure-5.4

    all | < 5.4.0-1124.131~18.04.1

  • ubuntulinux-azure-6.5

    all | < 6.5.0-1011.11~22.04.1

  • ubuntulinux-gcp

    all | < 4.15.0-1159.176~16.04.1 | < 5.4.0-1123.132 | < 5.15.0-1052.60

  • ubuntulinux-gcp-4.15

    all | < 4.15.0-1159.176

  • ubuntulinux-gcp-5.15

    all | < 5.15.0-1052.60~20.04.1

  • ubuntulinux-gcp-5.4

    all | < 5.4.0-1123.132~18.04.1

  • ubuntulinux-gcp-6.5

    all | < 6.5.0-1011.11~22.04.1

  • ubuntulinux-gke

    all | < 5.15.0-1051.56

  • ubuntulinux-gke-5.15

    all

  • ubuntulinux-gkeop

    all | < 5.4.0-1086.90

  • ubuntulinux-hwe

    all | < 4.15.0-222.233~16.04.1

  • ubuntulinux-hwe-5.15

    all | < 5.15.0-97.107~20.04.1

  • ubuntulinux-hwe-5.4

    all | < 5.4.0-172.190~18.04.1

  • ubuntulinux-hwe-6.5

    all | < 6.5.0-21.21~22.04.1

  • ubuntulinux-ibm

    all | < 5.4.0-1066.71 | < 5.15.0-1047.50

  • ubuntulinux-ibm-5.15

    all | < 5.15.0-1047.50~20.04.1

  • ubuntulinux-lowlatency-hwe-5.15

    all | < 5.15.0-97.107~20.04.1

  • ubuntulinux-lts-xenial

    all | < 4.4.0-251.285~14.04.1

References (6)