LSN-0103-1

Advisory lineage Upstream: 14 Downstream: 0
Published: 30 Apr 2024, 09:06
Last modified:03 Jun 2026, 13:33

Vulnerability Summary

Overall Risk (default)
minimal
0/100
CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

30 Apr 2024, 09:06
Published
Vulnerability first disclosed
03 Jun 2026, 13:33
Last Modified
Vulnerability information updated

Description

Kernel Live Patch Security Notice Lonial Con discovered that the netfilter subsystem in the Linux kernel contained a memory leak when handling certain element flush operations. A local attacker could use this to expose sensitive information (kernel memory).(CVE-2023-4569) Xingyuan Mo discovered that the netfilter subsystem in the Linux kernel did not properly handle inactive elements in its PIPAPO data structure, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.(CVE-2023-6817) It was discovered that a race condition existed in the AppleTalk networking subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.(CVE-2023-51781) Kevin Rich discovered that the netfilter subsystem in the Linux kernel did not properly check deactivated elements in certain situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.(CVE-2024-0193) Lonial Con discovered that the netfilter subsystem in the Linux kernel did not properly handle element deactivation in certain cases, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.(CVE-2024-1085) Notselwyn discovered that the netfilter subsystem in the Linux kernel did not properly handle verdict parameters in certain cases, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.(CVE-2024-1086) In the Linux kernel, the following vulnerability has been resolved: net: qualcomm: rmnet: fix global oob in rmnet_policy The variable rmnet_link_ops assign a *bigger* maxtype which leads to a global out-of- bounds read when parsing the netlink attributes. (CVE-2024-26597)

Affected Systems

  • ubuntulinux

    all | < 5.4.0-176.196 | < 5.15.0-102.112

  • ubuntulinux-aws

    all | < 5.4.0-1122.132 | < 5.15.0-1057.63

  • ubuntulinux-aws-5.15

    all | < 5.15.0-1057.63~20.04.1

  • ubuntulinux-aws-5.4

    all | < 5.4.0-1122.132~18.04.1

  • ubuntulinux-aws-6.5

    all | < 6.5.0-1016.16~22.04.1

  • ubuntulinux-azure

    all | < 5.4.0-1127.134 | < 5.15.0-1060.69

  • ubuntulinux-azure-5.4

    all | < 5.4.0-1127.134~18.04.1

  • ubuntulinux-azure-6.5

    all | < 6.5.0-1017.17~22.04.1

  • ubuntulinux-gcp

    all | < 5.4.0-1126.135 | < 5.15.0-1055.63

  • ubuntulinux-gcp-5.15

    all | < 5.15.0-1055.63~20.04.1

  • ubuntulinux-gcp-5.4

    all | < 5.4.0-1126.135~18.04.1

  • ubuntulinux-gcp-6.5

    all | < 6.5.0-1016.16~22.04.1

  • ubuntulinux-gke

    all | < 5.15.0-1054.59

  • ubuntulinux-hwe-5.15

    all | < 5.15.0-102.112~20.04.1

  • ubuntulinux-hwe-5.4

    all | < 5.4.0-175.195~18.04.1

  • ubuntulinux-hwe-6.5

    all | < 6.5.0-26.26~22.04.1

  • ubuntulinux-ibm

    all | < 5.15.0-1050.53

  • ubuntulinux-ibm-5.15

    all | < 5.15.0-1050.53~20.04.1

  • ubuntulinux-lowlatency-hwe-5.15

    all | < 5.15.0-102.112~20.04.1

References (8)