UBUNTU-CVE-2023-0459

Advisory lineage Upstream: 1 Downstream: 19
Upstream
CVE-2023-0459
Published: 20 Apr 2023, 00:00
Last modified:03 Jun 2026, 13:36

Vulnerability Summary

Overall Risk (default)
low
22/100
CVSS Score
5.5 MEDIUM
3.1 (osv_ubuntu)
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

20 Apr 2023, 00:00
Published
Vulnerability first disclosed
03 Jun 2026, 13:36
Last Modified
Vulnerability information updated

Description

Copy_from_user on 64-bit versions of the Linux kernel does not implement the __uaccess_begin_nospec allowing a user to bypass the "access_ok" check and pass a kernel pointer to copy_from_user(). This would allow an attacker to leak information. We recommend upgrading beyond commit 74e19ef0ff8061ef55957c3abd71614ef0f42f47

CVSS Metrics

  • v3.1MEDIUMScore: 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Affected Systems

  • ubuntulinux

    < 4.15.0-211.222 | < 5.4.0-149.166 | < 5.15.0-72.79

  • ubuntulinux-aws

    < 4.15.0-1156.169 | < 5.4.0-1102.110 | < 5.15.0-1036.40

  • ubuntulinux-aws-5.0

    all

  • ubuntulinux-aws-5.11

    all

  • ubuntulinux-aws-5.13

    all

  • ubuntulinux-aws-5.15

    < 5.15.0-1036.40~20.04.1

  • ubuntulinux-aws-5.3

    all

  • ubuntulinux-aws-5.4

    < 5.4.0-1103.111~18.04.1

  • ubuntulinux-aws-5.8

    all

  • ubuntulinux-aws-fips

    < 4.15.0-2095.101 | all | < 5.4.0-1102.110+fips1

  • ubuntulinux-aws-hwe

    < 4.15.0-1156.169~16.04.1

  • ubuntulinux-azure

    < 4.15.0-1165.180~14.04.1 | < 4.15.0-1165.180~16.04.1 | all | < 5.4.0-1108.114 | < 5.15.0-1038.45

  • ubuntulinux-azure-4.15

    < 4.15.0-1165.180

  • ubuntulinux-azure-5.11

    all

  • ubuntulinux-azure-5.13

    all

  • ubuntulinux-azure-5.15

    < 5.15.0-1038.45~20.04.1

  • ubuntulinux-azure-5.19

    < 5.19.0-1026.29~22.04.1

  • ubuntulinux-azure-5.3

    all

  • ubuntulinux-azure-5.4

    < 5.4.0-1108.114~18.04.1

  • ubuntulinux-azure-5.8

    all

  • ubuntulinux-azure-edge

    all

  • ubuntulinux-azure-fde

    < 5.15.0-1038.45.1

  • ubuntulinux-azure-fips

    < 4.15.0-2074.80 | all | < 5.4.0-1108.114+fips1

  • ubuntulinux-bluefield

    < 5.15.0-1017.19 | < 5.4.0-1064.70 | < 5.15.0-1017.19 | all

  • ubuntulinux-fips

    < 4.15.0-1111.122 | all | < 5.4.0-1077.86

  • ubuntulinux-gcp

    < 4.15.0-1150.166~16.04.1 | all | < 5.4.0-1105.114 | < 5.15.0-1034.42

  • ubuntulinux-gcp-4.15

    < 4.15.0-1150.166

  • ubuntulinux-gcp-5.11

    all

  • ubuntulinux-gcp-5.13

    all

  • ubuntulinux-gcp-5.15

    < 5.15.0-1034.42~20.04.1

  • ubuntulinux-gcp-5.3

    all

  • ubuntulinux-gcp-5.4

    < 5.4.0-1105.114~18.04.1

  • ubuntulinux-gcp-5.8

    all

  • ubuntulinux-gcp-fips

    < 4.15.0-2058.63 | all | < 5.4.0-1105.114+fips1

  • ubuntulinux-gke

    < 5.4.0-1099.106 | < 5.15.0-1033.38

  • ubuntulinux-gke-4.15

    all

  • ubuntulinux-gke-5.15

    < 5.15.0-1033.38~20.04.1

  • ubuntulinux-gke-5.4

    all

  • ubuntulinux-gkeop

    < 5.4.0-1069.73 | < 5.15.0-1020.25

  • ubuntulinux-gkeop-5.15

    < 5.15.0-1020.25~20.04.1

  • ubuntulinux-gkeop-5.4

    all

  • ubuntulinux-hwe

    < 4.15.0-211.222~16.04.1 | all

  • ubuntulinux-hwe-5.11

    all

  • ubuntulinux-hwe-5.13

    all

  • ubuntulinux-hwe-5.15

    < 5.15.0-72.79~20.04.1

  • ubuntulinux-hwe-5.19

    < 5.19.0-42.43~22.04.1

  • ubuntulinux-hwe-5.4

    < 5.4.0-149.166~18.04.1

  • ubuntulinux-hwe-5.8

    all

  • ubuntulinux-hwe-edge

    all | all

  • ubuntulinux-ibm

    < 5.4.0-1049.54 | < 5.15.0-1030.33

Showing first 50 affected entries in server-rendered view.

References (24)