UBUNTU-CVE-2023-25775

Description

Improper access control in the Intel(R) Ethernet Controller RDMA driver for linux before version 1.9.30 may allow an unauthenticated user to potentially enable escalation of privilege via network access.

CVSS Metrics

• v3.1•CRITICAL•Score: 9.8CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Systems

• ubuntu•linux

  < 5.15.0-89.99

• ubuntu•linux-allwinner-5.19

  all

• ubuntu•linux-aws

  < 5.15.0-1050.55

• ubuntu•linux-aws-5.0

  all

• ubuntu•linux-aws-5.11

  all

• ubuntu•linux-aws-5.13

  all

• ubuntu•linux-aws-5.15

  < 5.15.0-1050.55~20.04.1

• ubuntu•linux-aws-5.19

  all

• ubuntu•linux-aws-5.3

  all

• ubuntu•linux-aws-5.8

  all

• ubuntu•linux-aws-6.2

  < 6.2.0-1016.16~22.04.1

• ubuntu•linux-azure

  all | < 5.15.0-1052.60

• ubuntu•linux-azure-5.11

  all

• ubuntu•linux-azure-5.13

  all

• ubuntu•linux-azure-5.15

  < 5.15.0-1052.60~20.04.1

• ubuntu•linux-azure-5.19

  all

• ubuntu•linux-azure-5.3

  all

• ubuntu•linux-azure-5.8

  all

• ubuntu•linux-azure-6.2

  < 6.2.0-1017.17~22.04.1

• ubuntu•linux-azure-edge

  all

• ubuntu•linux-azure-fde

  all | < 5.15.0-1052.60.1

• ubuntu•linux-azure-fde-5.19

  all

• ubuntu•linux-azure-fde-6.2

  < 6.2.0-1017.17~22.04.1.1

• ubuntu•linux-bluefield

  < 5.15.0-1032.34 | < 5.15.0-1032.34 | all

• ubuntu•linux-fips

  all

• ubuntu•linux-gcp

  all | < 5.15.0-1047.55

• ubuntu•linux-gcp-5.11

  all

• ubuntu•linux-gcp-5.13

  all

• ubuntu•linux-gcp-5.15

  < 5.15.0-1047.55~20.04.1

• ubuntu•linux-gcp-5.19

  all

• ubuntu•linux-gcp-5.3

  all

• ubuntu•linux-gcp-5.8

  all

• ubuntu•linux-gcp-6.2

  < 6.2.0-1019.21~22.04.1

• ubuntu•linux-gke

  all | < 5.15.0-1047.52

• ubuntu•linux-gke-4.15

  all

• ubuntu•linux-gke-5.15

  all

• ubuntu•linux-gke-5.4

  all

• ubuntu•linux-gkeop

  < 5.15.0-1033.39

• ubuntu•linux-gkeop-5.15

  < 5.15.0-1033.39~20.04.1

• ubuntu•linux-gkeop-5.4

  all

• ubuntu•linux-hwe

  all

• ubuntu•linux-hwe-5.11

  all

• ubuntu•linux-hwe-5.13

  all

• ubuntu•linux-hwe-5.15

  < 5.15.0-89.99~20.04.1

• ubuntu•linux-hwe-5.19

  all

• ubuntu•linux-hwe-5.8

  all

• ubuntu•linux-hwe-6.2

  < 6.2.0-37.38~22.04.1

• ubuntu•linux-hwe-edge

  all

• ubuntu•linux-ibm

  < 5.15.0-1043.46

• ubuntu•linux-ibm-5.15

  < 5.15.0-1043.46~20.04.1

Showing first 50 affected entries in server-rendered view.

References (13)

• https://ubuntu.com/security/CVE-2023-25775
• http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00794.html
• https://lore.kernel.org/all/20230818144838.1758-1-shiraz.saleem@intel.com/
• https://ubuntu.com/security/notices/USN-6415-1
• https://ubuntu.com/security/notices/USN-6496-1
• https://ubuntu.com/security/notices/USN-6502-1
• https://ubuntu.com/security/notices/USN-6516-1
• https://ubuntu.com/security/notices/USN-6502-2
• https://ubuntu.com/security/notices/USN-6502-3
• https://ubuntu.com/security/notices/USN-6520-1
• https://ubuntu.com/security/notices/USN-6496-2
• https://ubuntu.com/security/notices/USN-6502-4
• https://www.cve.org/CVERecord?id=CVE-2023-25775