UBUNTU-CVE-2023-3022

Description

A flaw was found in the IPv6 module of the Linux kernel. The arg.result was not used consistently in fib6_rule_lookup, sometimes holding rt6_info and other times fib6_info. This was not accounted for in other parts of the code where rt6_info was expected unconditionally, potentially leading to a kernel panic in fib6_rule_suppress.

CVSS Metrics

• v3.1•MEDIUM•Score: 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Systems

• ubuntu•linux-aws-5.0

  all

• ubuntu•linux-aws-5.11

  all

• ubuntu•linux-aws-5.13

  all

• ubuntu•linux-aws-5.3

  all

• ubuntu•linux-aws-5.8

  all

• ubuntu•linux-azure

  all

• ubuntu•linux-azure-5.11

  all

• ubuntu•linux-azure-5.13

  all

• ubuntu•linux-azure-5.19

  all

• ubuntu•linux-azure-5.3

  all

• ubuntu•linux-azure-5.8

  all

• ubuntu•linux-azure-edge

  all

• ubuntu•linux-azure-fde-5.19

  all

• ubuntu•linux-gcp

  all

• ubuntu•linux-gcp-5.11

  all

• ubuntu•linux-gcp-5.13

  all

• ubuntu•linux-gcp-5.3

  all

• ubuntu•linux-gcp-5.8

  all

• ubuntu•linux-gke-4.15

  all

• ubuntu•linux-gke-5.4

  all

• ubuntu•linux-gkeop-5.4

  all

• ubuntu•linux-hwe

  all

• ubuntu•linux-hwe-5.11

  all

• ubuntu•linux-hwe-5.13

  all

• ubuntu•linux-hwe-5.8

  all

• ubuntu•linux-hwe-edge

  all | all

• ubuntu•linux-intel-5.13

  all

• ubuntu•linux-oem

  all

• ubuntu•linux-oem-5.10

  all

• ubuntu•linux-oem-5.13

  all

• ubuntu•linux-oem-5.14

  all

• ubuntu•linux-oem-5.6

  all

• ubuntu•linux-oracle-5.0

  all

• ubuntu•linux-oracle-5.11

  all

• ubuntu•linux-oracle-5.13

  all

• ubuntu•linux-oracle-5.3

  all

• ubuntu•linux-oracle-5.8

  all

• ubuntu•linux-raspi2

  all

• ubuntu•linux-riscv

  all | all

• ubuntu•linux-riscv-5.11

  all

• ubuntu•linux-riscv-5.8

  all

References (3)

• https://ubuntu.com/security/CVE-2023-3022
• https://git.kernel.org/linus/a65120bae4b7425a39c5783aa3d4fc29677eef0e
• https://www.cve.org/CVERecord?id=CVE-2023-3022