USN-6045-1

Description

linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities It was discovered that the Traffic-Control Index (TCINDEX) implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. (CVE-2023-1829) Gwnaun Jung discovered that the SFB packet scheduling implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3586) Zheng Wang and Zhuorao Yang discovered that the RealTek RTL8712U wireless driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-4095) It was discovered that the TIPC protocol implementation in the Linux kernel did not properly validate the queue of socket buffers (skb) when handling certain UDP packets. A remote attacker could use this to cause a denial of service. (CVE-2023-1390) It was discovered that the Xircom PCMCIA network device driver in the Linux kernel did not properly handle device removal events. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2023-1670)

Affected Systems

• ubuntu•linux

  < 4.4.0-240.274

• ubuntu•linux-aws

  < 4.4.0-1118.124 | < 4.4.0-1156.171

• ubuntu•linux-kvm

  < 4.4.0-1119.129

• ubuntu•linux-lts-xenial

  < 4.4.0-240.274~14.04.1

References (6)

• https://ubuntu.com/security/notices/USN-6045-1
• https://ubuntu.com/security/CVE-2022-3586
• https://ubuntu.com/security/CVE-2022-4095
• https://ubuntu.com/security/CVE-2023-1390
• https://ubuntu.com/security/CVE-2023-1670
• https://ubuntu.com/security/CVE-2023-1829