[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-USN-6338-2":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T08:53:30.047Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":58,"duplicates":59,"related":60,"reserved_at":9,"published_at":72,"modified_at":73,"state":9,"summary":74,"references_raw":76,"kevs":128,"epss":9,"epss_history":129,"metrics":130,"affected":131},"USN-6338-2","linux-gcp, linux-gcp-6.2, linux-ibm, linux-oracle, linux-starfive vulnerabilities\n\nZi Fan Tan discovered that the binder IPC implementation in the Linux\nkernel contained a use-after-free vulnerability. A local attacker could use\nthis to cause a denial of service (system crash) or possibly execute\narbitrary code. (CVE-2023-21255)\n\nIt was discovered that a race condition existed in the f2fs file system in\nthe Linux kernel, leading to a null pointer dereference vulnerability. An\nattacker could use this to construct a malicious f2fs image that, when\nmounted and operated on, could cause a denial of service (system crash).\n(CVE-2023-2898)\n\nIt was discovered that the DVB Core driver in the Linux kernel did not\nproperly handle locking events in certain situations. A local attacker\ncould use this to cause a denial of service (kernel deadlock).\n(CVE-2023-31084)\n\nQuentin Minster discovered that the KSMBD implementation in the Linux\nkernel did not properly handle session setup requests. A remote attacker\ncould possibly use this to cause a denial of service (memory exhaustion).\n(CVE-2023-32247)\n\nQuentin Minster discovered that a race condition existed in the KSMBD\nimplementation in the Linux kernel when handling sessions operations. A\nremote attacker could use this to cause a denial of service (system crash)\nor possibly execute arbitrary code. (CVE-2023-32250, CVE-2023-32252,\nCVE-2023-32257)\n\nIt was discovered that a race condition existed in the KSMBD implementation\nin the Linux kernel when handling session connections, leading to a use-\nafter-free vulnerability. A remote attacker could use this to cause a\ndenial of service (system crash) or possibly execute arbitrary code.\n(CVE-2023-32258)\n\nIt was discovered that the KSMBD implementation in the Linux kernel did not\nproperly validate buffer sizes in certain operations, leading to an out-of-\nbounds read vulnerability. A remote attacker could use this to cause a\ndenial of service (system crash) or possibly expose sensitive information.\n(CVE-2023-38426, CVE-2023-38428)\n\nIt was discovered that the KSMBD implementation in the Linux kernel did not\nproperly calculate the size of certain buffers. A remote attacker could use\nthis to cause a denial of service (system crash) or possibly execute\narbitrary code. (CVE-2023-38429)\n",null,[],[],[],[14,16,18,20,22,24,26,28,30,32,34,36,38,40,42,44,46,48,50,52,54,56],{"_key":15},"CVE-2023-21255",{"_key":17},"CVE-2023-2898",{"_key":19},"CVE-2023-31084",{"_key":21},"CVE-2023-32247",{"_key":23},"CVE-2023-32250",{"_key":25},"CVE-2023-32252",{"_key":27},"CVE-2023-32257",{"_key":29},"CVE-2023-32258",{"_key":31},"CVE-2023-38426",{"_key":33},"CVE-2023-38428",{"_key":35},"CVE-2023-38429",{"_key":37},"UBUNTU-CVE-2023-21255",{"_key":39},"UBUNTU-CVE-2023-2898",{"_key":41},"UBUNTU-CVE-2023-31084",{"_key":43},"UBUNTU-CVE-2023-32247",{"_key":45},"UBUNTU-CVE-2023-32250",{"_key":47},"UBUNTU-CVE-2023-32252",{"_key":49},"UBUNTU-CVE-2023-32257",{"_key":51},"UBUNTU-CVE-2023-32258",{"_key":53},"UBUNTU-CVE-2023-38426",{"_key":55},"UBUNTU-CVE-2023-38428",{"_key":57},"UBUNTU-CVE-2023-38429",[],[],[61,62,63,64,65,66,67,68,69,70,71],{"_key":37},{"_key":39},{"_key":41},{"_key":43},{"_key":45},{"_key":47},{"_key":49},{"_key":51},{"_key":53},{"_key":55},{"_key":57},"2023-09-08T22:26:36Z","2026-06-03T13:34:30.241490665Z",{"cisa_kev":75,"cisa_ransomware":75,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[77,83,88,92,96,100,104,108,112,116,120,124],{"url":78,"sources":79,"tags":81},"https://ubuntu.com/security/notices/USN-6338-2",[80],"osv_ubuntu",[82],"Advisory",{"url":84,"sources":85,"tags":86},"https://ubuntu.com/security/CVE-2023-2898",[80],[87],"REPORT",{"url":89,"sources":90,"tags":91},"https://ubuntu.com/security/CVE-2023-21255",[80],[87],{"url":93,"sources":94,"tags":95},"https://ubuntu.com/security/CVE-2023-31084",[80],[87],{"url":97,"sources":98,"tags":99},"https://ubuntu.com/security/CVE-2023-32247",[80],[87],{"url":101,"sources":102,"tags":103},"https://ubuntu.com/security/CVE-2023-32250",[80],[87],{"url":105,"sources":106,"tags":107},"https://ubuntu.com/security/CVE-2023-32252",[80],[87],{"url":109,"sources":110,"tags":111},"https://ubuntu.com/security/CVE-2023-32257",[80],[87],{"url":113,"sources":114,"tags":115},"https://ubuntu.com/security/CVE-2023-32258",[80],[87],{"url":117,"sources":118,"tags":119},"https://ubuntu.com/security/CVE-2023-38426",[80],[87],{"url":121,"sources":122,"tags":123},"https://ubuntu.com/security/CVE-2023-38428",[80],[87],{"url":125,"sources":126,"tags":127},"https://ubuntu.com/security/CVE-2023-38429",[80],[87],[],[],[],[132],{"ecosystem":133,"name":134,"vendor":135,"product":134,"cpe_part":9,"purl_type":136,"purl_namespace":135,"purl_name":134,"source":9,"versions":137},"Ubuntu","linux-gcp-6.2","ubuntu","deb",[138],{"version":139,"is_range":140,"range_type":141,"version_start":9,"version_start_type":9,"version_end":142,"version_end_type":143,"fixed_in":9},"lt6_2_0_1013_13~22_04_1",true,"ecosystem","6.2.0-1013.13~22.04.1","excluding"]