USN-6383-1
Vulnerability Summary
Timeline
Description
linux, linux-aws, linux-aws-6.2, linux-azure, linux-azure-6.2, linux-azure-fde-6.2, linux-gcp, linux-gcp-6.2, linux-hwe-6.2, linux-ibm, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-6.2, linux-oracle, linux-raspi, linux-starfive vulnerabilities Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. (CVE-2023-20588) It was discovered that the ARM64 KVM implementation in the Linux kernel did not properly restrict hypervisor memory access. An attacker in a guest VM could use this to execute arbitrary code in the host OS. (CVE-2023-21264) It was discovered that the bluetooth subsystem in the Linux kernel did not properly handle L2CAP socket release, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-40283) It was discovered that some network classifier implementations in the Linux kernel contained use-after-free vulnerabilities. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4128) Lonial Con discovered that the netfilter subsystem in the Linux kernel contained a memory leak when handling certain element flush operations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2023-4569)
Affected Systems
- ubuntu•linux-aws-6.2
< 6.2.0-1012.12~22.04.1
- ubuntu•linux-azure-6.2
< 6.2.0-1012.12~22.04.1
- ubuntu•linux-azure-fde-6.2
< 6.2.0-1012.12~22.04.1.1
- ubuntu•linux-gcp-6.2
< 6.2.0-1014.14~22.04.1
- ubuntu•linux-hwe-6.2
< 6.2.0-33.33~22.04.1
- ubuntu•linux-lowlatency-hwe-6.2
< 6.2.0-1013.13~22.04.1