[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-USN-6725-2":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T08:53:30.047Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":198,"duplicates":199,"related":200,"reserved_at":9,"published_at":247,"modified_at":248,"state":9,"summary":249,"references_raw":251,"kevs":443,"epss":9,"epss_history":444,"metrics":445,"affected":446},"USN-6725-2","linux-aws, linux-aws-5.15 vulnerabilities\n\nChih-Yen Chang discovered that the KSMBD implementation in the Linux kernel\ndid not properly validate certain data structure fields when parsing lease\ncontexts, leading to an out-of-bounds read vulnerability. A remote attacker\ncould use this to cause a denial of service (system crash) or possibly\nexpose sensitive information. (CVE-2023-1194)\n\nQuentin Minster discovered that a race condition existed in the KSMBD\nimplementation in the Linux kernel, leading to a use-after-free\nvulnerability. A remote attacker could use this to cause a denial of\nservice (system crash) or possibly execute arbitrary code. (CVE-2023-32254)\n\nIt was discovered that a race condition existed in the KSMBD implementation\nin the Linux kernel when handling session connections, leading to a use-\nafter-free vulnerability. A remote attacker could use this to cause a\ndenial of service (system crash) or possibly execute arbitrary code.\n(CVE-2023-32258)\n\nIt was discovered that the KSMBD implementation in the Linux kernel did not\nproperly validate buffer sizes in certain operations, leading to an integer\nunderflow and out-of-bounds read vulnerability. A remote attacker could use\nthis to cause a denial of service (system crash) or possibly expose\nsensitive information. (CVE-2023-38427)\n\nChih-Yen Chang discovered that the KSMBD implementation in the Linux kernel\ndid not properly validate SMB request protocol IDs, leading to a out-of-\nbounds read vulnerability. A remote attacker could possibly use this to\ncause a denial of service (system crash). (CVE-2023-38430)\n\nChih-Yen Chang discovered that the KSMBD implementation in the Linux kernel\ndid not properly validate packet header sizes in certain situations,\nleading to an out-of-bounds read vulnerability. A remote attacker could use\nthis to cause a denial of service (system crash) or possibly expose\nsensitive information. (CVE-2023-38431)\n\nIt was discovered that the KSMBD implementation in the Linux kernel did not\nproperly handle session setup requests, leading to an out-of-bounds read\nvulnerability. A remote attacker could use this to expose sensitive\ninformation. (CVE-2023-3867)\n\nPratyush Yadav discovered that the Xen network backend implementation in\nthe Linux kernel did not properly handle zero length data request, leading\nto a null pointer dereference vulnerability. An attacker in a guest VM\ncould possibly use this to cause a denial of service (host domain crash).\n(CVE-2023-46838)\n\nIt was discovered that the IPv6 implementation of the Linux kernel did not\nproperly manage route cache memory usage. A remote attacker could use this\nto cause a denial of service (memory exhaustion). (CVE-2023-52340)\n\nIt was discovered that the device mapper driver in the Linux kernel did not\nproperly validate target size during certain memory allocations. A local\nattacker could use this to cause a denial of service (system crash).\n(CVE-2023-52429, CVE-2024-23851)\n\nYang Chaoming discovered that the KSMBD implementation in the Linux kernel\ndid not properly validate request buffer sizes, leading to an out-of-bounds\nread vulnerability. An attacker could use this to cause a denial of service\n(system crash) or possibly expose sensitive information. (CVE-2024-22705)\n\nChenyuan Yang discovered that the btrfs file system in the Linux kernel did\nnot properly handle read operations on newly created subvolumes in certain\nconditions. A local attacker could use this to cause a denial of service\n(system crash). (CVE-2024-23850)\n\nIt was discovered that a race condition existed in the Bluetooth subsystem\nin the Linux kernel, leading to a null pointer dereference vulnerability. A\nprivileged local attacker could use this to possibly cause a denial of\nservice (system crash). (CVE-2024-24860)\n\nSeveral security issues were discovered in the Linux kernel.\nAn attacker could possibly use these to compromise the system.\nThis update corrects flaws in the following subsystems:\n  - Architecture specifics;\n  - Block layer;\n  - Cryptographic API;\n  - Android drivers;\n  - EDAC drivers;\n  - GPU drivers;\n  - Media drivers;\n  - Multifunction device drivers;\n  - MTD block device drivers;\n  - Network drivers;\n  - NVME drivers;\n  - TTY drivers;\n  - Userspace I/O drivers;\n  - EFI Variable file system;\n  - F2FS file system;\n  - GFS2 file system;\n  - SMB network file system;\n  - BPF subsystem;\n  - IPv6 Networking;\n  - Network Traffic Control;\n  - AppArmor security module;\n(CVE-2023-52463, CVE-2023-52445, CVE-2023-52462, CVE-2023-52609,\nCVE-2023-52448, CVE-2023-52457, CVE-2023-52464, CVE-2023-52456,\nCVE-2023-52454, CVE-2023-52438, CVE-2023-52480, CVE-2023-52443,\nCVE-2023-52442, CVE-2024-26631, CVE-2023-52439, CVE-2023-52612,\nCVE-2024-26598, CVE-2024-26586, CVE-2024-26589, CVE-2023-52444,\nCVE-2023-52436, CVE-2024-26633, CVE-2024-26597, CVE-2023-52458,\nCVE-2024-26591, CVE-2023-52449, CVE-2023-52467, CVE-2023-52441,\nCVE-2023-52610, CVE-2023-52451, CVE-2023-52469, CVE-2023-52470)\n",null,[],[],[],[14,16,18,20,22,24,26,28,30,32,34,36,38,40,42,44,46,48,50,52,54,56,58,60,62,64,66,68,70,72,74,76,78,80,82,84,86,88,90,92,94,96,98,100,102,104,106,108,110,112,114,116,118,120,122,124,126,128,130,132,134,136,138,140,142,144,146,148,150,152,154,156,158,160,162,164,166,168,170,172,174,176,178,180,182,184,186,188,190,192,194,196],{"_key":15},"CVE-2023-1194",{"_key":17},"CVE-2023-32254",{"_key":19},"CVE-2023-32258",{"_key":21},"CVE-2023-38427",{"_key":23},"CVE-2023-38430",{"_key":25},"CVE-2023-38431",{"_key":27},"CVE-2023-3867",{"_key":29},"CVE-2023-46838",{"_key":31},"CVE-2023-52340",{"_key":33},"CVE-2023-52429",{"_key":35},"CVE-2023-52436",{"_key":37},"CVE-2023-52438",{"_key":39},"CVE-2023-52439",{"_key":41},"CVE-2023-52441",{"_key":43},"CVE-2023-52442",{"_key":45},"CVE-2023-52443",{"_key":47},"CVE-2023-52444",{"_key":49},"CVE-2023-52445",{"_key":51},"CVE-2023-52448",{"_key":53},"CVE-2023-52449",{"_key":55},"CVE-2023-52451",{"_key":57},"CVE-2023-52454",{"_key":59},"CVE-2023-52456",{"_key":61},"CVE-2023-52457",{"_key":63},"CVE-2023-52458",{"_key":65},"CVE-2023-52462",{"_key":67},"CVE-2023-52463",{"_key":69},"CVE-2023-52464",{"_key":71},"CVE-2023-52467",{"_key":73},"CVE-2023-52469",{"_key":75},"CVE-2023-52470",{"_key":77},"CVE-2023-52480",{"_key":79},"CVE-2023-52609",{"_key":81},"CVE-2023-52610",{"_key":83},"CVE-2023-52612",{"_key":85},"CVE-2024-22705",{"_key":87},"CVE-2024-23850",{"_key":89},"CVE-2024-23851",{"_key":91},"CVE-2024-24860",{"_key":93},"CVE-2024-26586",{"_key":95},"CVE-2024-26589",{"_key":97},"CVE-2024-26591",{"_key":99},"CVE-2024-26597",{"_key":101},"CVE-2024-26598",{"_key":103},"CVE-2024-26631",{"_key":105},"CVE-2024-26633",{"_key":107},"UBUNTU-CVE-2023-1194",{"_key":109},"UBUNTU-CVE-2023-32254",{"_key":111},"UBUNTU-CVE-2023-32258",{"_key":113},"UBUNTU-CVE-2023-38427",{"_key":115},"UBUNTU-CVE-2023-38430",{"_key":117},"UBUNTU-CVE-2023-38431",{"_key":119},"UBUNTU-CVE-2023-3867",{"_key":121},"UBUNTU-CVE-2023-46838",{"_key":123},"UBUNTU-CVE-2023-52340",{"_key":125},"UBUNTU-CVE-2023-52429",{"_key":127},"UBUNTU-CVE-2023-52436",{"_key":129},"UBUNTU-CVE-2023-52438",{"_key":131},"UBUNTU-CVE-2023-52439",{"_key":133},"UBUNTU-CVE-2023-52441",{"_key":135},"UBUNTU-CVE-2023-52442",{"_key":137},"UBUNTU-CVE-2023-52443",{"_key":139},"UBUNTU-CVE-2023-52444",{"_key":141},"UBUNTU-CVE-2023-52445",{"_key":143},"UBUNTU-CVE-2023-52448",{"_key":145},"UBUNTU-CVE-2023-52449",{"_key":147},"UBUNTU-CVE-2023-52451",{"_key":149},"UBUNTU-CVE-2023-52454",{"_key":151},"UBUNTU-CVE-2023-52456",{"_key":153},"UBUNTU-CVE-2023-52457",{"_key":155},"UBUNTU-CVE-2023-52458",{"_key":157},"UBUNTU-CVE-2023-52462",{"_key":159},"UBUNTU-CVE-2023-52463",{"_key":161},"UBUNTU-CVE-2023-52464",{"_key":163},"UBUNTU-CVE-2023-52467",{"_key":165},"UBUNTU-CVE-2023-52469",{"_key":167},"UBUNTU-CVE-2023-52470",{"_key":169},"UBUNTU-CVE-2023-52480",{"_key":171},"UBUNTU-CVE-2023-52609",{"_key":173},"UBUNTU-CVE-2023-52610",{"_key":175},"UBUNTU-CVE-2023-52612",{"_key":177},"UBUNTU-CVE-2024-22705",{"_key":179},"UBUNTU-CVE-2024-23850",{"_key":181},"UBUNTU-CVE-2024-23851",{"_key":183},"UBUNTU-CVE-2024-24860",{"_key":185},"UBUNTU-CVE-2024-26586",{"_key":187},"UBUNTU-CVE-2024-26589",{"_key":189},"UBUNTU-CVE-2024-26591",{"_key":191},"UBUNTU-CVE-2024-26597",{"_key":193},"UBUNTU-CVE-2024-26598",{"_key":195},"UBUNTU-CVE-2024-26631",{"_key":197},"UBUNTU-CVE-2024-26633",[],[],[201,202,203,204,205,206,207,208,209,210,211,212,213,214,215,216,217,218,219,220,221,222,223,224,225,226,227,228,229,230,231,232,233,234,235,236,237,238,239,240,241,242,243,244,245,246],{"_key":107},{"_key":109},{"_key":111},{"_key":113},{"_key":115},{"_key":117},{"_key":119},{"_key":121},{"_key":123},{"_key":125},{"_key":127},{"_key":129},{"_key":131},{"_key":133},{"_key":135},{"_key":137},{"_key":139},{"_key":141},{"_key":143},{"_key":145},{"_key":147},{"_key":149},{"_key":151},{"_key":153},{"_key":155},{"_key":157},{"_key":159},{"_key":161},{"_key":163},{"_key":165},{"_key":167},{"_key":169},{"_key":171},{"_key":173},{"_key":175},{"_key":177},{"_key":179},{"_key":181},{"_key":183},{"_key":185},{"_key":187},{"_key":189},{"_key":191},{"_key":193},{"_key":195},{"_key":197},"2024-04-16T20:56:05Z","2026-06-03T14:03:41.304220604Z",{"cisa_kev":250,"cisa_ransomware":250,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[252,258,263,267,271,275,279,283,287,291,295,299,303,307,311,315,319,323,327,331,335,339,343,347,351,355,359,363,367,371,375,379,383,387,391,395,399,403,407,411,415,419,423,427,431,435,439],{"url":253,"sources":254,"tags":256},"https://ubuntu.com/security/notices/USN-6725-2",[255],"osv_ubuntu",[257],"Advisory",{"url":259,"sources":260,"tags":261},"https://ubuntu.com/security/CVE-2023-1194",[255],[262],"REPORT",{"url":264,"sources":265,"tags":266},"https://ubuntu.com/security/CVE-2023-3867",[255],[262],{"url":268,"sources":269,"tags":270},"https://ubuntu.com/security/CVE-2023-32254",[255],[262],{"url":272,"sources":273,"tags":274},"https://ubuntu.com/security/CVE-2023-32258",[255],[262],{"url":276,"sources":277,"tags":278},"https://ubuntu.com/security/CVE-2023-38427",[255],[262],{"url":280,"sources":281,"tags":282},"https://ubuntu.com/security/CVE-2023-38430",[255],[262],{"url":284,"sources":285,"tags":286},"https://ubuntu.com/security/CVE-2023-38431",[255],[262],{"url":288,"sources":289,"tags":290},"https://ubuntu.com/security/CVE-2023-46838",[255],[262],{"url":292,"sources":293,"tags":294},"https://ubuntu.com/security/CVE-2023-52340",[255],[262],{"url":296,"sources":297,"tags":298},"https://ubuntu.com/security/CVE-2023-52429",[255],[262],{"url":300,"sources":301,"tags":302},"https://ubuntu.com/security/CVE-2023-52436",[255],[262],{"url":304,"sources":305,"tags":306},"https://ubuntu.com/security/CVE-2023-52438",[255],[262],{"url":308,"sources":309,"tags":310},"https://ubuntu.com/security/CVE-2023-52439",[255],[262],{"url":312,"sources":313,"tags":314},"https://ubuntu.com/security/CVE-2023-52441",[255],[262],{"url":316,"sources":317,"tags":318},"https://ubuntu.com/security/CVE-2023-52442",[255],[262],{"url":320,"sources":321,"tags":322},"https://ubuntu.com/security/CVE-2023-52443",[255],[262],{"url":324,"sources":325,"tags":326},"https://ubuntu.com/security/CVE-2023-52444",[255],[262],{"url":328,"sources":329,"tags":330},"https://ubuntu.com/security/CVE-2023-52445",[255],[262],{"url":332,"sources":333,"tags":334},"https://ubuntu.com/security/CVE-2023-52448",[255],[262],{"url":336,"sources":337,"tags":338},"https://ubuntu.com/security/CVE-2023-52449",[255],[262],{"url":340,"sources":341,"tags":342},"https://ubuntu.com/security/CVE-2023-52451",[255],[262],{"url":344,"sources":345,"tags":346},"https://ubuntu.com/security/CVE-2023-52454",[255],[262],{"url":348,"sources":349,"tags":350},"https://ubuntu.com/security/CVE-2023-52456",[255],[262],{"url":352,"sources":353,"tags":354},"https://ubuntu.com/security/CVE-2023-52457",[255],[262],{"url":356,"sources":357,"tags":358},"https://ubuntu.com/security/CVE-2023-52458",[255],[262],{"url":360,"sources":361,"tags":362},"https://ubuntu.com/security/CVE-2023-52462",[255],[262],{"url":364,"sources":365,"tags":366},"https://ubuntu.com/security/CVE-2023-52463",[255],[262],{"url":368,"sources":369,"tags":370},"https://ubuntu.com/security/CVE-2023-52464",[255],[262],{"url":372,"sources":373,"tags":374},"https://ubuntu.com/security/CVE-2023-52467",[255],[262],{"url":376,"sources":377,"tags":378},"https://ubuntu.com/security/CVE-2023-52469",[255],[262],{"url":380,"sources":381,"tags":382},"https://ubuntu.com/security/CVE-2023-52470",[255],[262],{"url":384,"sources":385,"tags":386},"https://ubuntu.com/security/CVE-2023-52480",[255],[262],{"url":388,"sources":389,"tags":390},"https://ubuntu.com/security/CVE-2023-52609",[255],[262],{"url":392,"sources":393,"tags":394},"https://ubuntu.com/security/CVE-2023-52610",[255],[262],{"url":396,"sources":397,"tags":398},"https://ubuntu.com/security/CVE-2023-52612",[255],[262],{"url":400,"sources":401,"tags":402},"https://ubuntu.com/security/CVE-2024-22705",[255],[262],{"url":404,"sources":405,"tags":406},"https://ubuntu.com/security/CVE-2024-23850",[255],[262],{"url":408,"sources":409,"tags":410},"https://ubuntu.com/security/CVE-2024-23851",[255],[262],{"url":412,"sources":413,"tags":414},"https://ubuntu.com/security/CVE-2024-24860",[255],[262],{"url":416,"sources":417,"tags":418},"https://ubuntu.com/security/CVE-2024-26586",[255],[262],{"url":420,"sources":421,"tags":422},"https://ubuntu.com/security/CVE-2024-26589",[255],[262],{"url":424,"sources":425,"tags":426},"https://ubuntu.com/security/CVE-2024-26591",[255],[262],{"url":428,"sources":429,"tags":430},"https://ubuntu.com/security/CVE-2024-26597",[255],[262],{"url":432,"sources":433,"tags":434},"https://ubuntu.com/security/CVE-2024-26598",[255],[262],{"url":436,"sources":437,"tags":438},"https://ubuntu.com/security/CVE-2024-26631",[255],[262],{"url":440,"sources":441,"tags":442},"https://ubuntu.com/security/CVE-2024-26633",[255],[262],[],[],[],[447,459],{"ecosystem":448,"name":449,"vendor":450,"product":449,"cpe_part":9,"purl_type":451,"purl_namespace":450,"purl_name":449,"source":9,"versions":452},"Ubuntu","linux-aws","ubuntu","deb",[453],{"version":454,"is_range":455,"range_type":456,"version_start":9,"version_start_type":9,"version_end":457,"version_end_type":458,"fixed_in":9},"lt5_15_0_1057_63",true,"ecosystem","5.15.0-1057.63","excluding",{"ecosystem":448,"name":460,"vendor":450,"product":460,"cpe_part":9,"purl_type":451,"purl_namespace":450,"purl_name":460,"source":9,"versions":461},"linux-aws-5.15",[462],{"version":463,"is_range":455,"range_type":456,"version_start":9,"version_start_type":9,"version_end":464,"version_end_type":458,"fixed_in":9},"lt5_15_0_1057_63~20_04_1","5.15.0-1057.63~20.04.1"]