USN-6043-1

Details

It was discovered that the Traffic-Control Index (TCINDEX) implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. (CVE-2023-1829)

It was discovered that the OverlayFS implementation in the Linux kernel did not properly handle copy up operation in some conditions. A local attacker could possibly use this to gain elevated privileges. (CVE-2023-0386)

Affected Packages

Ubuntu:22.04:LTSlinux-hwe-5.19

Fixed in:

5.19.0-41.42~22.04.1

References

REPORThttps://ubuntu.com/security/CVE-2023-0386 REPORThttps://ubuntu.com/security/CVE-2023-1829 ADVISORYhttps://ubuntu.com/security/notices/USN-6043-1

USN-6043-1

Details

Affected Packages

References

Upstream

Ecosystems

Timeline