USN-6454-1

Details

Kyle Zeng discovered that the netfilter subsystem in the Linux kernel contained a race condition in IP set operations in certain situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-42756)

Alex Birnberg discovered that the netfilter subsystem in the Linux kernel did not properly validate register length, leading to an out-of- bounds write vulnerability. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-4881)

It was discovered that the Quick Fair Queueing scheduler implementation in the Linux kernel did not properly handle network packets in certain conditions, leading to a use after free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4921)

Kevin Rich discovered that the netfilter subsystem in the Linux kernel did not properly handle removal of rules from chain bindings in certain circumstances, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-5197)

Affected Packages

Ubuntu:23.10linux

Fixed in:

6.5.0-10.10

Ubuntu:23.10linux-lowlatency

Fixed in:

6.5.0-10.10.1

References

REPORThttps://ubuntu.com/security/CVE-2023-42756 REPORThttps://ubuntu.com/security/CVE-2023-4921 REPORThttps://ubuntu.com/security/CVE-2023-5197 ADVISORYhttps://ubuntu.com/security/notices/USN-6454-1

USN-6454-1

Details

Affected Packages

References

Related

Ecosystems

Timeline