USN-6465-2

Details

Yu Hao and Weiteng Chen discovered that the Bluetooth HCI UART driver in the Linux kernel contained a race condition, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-31083)

Lin Ma discovered that the Netlink Transformation (XFRM) subsystem in the Linux kernel contained a null pointer dereference vulnerability in some situations. A local privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-3772)

Affected Packages

Ubuntu:22.04:LTSlinux-raspi

Fixed in:

5.15.0-1042.45

References

REPORThttps://ubuntu.com/security/CVE-2023-31083 REPORThttps://ubuntu.com/security/CVE-2023-3772 ADVISORYhttps://ubuntu.com/security/notices/USN-6465-2

USN-6465-2

Details

Affected Packages

References

Upstream

Ecosystems

Timeline