USN-6577-1

Details

Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. (CVE-2023-20588)

It was discovered that a race condition existed in the Linux kernel when performing operations with kernel objects, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-45863)

Affected Packages

Ubuntu:Pro:16.04:LTSlinux-aws

Fixed in:

4.4.0-1164.179

References

REPORThttps://ubuntu.com/security/CVE-2023-20588 REPORThttps://ubuntu.com/security/CVE-2023-45863 ADVISORYhttps://ubuntu.com/security/notices/USN-6577-1

USN-6577-1

Details

Affected Packages

References

Upstream

Ecosystems

Timeline