USN-6460-1: Linux kernel vulnerabilities
Publication date
30 October 2023
Overview
Several security issues were fixed in the Linux kernel.
Releases
Packages
- linux - Linux kernel
Details
It was discovered that the IPv6 implementation in the Linux kernel
contained a high rate of hash collisions in connection lookup table. A
remote attacker could use this to cause a denial of service (excessive CPU
consumption). (CVE-2023-1206)
It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux
kernel did not properly perform data buffer size validation in some
situations. A physically proximate attacker could use this to craft a
malicious USB device that when inserted, could cause a denial of service
(system crash) or possibly expose sensitive information. (CVE-2023-1380)
Gwangun Jung discovered that the Quick Fair Queueing scheduler
implementation in the Linux kernel contained an out-of-bounds write
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (
It was discovered that the IPv6 implementation in the Linux kernel
contained a high rate of hash collisions in connection lookup table. A
remote attacker could use this to cause a denial of service (excessive CPU
consumption). (CVE-2023-1206)
It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux
kernel did not properly perform data buffer size validation in some
situations. A physically proximate attacker could use this to craft a
malicious USB device that when inserted, could cause a denial of service
(system crash) or possibly expose sensitive information. (CVE-2023-1380)
Gwangun Jung discovered that the Quick Fair Queueing scheduler
implementation in the Linux kernel contained an out-of-bounds write
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2023-31436)
Tanguy Dubroca discovered that the netfilter subsystem in the Linux kernel
did not properly handle certain pointer data type, leading to an out-of-
bounds write vulnerability. A privileged attacker could use this to cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2023-35001)
Kyle Zeng discovered that the networking stack implementation in the Linux
kernel did not properly validate skb object size in certain conditions. An
attacker could use this cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2023-42752)
Kyle Zeng discovered that the IPv4 Resource Reservation Protocol (RSVP)
classifier implementation in the Linux kernel contained an out-of-bounds
read vulnerability. A local attacker could use this to cause a denial of
service (system crash). Please note that kernel packet classifier support
for RSVP has been removed to resolve this vulnerability. (CVE-2023-42755)
Budimir Markovic discovered that the qdisc implementation in the Linux
kernel did not properly validate inner classes, leading to a use-after-free
vulnerability. A local user could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2023-4623)
Update instructions
After a standard system update you need to reboot your computer to make all the necessary changes.
Learn more about how to get the fixes.The problem can be corrected by updating your system to the following package versions:
| Ubuntu Release | Package Version | ||
|---|---|---|---|
| 14.04 trusty | linux-image-3.13.0-194-generic – 3.13.0-194.245 | ||
| linux-image-3.13.0-194-lowlatency – 3.13.0-194.245 | |||
| linux-image-generic – 3.13.0.194.204 | |||
| linux-image-generic-lts-trusty – 3.13.0.194.204 | |||
| linux-image-lowlatency – 3.13.0.194.204 | |||
| linux-image-server – 3.13.0.194.204 | |||
| linux-image-virtual – 3.13.0.194.204 | |||
Reduce your security exposure
Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.
References
Related notices
- USN-6466-1
- USN-6446-1
- USN-6446-2
- USN-6446-3
- USN-6445-1
- USN-6445-2
- USN-6444-1
- USN-6444-2
- USN-6443-1
- USN-6442-1
- USN-6466-1
- USN-6446-1
- USN-6446-2
- USN-6446-3
- USN-6445-1
- USN-6445-2
- USN-6444-1
- USN-6444-2
- USN-6443-1
- USN-6442-1
- USN-6441-1
- USN-6441-2
- USN-6441-3
- USN-6440-1
- USN-6440-2
- USN-6440-3
- USN-6439-1
- USN-6439-2
- USN-6417-1
- USN-6416-1
- USN-6416-2
- USN-6416-3
- USN-6415-1
- USN-6412-1
- USN-6385-1
- USN-6343-1
- USN-6285-1
- USN-6261-1
- USN-6260-1
- USN-6256-1
- USN-6255-1
- USN-6254-1
- USN-6252-1
- USN-6251-1
- USN-6250-1
- USN-6248-1
- USN-6247-1
- USN-6246-1
- USN-6222-1
- USN-6186-1
- USN-6175-1
- USN-6173-1
- USN-6162-1
- USN-6150-1
- USN-6149-1
- USN-6135-1
- USN-6132-1
- USN-6131-1
- USN-6130-1
- USN-6127-1
- LSN-0099-1
- LSN-0097-1
- LSN-0096-1
- LSN-0095-1
Have additional questions?