exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Kernel Live Patch Security Notice LSN-0093-1

Kernel Live Patch Security Notice LSN-0093-1
Posted Mar 30, 2023
Authored by Benjamin M. Romer

Davide Ornaghi discovered that the netfilter subsystem in the Linux kernel did not properly handle VLAN headers in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. It was discovered that the Upper Level Protocol (ULP) subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local, protocol
systems | linux
advisories | CVE-2023-0179, CVE-2023-0461
SHA-256 | 9ca065d34d62ef1d0df4e30ce9203dc0a6cfef9ecac0deae5d2d89eba1965f1d

Kernel Live Patch Security Notice LSN-0093-1

Change Mirror Download
Linux kernel vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 ESM
- Ubuntu 22.04 LTS

Summary

Several security issues were fixed in the kernel.

Software Description

- linux - Linux kernel
- linux-aws - Linux kernel for Amazon Web Services (AWS) systems
- linux-azure - Linux kernel for Microsoft Azure Cloud systems
- linux-gcp - Linux kernel for Google Cloud Platform (GCP) systems
- linux-gke - Linux kernel for Google Container Engine (GKE) systems
- linux-gkeop - Linux kernel for Google Container Engine (GKE) systems
- linux-ibm - Linux kernel for IBM cloud systems
- linux-oem - Linux kernel for OEM systems

Details

Davide Ornaghi discovered that the netfilter subsystem in the Linux
kernel did not properly handle VLAN headers in some situations. A local
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2023-0179)

It was discovered that the Upper Level Protocol (ULP) subsystem in the
Linux kernel did not properly handle sockets entering the LISTEN state
in certain protocols, leading to a use-after-free vulnerability. A local
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2023-0461)

Update instructions

The problem can be corrected by updating your kernel livepatch to the
following versions:

Ubuntu 20.04 LTS
aws - 93.1
azure - 93.1
gcp - 93.1
gcp - 93.2
generic - 93.1
gke - 93.1
gke - 93.2
gkeop - 93.1
ibm - 93.1
lowlatency - 93.1

Ubuntu 18.04 LTS
aws - 93.1
azure - 93.1
gcp - 93.1
generic - 93.1
gke - 93.1
gkeop - 93.1
lowlatency - 93.1
oem - 93.1

Ubuntu 16.04 ESM
aws - 93.1
azure - 93.1
gcp - 93.1
generic - 93.1
lowlatency - 93.1

Ubuntu 22.04 LTS
aws - 93.1
azure - 93.1
gcp - 93.1
generic - 93.1
gke - 93.1
ibm - 93.1

Support Information

Kernels older than the levels listed below do not receive livepatch
updates. If you are running a kernel version earlier than the one listed
below, please upgrade your kernel as soon as possible.

Ubuntu 20.04 LTS
linux-aws-5.15 - 5.15.0-1000
linux-aws - 5.4.0-1009
linux-aws - 5.4.0-1061
linux-azure-5.15 - 5.15.0-1069
linux-azure - 5.4.0-1010
linux-gcp-5.15 - 5.15.0-1000
linux-gcp - 5.4.0-1009
linux-gke-5.15 - 5.15.0-1000
linux-gke - 5.4.0-1033
linux-gkeop - 5.4.0-1009
linux-hwe - 5.15.0-0
linux-ibm-5.15 - 5.15.0-1000
linux-ibm - 5.4.0-1009
linux-oem - 5.4.0-26
linux - 5.4.0-26

Ubuntu 18.04 LTS
linux-aws-5.4 - 5.4.0-1069
linux-aws - 4.15.0-1054
linux-aws - 4.15.0-1119
linux-azure-4.15 - 4.15.0-1115
linux-azure-5.4 - 5.4.0-1069
linux-gcp-4.15 - 4.15.0-1121
linux-gcp-5.4 - 5.4.0-1069
linux-gke-4.15 - 4.15.0-1076
linux-gke-5.4 - 5.4.0-1009
linux-gkeop-5.4 - 5.4.0-1007
linux-hwe-5.4 - 5.4.0-26
linux-ibm-5.4 - 5.4.0-1009
linux-oem - 4.15.0-1063
linux - 4.15.0-69

Ubuntu 16.04 ESM
linux-aws-hwe - 4.15.0-1126
linux-aws - 4.4.0-1098
linux-aws - 4.4.0-1129
linux-azure - 4.15.0-1063
linux-azure - 4.15.0-1078
linux-azure - 4.15.0-1114
linux-gcp - 4.15.0-1118
linux-hwe - 4.15.0-143
linux-hwe - 4.15.0-69
linux - 4.4.0-168
linux - 4.4.0-211

Ubuntu 22.04 LTS
linux-aws - 5.15.0-1000
linux-azure - 5.15.0-1000
linux-gcp - 5.15.0-1000
linux-gke - 5.15.0-1000
linux-ibm - 5.15.0-1000
linux - 5.15.0-24
linux - 5.15.0-25

Ubuntu 14.04 ESM
linux-lts-xenial - 4.4.0-168

References

- CVE-2023-0179
- CVE-2023-0461



Login or Register to add favorites

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    16 Files
  • 10
    Sep 10th
    38 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    0 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close