what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 42 RSS Feed

CVE-2022-3628

Status Candidate

Overview

A buffer overflow flaw was found in the Linux kernel Broadcom Full MAC Wi-Fi driver. This issue occurs when a user connects to a malicious USB device. This can allow a local user to crash the system or escalate their privileges.

Related Files

Ubuntu Security Notice USN-6096-1
Posted May 23, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6096-1 - It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, x86, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-27672, CVE-2022-36280, CVE-2022-3707, CVE-2022-4129, CVE-2022-4842, CVE-2022-48423, CVE-2022-48424, CVE-2023-0210, CVE-2023-0394, CVE-2023-0458, CVE-2023-0459, CVE-2023-1073, CVE-2023-1074, CVE-2023-1075
SHA-256 | 34cc30ebdf58924fb1b0c1d2ffdb4157e4f644bf5821397bbd37680bea54a1e2
Ubuntu Security Notice USN-6091-1
Posted May 19, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6091-1 - It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, x86, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-27672, CVE-2022-36280, CVE-2022-3707, CVE-2022-4129, CVE-2022-4842, CVE-2022-48423, CVE-2022-48424, CVE-2023-0210, CVE-2023-0394, CVE-2023-0458, CVE-2023-0459, CVE-2023-1073, CVE-2023-1074, CVE-2023-1075
SHA-256 | 651ba1a89cf9b5d5fcfc6ec7f0f13b73b41225a33fc642efba219a7eab3cd1ba
Ubuntu Security Notice USN-6079-1
Posted May 16, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6079-1 - It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, x86, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-27672, CVE-2022-36280, CVE-2022-3707, CVE-2022-4129, CVE-2022-4842, CVE-2022-48423, CVE-2022-48424, CVE-2023-0210, CVE-2023-0394, CVE-2023-0458, CVE-2023-0459, CVE-2023-1073, CVE-2023-1074, CVE-2023-1075
SHA-256 | c55226f642efc261a275c77b949560f51ecbee738f4b1ae410a64e9ef5623271
Ubuntu Security Notice USN-6032-1
Posted Apr 20, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6032-1 - Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service. Gerald Lee discovered that the USB Gadget file system implementation in the Linux kernel contained a race condition, leading to a use-after-free vulnerability in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-36280, CVE-2022-4382, CVE-2023-1074, CVE-2023-1118, CVE-2023-23559, CVE-2023-26605, CVE-2023-26607
SHA-256 | 08e97ef4623b43e166aa41785d752beb4eb1a28c2bfbe6ca623eb62bb0b636f5
Ubuntu Security Notice USN-6030-1
Posted Apr 20, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6030-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-3669, CVE-2022-3424, CVE-2022-36280, CVE-2022-3903, CVE-2022-41218, CVE-2022-47929, CVE-2023-0045, CVE-2023-0266, CVE-2023-0394, CVE-2023-1073, CVE-2023-1074, CVE-2023-1281, CVE-2023-23455, CVE-2023-23559
SHA-256 | 2945178b2c10e70e350ccc077d02e94eafd3a32e099949a0c9a5c79bcc51602d
Ubuntu Security Notice USN-6009-1
Posted Apr 12, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6009-1 - It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service. It was discovered that a use-after-free vulnerability existed in the SGI GRU driver in the Linux kernel. A local attacker could possibly use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-3669, CVE-2022-3424, CVE-2022-36280, CVE-2022-41218, CVE-2022-47929, CVE-2023-0045, CVE-2023-0266, CVE-2023-0394, CVE-2023-23455, CVE-2023-23559, CVE-2023-28328
SHA-256 | fae0436a7a71ef1f1c9e2b9c7be382f428603ebb16892ffc834fe96514e4351e
Ubuntu Security Notice USN-6007-1
Posted Apr 12, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6007-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2 implementation in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2022-20369, CVE-2022-26373, CVE-2022-2663, CVE-2022-29900, CVE-2022-29901, CVE-2022-3521, CVE-2022-3545, CVE-2022-3628, CVE-2022-3640, CVE-2022-3646, CVE-2022-3649, CVE-2022-39842, CVE-2022-41849, CVE-2022-41850
SHA-256 | c9b262e901295d825ffdae99b8758152082453e077fbc686cdf819f98f52abc7
Ubuntu Security Notice USN-6004-1
Posted Apr 12, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6004-1 - It was discovered that the KVM VMX implementation in the Linux kernel did not properly handle indirect branch prediction isolation between L1 and L2 VMs. An attacker in a guest VM could use this to expose sensitive information from the host OS or other guest VMs. It was discovered that a use-after-free vulnerability existed in the SGI GRU driver in the Linux kernel. A local attacker could possibly use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-2196, CVE-2022-3424, CVE-2022-36280, CVE-2022-41218, CVE-2022-4382, CVE-2022-48423, CVE-2022-48424, CVE-2023-0045, CVE-2023-0210, CVE-2023-0266, CVE-2023-23454, CVE-2023-23455, CVE-2023-23559, CVE-2023-26606
SHA-256 | cabcdc25961ee369304092af7380ed42dd5a5ca767df881b09baa5dd34bba804
Ubuntu Security Notice USN-6000-1
Posted Apr 6, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6000-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the NVMe driver in the Linux kernel did not properly handle reset events in some situations. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, arbitrary, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2022-3169, CVE-2022-3424, CVE-2022-3435, CVE-2022-3521, CVE-2022-3545, CVE-2022-3623, CVE-2022-36280, CVE-2022-41218, CVE-2022-4139, CVE-2022-47520, CVE-2022-47929, CVE-2023-0045, CVE-2023-0266, CVE-2023-0394
SHA-256 | e9c783fd857dd877172d6b22feaf0fdab4162c87abb98b854318a9659634936d
Ubuntu Security Notice USN-5991-1
Posted Mar 31, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5991-1 - It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service. It was discovered that a use-after-free vulnerability existed in the SGI GRU driver in the Linux kernel. A local attacker could possibly use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-3669, CVE-2022-3424, CVE-2022-36280, CVE-2022-41218, CVE-2022-47929, CVE-2023-0045, CVE-2023-0266, CVE-2023-0394, CVE-2023-23455, CVE-2023-23559, CVE-2023-28328
SHA-256 | 3560637df360f1ac89db43e6f7478418a3608bd908f00448013d1616b6595f39
Ubuntu Security Notice USN-5987-1
Posted Mar 30, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5987-1 - It was discovered that the KVM VMX implementation in the Linux kernel did not properly handle indirect branch prediction isolation between L1 and L2 VMs. An attacker in a guest VM could use this to expose sensitive information from the host OS or other guest VMs. It was discovered that a use-after-free vulnerability existed in the SGI GRU driver in the Linux kernel. A local attacker could possibly use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-2196, CVE-2022-3424, CVE-2022-36280, CVE-2022-41218, CVE-2022-4382, CVE-2022-48423, CVE-2022-48424, CVE-2023-0045, CVE-2023-0210, CVE-2023-0266, CVE-2023-23454, CVE-2023-23455, CVE-2023-23559, CVE-2023-26606
SHA-256 | 3ea2c4f328cd7b670a3685872b3e880855897778278430f766f4304cd2a0e323
Ubuntu Security Notice USN-5984-1
Posted Mar 30, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5984-1 - It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service. It was discovered that a use-after-free vulnerability existed in the SGI GRU driver in the Linux kernel. A local attacker could possibly use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-3669, CVE-2022-3424, CVE-2022-36280, CVE-2022-41218, CVE-2022-47929, CVE-2023-0045, CVE-2023-0266, CVE-2023-0394, CVE-2023-23455, CVE-2023-23559, CVE-2023-28328
SHA-256 | cc09bbfa401358a3d10b618f0ae43fa874e7af0b4bacd5e682834b33f84c12f0
Ubuntu Security Notice USN-5981-1
Posted Mar 29, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5981-1 - It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service. It was discovered that a use-after-free vulnerability existed in the SGI GRU driver in the Linux kernel. A local attacker could possibly use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-3669, CVE-2022-3424, CVE-2022-36280, CVE-2022-41218, CVE-2022-47929, CVE-2023-0045, CVE-2023-0266, CVE-2023-0394, CVE-2023-23455, CVE-2023-23559, CVE-2023-28328
SHA-256 | 0669c7b87d128f5181ab34a94abb84a54b38967e928f68a15464d110d5ac2ee6
Ubuntu Security Notice USN-5982-1
Posted Mar 29, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5982-1 - It was discovered that the KVM VMX implementation in the Linux kernel did not properly handle indirect branch prediction isolation between L1 and L2 VMs. An attacker in a guest VM could use this to expose sensitive information from the host OS or other guest VMs. It was discovered that a use-after-free vulnerability existed in the SGI GRU driver in the Linux kernel. A local attacker could possibly use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-2196, CVE-2022-3424, CVE-2022-36280, CVE-2022-41218, CVE-2022-4382, CVE-2022-48423, CVE-2022-48424, CVE-2023-0045, CVE-2023-0210, CVE-2023-0266, CVE-2023-23454, CVE-2023-23455, CVE-2023-23559, CVE-2023-26606
SHA-256 | 5652c2a45a4bbe47c88d9cd205f2eefdfaddf085966095c6c46631f3413ef26d
Ubuntu Security Notice USN-5976-1
Posted Mar 28, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5976-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the KVM VMX implementation in the Linux kernel did not properly handle indirect branch prediction isolation between L1 and L2 VMs. An attacker in a guest VM could use this to expose sensitive information from the host OS or other guest VMs.

tags | advisory, denial of service, arbitrary, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2022-2196, CVE-2022-3061, CVE-2022-3628, CVE-2022-36280, CVE-2022-3646, CVE-2022-3649, CVE-2022-41850, CVE-2023-0394, CVE-2023-0461
SHA-256 | a6dd79b8c521b85e0e1a1074affe7a355a0374b601afa3bdb39197d6af2e1843
Ubuntu Security Notice USN-5975-1
Posted Mar 28, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5975-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, arbitrary, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2021-3669, CVE-2022-20369, CVE-2022-26373, CVE-2022-2663, CVE-2022-29900, CVE-2022-29901, CVE-2022-3424, CVE-2022-3521, CVE-2022-3545, CVE-2022-3628, CVE-2022-36280, CVE-2022-3640, CVE-2022-3646, CVE-2022-3649
SHA-256 | 55a2fbec6479385655d2d83595dfcf36b5ab0bc7b371d27631fa268db1102ed8
Ubuntu Security Notice USN-5951-1
Posted Mar 15, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5951-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the NVMe driver in the Linux kernel did not properly handle reset events in some situations. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, arbitrary, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2022-3169, CVE-2022-3424, CVE-2022-3435, CVE-2022-3521, CVE-2022-3545, CVE-2022-3623, CVE-2022-36280, CVE-2022-41218, CVE-2022-4139, CVE-2022-47520, CVE-2022-47929, CVE-2023-0045, CVE-2023-0266, CVE-2023-0394
SHA-256 | 5d323e9a21a3485713966ef0df059371a85e0f0291d7700527ffdd48d8df43cb
Ubuntu Security Notice USN-5940-1
Posted Mar 13, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5940-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the NVMe driver in the Linux kernel did not properly handle reset events in some situations. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, arbitrary, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2022-3169, CVE-2022-3424, CVE-2022-3435, CVE-2022-3521, CVE-2022-3545, CVE-2022-3623, CVE-2022-36280, CVE-2022-41218, CVE-2022-4139, CVE-2022-47520, CVE-2022-47929, CVE-2023-0045, CVE-2023-0266, CVE-2023-0394
SHA-256 | 2d4bea0496f1459f3977332b1c41c2155e5e5c4347f8a903f871180fc72ec871
Ubuntu Security Notice USN-5939-1
Posted Mar 9, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5939-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the NVMe driver in the Linux kernel did not properly handle reset events in some situations. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, arbitrary, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2022-3169, CVE-2022-3424, CVE-2022-3435, CVE-2022-3521, CVE-2022-3545, CVE-2022-3623, CVE-2022-36280, CVE-2022-41218, CVE-2022-4139, CVE-2022-47520, CVE-2022-47929, CVE-2023-0045, CVE-2023-0266, CVE-2023-0394
SHA-256 | 190d26e80aa2b8d7c1388ab95e36364a6114a29af64adf6b2ee36f3da6317b1e
Ubuntu Security Notice USN-5934-1
Posted Mar 8, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5934-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the NVMe driver in the Linux kernel did not properly handle reset events in some situations. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, arbitrary, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2022-3169, CVE-2022-3424, CVE-2022-3435, CVE-2022-3521, CVE-2022-3545, CVE-2022-3623, CVE-2022-36280, CVE-2022-41218, CVE-2022-4139, CVE-2022-47520, CVE-2022-47929, CVE-2023-0045, CVE-2023-0266, CVE-2023-0394
SHA-256 | fe2f930ada1d055377b15ff6de18e7407f123b019102450882de3d0251e52ec6
Ubuntu Security Notice USN-5927-1
Posted Mar 7, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5927-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, arbitrary, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2021-3669, CVE-2022-3424, CVE-2022-3521, CVE-2022-3545, CVE-2022-3628, CVE-2022-36280, CVE-2022-3640, CVE-2022-41218, CVE-2022-42328, CVE-2022-42895, CVE-2022-47929, CVE-2023-0045, CVE-2023-0266, CVE-2023-0394
SHA-256 | 267cb30398652c6d5e4143e7a564419a514df5b940ea487c998523a7f3bc146b
Ubuntu Security Notice USN-5925-1
Posted Mar 7, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5925-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition existed in the Kernel Connection Multiplexor socket implementation in the Linux kernel when releasing sockets in certain situations. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, arbitrary, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2022-3521, CVE-2022-3545, CVE-2022-3628, CVE-2022-3640, CVE-2022-42328, CVE-2022-42895, CVE-2023-0461
SHA-256 | 0f0f2bc4ad90e2d21d62d6495742008cd217c7c1134c60f81916c696fb70393c
Ubuntu Security Notice USN-5924-1
Posted Mar 7, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5924-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, arbitrary, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2021-3669, CVE-2022-20369, CVE-2022-26373, CVE-2022-2663, CVE-2022-29900, CVE-2022-29901, CVE-2022-3424, CVE-2022-3521, CVE-2022-3545, CVE-2022-3628, CVE-2022-36280, CVE-2022-3640, CVE-2022-3646, CVE-2022-3649
SHA-256 | a8eab20b02c9df68362580c4223bc74421adc8ea73b39fe1311d5dcd6ee3c327
Ubuntu Security Notice USN-5920-1
Posted Mar 6, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5920-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service or execute arbitrary code.

tags | advisory, denial of service, overflow, arbitrary, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2022-3521, CVE-2022-3545, CVE-2022-3628, CVE-2022-3640, CVE-2022-42328, CVE-2022-42895, CVE-2022-4378, CVE-2023-0461
SHA-256 | fa694c2c44a7526df6be2583708cb52eba196281f52f0b24f1db9ebc844741ce
Ubuntu Security Notice USN-5918-1
Posted Mar 6, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5918-1 - It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, remote, denial of service, overflow, arbitrary, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2022-3628, CVE-2022-3640, CVE-2022-3643, CVE-2022-3649, CVE-2022-41849, CVE-2022-41850, CVE-2022-42895, CVE-2022-42896, CVE-2022-43945, CVE-2022-45934, CVE-2023-20928
SHA-256 | fe9d774b2a1b83bc9a5d670d7c1f5f7d626e82fb02c2fdc23e43a368a702bda0
Page 1 of 2
Back12Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    0 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close