CVE-2023-3159

Related Files

Ubuntu Security Notice USN-6341-1

Posted Sep 6, 2023

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6341-1 - Jordy Zomer and Alexandra Sandulescu discovered that syscalls invoking the do_prlimit function in the Linux kernel did not properly handle speculative execution barriers. A local attacker could use this to expose sensitive information. It was discovered that a use-after-free vulnerability existed in the IEEE 1394 implementation in the Linux kernel. A privileged attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local

systems | linux, ubuntu

advisories | CVE-2023-0458, CVE-2023-3159, CVE-2023-3567, CVE-2023-3611, CVE-2023-3776

SHA-256 | ca34fa3d447279b67b01ba5d2440f9e87fb69131a520e1fce87446a60f8869f2

Download | Favorite | View

Ubuntu Security Notice USN-6254-1

Posted Jul 27, 2023

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6254-1 - Jordy Zomer and Alexandra Sandulescu discovered that syscalls invoking the do_prlimit function in the Linux kernel did not properly handle speculative execution barriers. A local attacker could use this to expose sensitive information. It was discovered that a race condition existed in the btrfs file system implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly expose sensitive information.

tags | advisory, denial of service, kernel, local

systems | linux, ubuntu

advisories | CVE-2023-0458, CVE-2023-1611, CVE-2023-2124, CVE-2023-2162, CVE-2023-2513, CVE-2023-3090, CVE-2023-3141, CVE-2023-3159, CVE-2023-3161, CVE-2023-3268, CVE-2023-3390, CVE-2023-35001

SHA-256 | 0faaa1a4c904d2777eb8f39748a9d767eddb9f41659d19079b8dcbea4f5d81ef

Download | Favorite | View