what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

CVE-2023-3212

Status Candidate

Overview

A NULL pointer dereference issue was found in the gfs2 file system in the Linux kernel. It occurs on corrupt gfs2 file systems when the evict code tries to reference the journal descriptor structure after it has been freed and set to NULL. A privileged local user could use this flaw to cause a kernel panic.

Related Files

Ubuntu Security Notice USN-6466-1
Posted Nov 13, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6466-1 - Hyunwoo Kim discovered that the DVB Core driver in the Linux kernel contained a race condition during device removal, leading to a use-after- free vulnerability. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code. Hyunwoo Kim discovered that the Technotrend/Hauppauge USB DEC driver in the Linux kernel did not properly handle device removal events. A physically proximate attacker could use this to cause a denial of service.

tags | advisory, denial of service, arbitrary, kernel
systems | linux, ubuntu
advisories | CVE-2022-45886, CVE-2022-45887, CVE-2022-48425, CVE-2023-1206, CVE-2023-20569, CVE-2023-20588, CVE-2023-21264, CVE-2023-2156, CVE-2023-31083, CVE-2023-3212, CVE-2023-34319, CVE-2023-3772, CVE-2023-38427, CVE-2023-38430
SHA-256 | d231e9eb22491a28681d89631f3af4b06d452c694529f3f61e5a1f1f2333a3c8
Ubuntu Security Notice USN-6396-3
Posted Oct 17, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6396-3 - It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information.

tags | advisory, x86, local
systems | linux, ubuntu
advisories | CVE-2022-27672, CVE-2022-40982, CVE-2023-3212, CVE-2023-3863, CVE-2023-40283, CVE-2023-4128
SHA-256 | 8232218ebf9db1d697b359db5fb1b03f5377448ae5c7c7556b00fe639696885f
Ubuntu Security Notice USN-6396-2
Posted Oct 5, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6396-2 - It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information.

tags | advisory, x86, local
systems | linux, ubuntu
advisories | CVE-2022-27672, CVE-2022-40982, CVE-2023-3212, CVE-2023-3863, CVE-2023-40283, CVE-2023-4128
SHA-256 | 70922139c6b034f316eb5edab38f72e40e1c058b73dbdd7a944c8bf477ad69b9
Ubuntu Security Notice USN-6417-1
Posted Oct 5, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6417-1 - It was discovered that the eBPF implementation in the Linux kernel contained a race condition around read-only maps. A privileged attacker could use this to modify read-only maps. It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker could use this to cause a denial of service.

tags | advisory, remote, denial of service, kernel
systems | linux, ubuntu
advisories | CVE-2021-4001, CVE-2023-1206, CVE-2023-3212, CVE-2023-3338, CVE-2023-3863, CVE-2023-4194
SHA-256 | c26238a5fdacf3ea9d3afd0da623a96b6fd205a4238fb6b5c63f66ebabb02fb1
Ubuntu Security Notice USN-6412-1
Posted Oct 5, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6412-1 - Hyunwoo Kim discovered that the DVB Core driver in the Linux kernel contained a race condition during device removal, leading to a use-after- free vulnerability. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code. Hyunwoo Kim discovered that the Technotrend/Hauppauge USB DEC driver in the Linux kernel did not properly handle device removal events. A physically proximate attacker could use this to cause a denial of service.

tags | advisory, denial of service, arbitrary, kernel
systems | linux, ubuntu
advisories | CVE-2022-45886, CVE-2022-45887, CVE-2022-48425, CVE-2023-1206, CVE-2023-20569, CVE-2023-2156, CVE-2023-3212, CVE-2023-38427, CVE-2023-38431, CVE-2023-4155, CVE-2023-4194, CVE-2023-4273
SHA-256 | eef2bb4192be147f56bfdab3849d216add0a381c00e18c6ca3934a0f72c58c02
Ubuntu Security Notice USN-6396-1
Posted Sep 27, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6396-1 - It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information.

tags | advisory, x86, local
systems | linux, ubuntu
advisories | CVE-2022-27672, CVE-2022-40982, CVE-2023-3212, CVE-2023-3863, CVE-2023-40283, CVE-2023-4128
SHA-256 | 04f83418015d33b3205d491de8dc8ecd62f2ec112f80bc56af999e0c615748fa
Ubuntu Security Notice USN-6388-1
Posted Sep 20, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6388-1 - Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. Yang Lan discovered that the GFS2 file system implementation in the Linux kernel could attempt to dereference a null pointer in some situations. An attacker could use this to construct a malicious GFS2 image that, when mounted and operated on, could cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-40982, CVE-2023-3212, CVE-2023-32269, CVE-2023-3863, CVE-2023-40283, CVE-2023-4128, CVE-2023-4385, CVE-2023-4387, CVE-2023-4459
SHA-256 | c7b2ed8513e23fcfddfc331701b72291460bb91a9488a2abfbd0460416e7472e
Ubuntu Security Notice USN-6339-4
Posted Sep 19, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6339-4 - It was discovered that the NTFS file system implementation in the Linux kernel did not properly validate MFT flags in certain situations. An attacker could use this to construct a malicious NTFS image that, when mounted and operated on, could cause a denial of service. Zi Fan Tan discovered that the binder IPC implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-48425, CVE-2023-21255, CVE-2023-2898, CVE-2023-31084, CVE-2023-3212, CVE-2023-38429
SHA-256 | a3e8b1ad5465602a156c435c1f2741dfb786234586cfda3347456f0aba58dbb2
Ubuntu Security Notice USN-6339-3
Posted Sep 12, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6339-3 - It was discovered that the NTFS file system implementation in the Linux kernel did not properly validate MFT flags in certain situations. An attacker could use this to construct a malicious NTFS image that, when mounted and operated on, could cause a denial of service. Zi Fan Tan discovered that the binder IPC implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-48425, CVE-2023-21255, CVE-2023-2898, CVE-2023-31084, CVE-2023-3212, CVE-2023-38429
SHA-256 | 2eb90c30fa41f35eeadbbd911d813105f3e87f3a1db17a27a52b84d78bcc4b2c
Ubuntu Security Notice USN-6339-2
Posted Sep 11, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6339-2 - It was discovered that the NTFS file system implementation in the Linux kernel did not properly validate MFT flags in certain situations. An attacker could use this to construct a malicious NTFS image that, when mounted and operated on, could cause a denial of service. Zi Fan Tan discovered that the binder IPC implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-48425, CVE-2023-21255, CVE-2023-2898, CVE-2023-31084, CVE-2023-3212, CVE-2023-38429
SHA-256 | 077fdae2800c336a924ddcf0c8feac75ced182727019b194d9b8d2a79240a64f
Ubuntu Security Notice USN-6351-1
Posted Sep 7, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6351-1 - It was discovered that the NTFS file system implementation in the Linux kernel did not properly validate MFT flags in certain situations. An attacker could use this to construct a malicious NTFS image that, when mounted and operated on, could cause a denial of service. Zi Fan Tan discovered that the binder IPC implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-48425, CVE-2023-21255, CVE-2023-2898, CVE-2023-31084, CVE-2023-3212, CVE-2023-38429
SHA-256 | c15dae03407487c2d5285dce31df9e24e6e3b40cda4e1fbe3266938239c8f965
Ubuntu Security Notice USN-6350-1
Posted Sep 7, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6350-1 - It was discovered that the NTFS file system implementation in the Linux kernel did not properly validate MFT flags in certain situations. An attacker could use this to construct a malicious NTFS image that, when mounted and operated on, could cause a denial of service. Zi Fan Tan discovered that the binder IPC implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-48425, CVE-2023-21255, CVE-2023-2898, CVE-2023-31084, CVE-2023-3212, CVE-2023-38429
SHA-256 | fc93d3ecf4826862649617f94583491945529d2bd3ca986f5668259ad0fea34c
Ubuntu Security Notice USN-6339-1
Posted Sep 6, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6339-1 - It was discovered that the NTFS file system implementation in the Linux kernel did not properly validate MFT flags in certain situations. An attacker could use this to construct a malicious NTFS image that, when mounted and operated on, could cause a denial of service. Zi Fan Tan discovered that the binder IPC implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-48425, CVE-2023-21255, CVE-2023-2898, CVE-2023-31084, CVE-2023-3212, CVE-2023-38429
SHA-256 | 491b72b3d8f313572073602181b37b8870c0766ba938f4f836eb334119fd4c46
Ubuntu Security Notice USN-6231-1
Posted Jul 17, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6231-1 - It was discovered that the XFS file system implementation in the Linux kernel did not properly perform metadata validation when mounting certain images. An attacker could use this to specially craft a file system image that, when mounted, could cause a denial of service. It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel
systems | linux, ubuntu
advisories | CVE-2023-2124, CVE-2023-3090, CVE-2023-31084, CVE-2023-3141, CVE-2023-3212
SHA-256 | 2e365ffb339dfe2be44bdbad6d687359019a0b108d3006f7adbc0e5c4b3f56ff
Debian Security Advisory 5448-1
Posted Jul 6, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5448-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2023-2124, CVE-2023-2156, CVE-2023-2269, CVE-2023-3090, CVE-2023-31084, CVE-2023-3212, CVE-2023-32250, CVE-2023-32254, CVE-2023-3268, CVE-2023-3269, CVE-2023-3390, CVE-2023-35788
SHA-256 | 69b555bc6896ae45b61015f0f97296207dfc3d9bdcac414ad415646ffe0f0645
Page 1 of 1
Back1Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close