what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 11 of 11 RSS Feed

CVE-2023-3777

Status Candidate

Overview

A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. When nf_tables_delrule() is flushing table rules, it is not checked whether the chain is bound and the chain's owner rule can also release the objects in certain circumstances. We recommend upgrading past commit 6eaf41e87a223ae6f8e7a28d6e78384ad7e407f8.

Related Files

Kernel Live Patch Security Notice LSN-0099-1
Posted Nov 29, 2023
Authored by Benjamin M. Romer

It was discovered that the Xen netback driver in the Linux kernel did not properly handle packets structured in certain ways. An attacker in a guest VM could possibly use this to cause a denial of service (host NIC availability). It was discovered that the virtual terminal driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). Various other issues were discovered and addressed.

tags | advisory, denial of service, kernel, local
systems | linux
advisories | CVE-2022-3643, CVE-2023-31436, CVE-2023-34319, CVE-2023-3567, CVE-2023-3609, CVE-2023-3776, CVE-2023-3777, CVE-2023-3995, CVE-2023-4004, CVE-2023-40283, CVE-2023-42752, CVE-2023-42753, CVE-2023-4622, CVE-2023-4623
SHA-256 | ee52836c711111ecd52b6c4162409caa5a393b4ec4571f1e5de8d4ace83228b9
Kernel Live Patch Security Notice LSN-0098-1
Posted Oct 11, 2023
Authored by Benjamin M. Romer

It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. It was discovered that the virtual terminal driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux
advisories | CVE-2023-21400, CVE-2023-3090, CVE-2023-3567, CVE-2023-3609, CVE-2023-3776, CVE-2023-3777, CVE-2023-3995, CVE-2023-4004, CVE-2023-40283, CVE-2023-4128
SHA-256 | cee33fcedd3c531f91ff1d0a8fe1060cf9d74dad35ef33c6828c5de7d753e527
Debian Security Advisory 5492-1
Posted Sep 11, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5492-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2023-1206, CVE-2023-1989, CVE-2023-20588, CVE-2023-2430, CVE-2023-2898, CVE-2023-34319, CVE-2023-3611, CVE-2023-3772, CVE-2023-3773, CVE-2023-3776, CVE-2023-3777, CVE-2023-3863, CVE-2023-4004, CVE-2023-4015
SHA-256 | 60277f2faef1ae1013aaa8886111d7c6bc6dc369ef63d5538109f991fe7534ea
Ubuntu Security Notice USN-6348-1
Posted Sep 6, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6348-1 - Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2022-40982, CVE-2023-20593, CVE-2023-21400, CVE-2023-3609, CVE-2023-3610, CVE-2023-3611, CVE-2023-3776, CVE-2023-3777, CVE-2023-3995, CVE-2023-4004, CVE-2023-4015
SHA-256 | 21bd7ad16821bcaedade2c6fb31460d77707aeb86f94702a8dbdf11003cb7e00
Ubuntu Security Notice USN-6330-1
Posted Sep 2, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6330-1 - Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2022-40982, CVE-2023-20593, CVE-2023-21400, CVE-2023-3609, CVE-2023-3610, CVE-2023-3611, CVE-2023-3776, CVE-2023-3777, CVE-2023-3995, CVE-2023-4004, CVE-2023-4015
SHA-256 | deecf2a1038859bc54e7bc4552ec064b918fba9c85121f69ac6b49fd50ccbe1a
Ubuntu Security Notice USN-6328-1
Posted Sep 2, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6328-1 - Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2022-40982, CVE-2023-20593, CVE-2023-3609, CVE-2023-3610, CVE-2023-3611, CVE-2023-3776, CVE-2023-3777, CVE-2023-3995, CVE-2023-4004, CVE-2023-4015
SHA-256 | c4feb5d7fc10a439682355b4dd5a2b38977e66c51fb19680ebef69b62ce10d71
Ubuntu Security Notice USN-6325-1
Posted Aug 31, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6325-1 - Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2022-40982, CVE-2023-20593, CVE-2023-21400, CVE-2023-3609, CVE-2023-3610, CVE-2023-3611, CVE-2023-3776, CVE-2023-3777, CVE-2023-3995, CVE-2023-4004, CVE-2023-4015
SHA-256 | 1743858f505c25ed449fa21a975dfb6ace00d74d103e7f67dbdfab548290c4f7
Ubuntu Security Notice USN-6321-1
Posted Aug 31, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6321-1 - Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2022-40982, CVE-2023-20593, CVE-2023-3609, CVE-2023-3610, CVE-2023-3611, CVE-2023-3776, CVE-2023-3777, CVE-2023-3995, CVE-2023-4004, CVE-2023-4015
SHA-256 | 1d629b070b7634bff1f72ea8b938d3be648a4d6ec0907851c41c3d3277248fcf
Ubuntu Security Notice USN-6318-1
Posted Aug 30, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6318-1 - Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2022-40982, CVE-2023-20593, CVE-2023-3609, CVE-2023-3610, CVE-2023-3611, CVE-2023-3776, CVE-2023-3777, CVE-2023-3995, CVE-2023-4004, CVE-2023-4015
SHA-256 | 1b7bbe8779efdf714318dc0d4a82b27e5611d839a9924800d8d0dbcd7ea7ca73
Ubuntu Security Notice USN-6316-1
Posted Aug 30, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6316-1 - Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2022-40982, CVE-2023-20593, CVE-2023-3777, CVE-2023-3995, CVE-2023-4004, CVE-2023-4015
SHA-256 | c4c9a23e316d26047a6db3093dd14fc8354a59af890d65bbbcff901cc0546675
Ubuntu Security Notice USN-6315-1
Posted Aug 30, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6315-1 - Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2022-40982, CVE-2023-20593, CVE-2023-21400, CVE-2023-3609, CVE-2023-3610, CVE-2023-3611, CVE-2023-3776, CVE-2023-3777, CVE-2023-3995, CVE-2023-4004, CVE-2023-4015
SHA-256 | 873c4cefd57f45a1c8bc078ea3edde1dcdd2a6df91f90b68d4e4fd025a0371b4
Page 1 of 1
Back1Next

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    17 Files
  • 21
    May 21st
    18 Files
  • 22
    May 22nd
    7 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close