CVE-2023-38431

Related Files

Ubuntu Security Notice USN-6725-2

Posted Apr 17, 2024

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6725-2 - Chih-Yen Chang discovered that the KSMBD implementation in the Linux kernel did not properly validate certain data structure fields when parsing lease contexts, leading to an out-of-bounds read vulnerability. A remote attacker could use this to cause a denial of service or possibly expose sensitive information. Quentin Minster discovered that a race condition existed in the KSMBD implementation in the Linux kernel, leading to a use-after-free vulnerability. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary, kernel

systems | linux, ubuntu

advisories | CVE-2023-1194, CVE-2023-32254, CVE-2023-32258, CVE-2023-38427, CVE-2023-38430, CVE-2023-38431, CVE-2023-3867, CVE-2023-46838, CVE-2023-52340, CVE-2023-52436, CVE-2023-52438, CVE-2023-52439, CVE-2023-52442, CVE-2023-52444

SHA-256 | 6d7cd6326721629b499ff1a4ed3916c1134b9cf7a03933ebb2aad8ffbd18a71d

Download | Favorite | View

Ubuntu Security Notice USN-6725-1

Posted Apr 9, 2024

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6725-1 - Chih-Yen Chang discovered that the KSMBD implementation in the Linux kernel did not properly validate certain data structure fields when parsing lease contexts, leading to an out-of-bounds read vulnerability. A remote attacker could use this to cause a denial of service or possibly expose sensitive information. Quentin Minster discovered that a race condition existed in the KSMBD implementation in the Linux kernel, leading to a use-after-free vulnerability. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary, kernel

systems | linux, ubuntu

advisories | CVE-2023-1194, CVE-2023-32254, CVE-2023-32258, CVE-2023-38427, CVE-2023-38430, CVE-2023-38431, CVE-2023-3867, CVE-2023-46838, CVE-2023-52340, CVE-2023-52436, CVE-2023-52438, CVE-2023-52439, CVE-2023-52442, CVE-2023-52444

SHA-256 | 8d6d30178b2854c30f04f5326a65af3d2a2ce39d0ff00d49cba1cfec2df9734b

Download | Favorite | View

Ubuntu Security Notice USN-6412-1

Posted Oct 5, 2023

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6412-1 - Hyunwoo Kim discovered that the DVB Core driver in the Linux kernel contained a race condition during device removal, leading to a use-after- free vulnerability. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code. Hyunwoo Kim discovered that the Technotrend/Hauppauge USB DEC driver in the Linux kernel did not properly handle device removal events. A physically proximate attacker could use this to cause a denial of service.

tags | advisory, denial of service, arbitrary, kernel

systems | linux, ubuntu

advisories | CVE-2022-45886, CVE-2022-45887, CVE-2022-48425, CVE-2023-1206, CVE-2023-20569, CVE-2023-2156, CVE-2023-3212, CVE-2023-38427, CVE-2023-38431, CVE-2023-4155, CVE-2023-4194, CVE-2023-4273

SHA-256 | eef2bb4192be147f56bfdab3849d216add0a381c00e18c6ca3934a0f72c58c02

Download | Favorite | View