what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Ubuntu Security Notice USN-6549-3

Posted Dec 13, 2023

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6549-3 - It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors in certain situations, leading to a out-of-bounds read vulnerability. A local attacker could possibly use this to cause a denial of service. Lin Ma discovered that the Netlink Transformation subsystem in the Linux kernel did not properly initialize a policy data structure, leading to an out-of-bounds vulnerability. A local privileged attacker could use this to cause a denial of service or possibly expose sensitive information.

tags | advisory, denial of service, kernel, local

systems | linux, ubuntu

advisories | CVE-2023-37453, CVE-2023-3773, CVE-2023-39189, CVE-2023-39192, CVE-2023-39193, CVE-2023-39194, CVE-2023-39198, CVE-2023-42754, CVE-2023-5158, CVE-2023-5178, CVE-2023-5717

SHA-256 | a27df7c8ef284709fac99b7a805f0a2f50c5a350c3192cd02415e52215389439

Download | Favorite | View

Related Files

No related files