what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 25 RSS Feed

CVE-2023-3611

Status Candidate

Overview

An out-of-bounds write vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation. The qfq_change_agg() function in net/sched/sch_qfq.c allows an out-of-bounds write because lmax is updated according to packet sizes without bounds checks. We recommend upgrading past commit 3e337087c3b5805fe0b8a46ba622a962880b5d64.

Related Files

Red Hat Security Advisory 2024-1831-03
Posted Apr 16, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1831-03 - An update for kernel is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support. Issues addressed include out of bounds write and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2023-3611
SHA-256 | fc3a413f57dbe50448729e85069f6848993af45d296ea170081bb919fd1cdd1a
Red Hat Security Advisory 2024-1377-03
Posted Mar 20, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1377-03 - An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.4. Issues addressed include an out of bounds write vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-3611
SHA-256 | d4903e20010503f067175078d593cef885a9169e0362ed1d200ef892c1341562
Red Hat Security Advisory 2024-0262-03
Posted Jan 17, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0262-03 - An update for kernel is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2023-3611
SHA-256 | 9e24cb81c08a38e8c903a3356b3ddcb53fc0fd636358d356e57e9c67ded661af
Red Hat Security Advisory 2024-0261-03
Posted Jan 17, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0261-03 - An update for kernel is now available for Red Hat Enterprise Linux 7.6 Advanced Update Support. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2023-3611
SHA-256 | 3dd8fa61a7cf23e065f7c985609c423231e58a8838857db726c67d79b8cf266e
Red Hat Security Advisory 2023-7419-01
Posted Nov 22, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-7419-01 - An update for kpatch-patch is now available for Red Hat Enterprise Linux 7. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-3611
SHA-256 | 936fdf648883fbd8ebdc63aa8a8c2b8a636850d88046a3db4ad2063a7fadd385
Ubuntu Security Notice USN-6397-1
Posted Sep 27, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6397-1 - Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-40982, CVE-2023-2002, CVE-2023-20593, CVE-2023-21255, CVE-2023-2163, CVE-2023-2269, CVE-2023-31084, CVE-2023-3268, CVE-2023-35823, CVE-2023-35824, CVE-2023-35828, CVE-2023-3609, CVE-2023-3611, CVE-2023-3776
SHA-256 | d13a796719bdfb63b4fcf139769434d3580bd60dc34168be371834a19bf9ba32
Ubuntu Security Notice USN-6357-1
Posted Sep 11, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6357-1 - Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-40982, CVE-2023-2002, CVE-2023-20593, CVE-2023-21255, CVE-2023-2163, CVE-2023-2269, CVE-2023-31084, CVE-2023-3268, CVE-2023-35823, CVE-2023-35824, CVE-2023-35828, CVE-2023-3609, CVE-2023-3611, CVE-2023-3776
SHA-256 | ecf800ab0410dde6d764f6612d9757e127e606bdcd6ca315ff3520f9edd58563
Debian Security Advisory 5492-1
Posted Sep 11, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5492-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2023-1206, CVE-2023-1989, CVE-2023-20588, CVE-2023-2430, CVE-2023-2898, CVE-2023-34319, CVE-2023-3611, CVE-2023-3772, CVE-2023-3773, CVE-2023-3776, CVE-2023-3777, CVE-2023-3863, CVE-2023-4004, CVE-2023-4015
SHA-256 | 60277f2faef1ae1013aaa8886111d7c6bc6dc369ef63d5538109f991fe7534ea
Ubuntu Security Notice USN-6342-2
Posted Sep 11, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6342-2 - Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information. Zheng Zhang discovered that the device-mapper implementation in the Linux kernel did not properly handle locking during table_clear operations. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-20593, CVE-2023-2269, CVE-2023-2985, CVE-2023-31084, CVE-2023-3611, CVE-2023-3776
SHA-256 | 05e82632757fa7f1374c9892107dfd7e810b60bc2e3e1f8d1ed3a62876b2e3ec
Ubuntu Security Notice USN-6348-1
Posted Sep 6, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6348-1 - Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2022-40982, CVE-2023-20593, CVE-2023-21400, CVE-2023-3609, CVE-2023-3610, CVE-2023-3611, CVE-2023-3776, CVE-2023-3777, CVE-2023-3995, CVE-2023-4004, CVE-2023-4015
SHA-256 | 21bd7ad16821bcaedade2c6fb31460d77707aeb86f94702a8dbdf11003cb7e00
Ubuntu Security Notice USN-6346-1
Posted Sep 6, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6346-1 - Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2022-40982, CVE-2023-20593, CVE-2023-3609, CVE-2023-3611, CVE-2023-3776
SHA-256 | e422ea5f7081bc0200e85b80da4c8a9f6df414eaf7dc501f340da0bb9e378a29
Ubuntu Security Notice USN-6342-1
Posted Sep 6, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6342-1 - Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information. Zheng Zhang discovered that the device-mapper implementation in the Linux kernel did not properly handle locking during table_clear operations. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-20593, CVE-2023-2269, CVE-2023-2985, CVE-2023-31084, CVE-2023-3611, CVE-2023-3776
SHA-256 | 11c061734d9794d4249b0df7d3dad9790f54d598352a33e528c8fae23b780348
Ubuntu Security Notice USN-6341-1
Posted Sep 6, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6341-1 - Jordy Zomer and Alexandra Sandulescu discovered that syscalls invoking the do_prlimit function in the Linux kernel did not properly handle speculative execution barriers. A local attacker could use this to expose sensitive information. It was discovered that a use-after-free vulnerability existed in the IEEE 1394 implementation in the Linux kernel. A privileged attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-0458, CVE-2023-3159, CVE-2023-3567, CVE-2023-3611, CVE-2023-3776
SHA-256 | ca34fa3d447279b67b01ba5d2440f9e87fb69131a520e1fce87446a60f8869f2
Ubuntu Security Notice USN-6330-1
Posted Sep 2, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6330-1 - Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2022-40982, CVE-2023-20593, CVE-2023-21400, CVE-2023-3609, CVE-2023-3610, CVE-2023-3611, CVE-2023-3776, CVE-2023-3777, CVE-2023-3995, CVE-2023-4004, CVE-2023-4015
SHA-256 | deecf2a1038859bc54e7bc4552ec064b918fba9c85121f69ac6b49fd50ccbe1a
Ubuntu Security Notice USN-6329-1
Posted Sep 2, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6329-1 - Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2022-40982, CVE-2023-20593, CVE-2023-3609, CVE-2023-3611, CVE-2023-3776
SHA-256 | 3ab2535d6b2e3760934b04db84af47208028e08f7cdfe874f45bdbc71644631b
Ubuntu Security Notice USN-6328-1
Posted Sep 2, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6328-1 - Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2022-40982, CVE-2023-20593, CVE-2023-3609, CVE-2023-3610, CVE-2023-3611, CVE-2023-3776, CVE-2023-3777, CVE-2023-3995, CVE-2023-4004, CVE-2023-4015
SHA-256 | c4feb5d7fc10a439682355b4dd5a2b38977e66c51fb19680ebef69b62ce10d71
Ubuntu Security Notice USN-6327-1
Posted Sep 2, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6327-1 - Zheng Zhang discovered that the device-mapper implementation in the Linux kernel did not properly handle locking during table_clear operations. A local attacker could use this to cause a denial of service. It was discovered that a use-after-free vulnerability existed in the HFS+ file system implementation in the Linux kernel. A local attacker could possibly use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-2269, CVE-2023-2985, CVE-2023-31084, CVE-2023-3567, CVE-2023-3611, CVE-2023-3776
SHA-256 | 72aa78e35cd621fa782450da790d2fa333e270e5f36b03b02cd2a82160f024d3
Ubuntu Security Notice USN-6325-1
Posted Aug 31, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6325-1 - Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2022-40982, CVE-2023-20593, CVE-2023-21400, CVE-2023-3609, CVE-2023-3610, CVE-2023-3611, CVE-2023-3776, CVE-2023-3777, CVE-2023-3995, CVE-2023-4004, CVE-2023-4015
SHA-256 | 1743858f505c25ed449fa21a975dfb6ace00d74d103e7f67dbdfab548290c4f7
Ubuntu Security Notice USN-6324-1
Posted Aug 31, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6324-1 - Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2022-40982, CVE-2023-20593, CVE-2023-3609, CVE-2023-3611, CVE-2023-3776
SHA-256 | 3ca0e623afd0d243fb7f341e17d4452d9815d519fad76cb9d0bbd4482e76e276
Ubuntu Security Notice USN-6321-1
Posted Aug 31, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6321-1 - Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2022-40982, CVE-2023-20593, CVE-2023-3609, CVE-2023-3610, CVE-2023-3611, CVE-2023-3776, CVE-2023-3777, CVE-2023-3995, CVE-2023-4004, CVE-2023-4015
SHA-256 | 1d629b070b7634bff1f72ea8b938d3be648a4d6ec0907851c41c3d3277248fcf
Ubuntu Security Notice USN-6317-1
Posted Aug 30, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6317-1 - Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2022-40982, CVE-2023-20593, CVE-2023-3609, CVE-2023-3611, CVE-2023-3776
SHA-256 | 2ab1773db38e41773a51a50a8bdd5c08ff8c82f1c244a11b339811982508b30b
Ubuntu Security Notice USN-6318-1
Posted Aug 30, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6318-1 - Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2022-40982, CVE-2023-20593, CVE-2023-3609, CVE-2023-3610, CVE-2023-3611, CVE-2023-3776, CVE-2023-3777, CVE-2023-3995, CVE-2023-4004, CVE-2023-4015
SHA-256 | 1b7bbe8779efdf714318dc0d4a82b27e5611d839a9924800d8d0dbcd7ea7ca73
Ubuntu Security Notice USN-6315-1
Posted Aug 30, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6315-1 - Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2022-40982, CVE-2023-20593, CVE-2023-21400, CVE-2023-3609, CVE-2023-3610, CVE-2023-3611, CVE-2023-3776, CVE-2023-3777, CVE-2023-3995, CVE-2023-4004, CVE-2023-4015
SHA-256 | 873c4cefd57f45a1c8bc078ea3edde1dcdd2a6df91f90b68d4e4fd025a0371b4
Ubuntu Security Notice USN-6309-1
Posted Aug 29, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6309-1 - Zheng Zhang discovered that the device-mapper implementation in the Linux kernel did not properly handle locking during table_clear operations. A local attacker could use this to cause a denial of service. It was discovered that a use-after-free vulnerability existed in the HFS+ file system implementation in the Linux kernel. A local attacker could possibly use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-2269, CVE-2023-2985, CVE-2023-31084, CVE-2023-3567, CVE-2023-3611, CVE-2023-3776
SHA-256 | babc60df14f656c3c6f1d4b53c94991c7b510466619a66a6c569c61fa120f99f
Ubuntu Security Notice USN-6285-1
Posted Aug 14, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6285-1 - It was discovered that the NTFS file system implementation in the Linux kernel did not properly check buffer indexes in certain situations, leading to an out-of-bounds read vulnerability. A local attacker could possibly use this to expose sensitive information. Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-48502, CVE-2023-2640, CVE-2023-2898, CVE-2023-31248, CVE-2023-32629, CVE-2023-3390, CVE-2023-35001, CVE-2023-3609, CVE-2023-3610, CVE-2023-3611, CVE-2023-3776, CVE-2023-38430, CVE-2023-38432, CVE-2023-3863
SHA-256 | c7303f43ba77d16cc931ee8b1c0d2f16d00a561cedb386fa837bfed417cd59f3
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close