what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Ubuntu Security Notice USN-6534-3

Posted Dec 13, 2023

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6534-3 - It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors in certain situations, leading to a out-of-bounds read vulnerability. A local attacker could possibly use this to cause a denial of service. Lin Ma discovered that the Netlink Transformation subsystem in the Linux kernel did not properly initialize a policy data structure, leading to an out-of-bounds vulnerability. A local privileged attacker could use this to cause a denial of service or possibly expose sensitive information.

tags | advisory, denial of service, kernel, local

systems | linux, ubuntu

advisories | CVE-2023-37453, CVE-2023-3773, CVE-2023-39189, CVE-2023-39192, CVE-2023-39193, CVE-2023-39194, CVE-2023-39198, CVE-2023-42754, CVE-2023-5158, CVE-2023-5178, CVE-2023-5717, CVE-2023-6039

SHA-256 | 46fe3ed898cda446e97504fb5ef391931ee2a4a498ea914b4c39e38c4d5ea98d

Download | Favorite | View

Related Files

No related files