Ubuntu security

USN-6212-1: Linux kernel (Intel IoTG) vulnerabilities Hangyu Hua discovered that the Flower classifier implementation in the Linux kernel contained an out-of-bounds write vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35788, LP: #2023577) It was discovered that for some Intel processors the INVLPG instruction implementation did not properly flush global TLB entries when PCIDs are enabled. An attacker could use this to expose sensitive information (kernel memory) or possibly cause undesired behaviors. (LP: #2023220) Source: USN-6212-1: Linux kernel (Intel IoTG) vulnerabilities

USN-6211-1: Linux kernel (Azure) regression USN-6130-1 fixed vulnerabilities in the Linux kernel. Unfortunately, that update introduced a spurious warning in the IPv6 subsystem. This update removes the undesired warning message. Source: USN-6211-1: Linux kernel (Azure) regression

USN-6210-1: Doorkeeper vulnerability It was discovered that Doorkeeper incorrectly performed authorization checks for public clients that have been previous approved. An attacker could potentially exploit these in order to impersonate another user and obtain sensitive information. Source: USN-6210-1: Doorkeeper vulnerability

USN-6208-1: Gorilla WebSocket vulnerability It was discovered that Gorilla WebSocket incorrectly handled decoding WebSocket frames. An attacker could possibly use this issue to cause a crash, resulting in a denial of service. Source: USN-6208-1: Gorilla WebSocket vulnerability

USN-6207-1: Linux kernel (Intel IoTG) vulnerabilities It was discovered that the TUN/TAP driver in the Linux kernel did not properly initialize socket data. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-1076) It was discovered that the Real-Time Scheduling Class implementation in the Linux kernel contained a type confusion vulnerability in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-1077) It was discovered that the ASUS HID driver in the Linux kernel did not properly handle device removal, leading to a use-after-free vulnerability. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service (system crash). (CVE-2023-1079) It was discovered that the Xircom PCMCIA network device driver in the Linux kernel did not properly handle device removal [ more… ]