USN-6031-1: Linux kernel (OEM) vulnerabilities<\/p>\n
It was discovered that the Traffic-Control Index (TCINDEX) implementation
\nin the Linux kernel contained a use-after-free vulnerability. A local
\nattacker could use this to cause a denial of service (system crash) or
\npossibly execute arbitrary code. (CVE-2023-1281)<\/p>\n
It was discovered that the Integrity Measurement Architecture (IMA)
\nimplementation in the Linux kernel did not properly enforce policy in
\ncertain conditions. A privileged attacker could use this to bypass Kernel
\nlockdown restrictions. (CVE-2022-21505)<\/p>\n
It was discovered that the infrared transceiver USB driver did not properly
\nhandle USB control messages. A local attacker with physical access could
\nplug in a specially crafted USB device to cause a denial of service (memory
\nexhaustion). (CVE-2022-3903)<\/p>\n
It was discovered that a race condition existed in the SMSC UFX USB driver
\nimplementation in the Linux kernel, leading to a use-after-free
\nvulnerability. A physically proximate attacker could use this to cause a
\ndenial of service (system crash) or possibly execute arbitrary code.
\n(CVE-2022-41849)<\/p>\n
Gerald Lee discovered that the USB Gadget file system implementation in the
\nLinux kernel contained a race condition, leading to a use-after-free
\nvulnerability in some situations. A local attacker could use this to cause
\na denial of service (system crash) or possibly execute arbitrary code.
\n(CVE-2022-4382)<\/p>\n
It was discovered that a memory leak existed in the SCTP protocol
\nimplementation in the Linux kernel. A local attacker could use this to
\ncause a denial of service (memory exhaustion). (CVE-2023-1074)<\/p>\n
Mingi Cho discovered that the netfilter subsystem in the Linux kernel did
\nnot properly initialize a data structure, leading to a null pointer
\ndereference vulnerability. An attacker could use this to cause a denial of
\nservice (system crash). (CVE-2023-1095)<\/p>\n
It was discovered that the RNDIS USB driver in the Linux kernel contained
\nan integer overflow vulnerability. A local attacker with physical access
\ncould plug in a malicious USB device to cause a denial of service (system
\ncrash) or possibly execute arbitrary code. (CVE-2023-23559)<\/p>\n
It was discovered that the NTFS file system implementation in the Linux
\nkernel did not properly validate attributes in certain situations, leading
\nto an out-of-bounds read vulnerability. A local attacker could possibly use
\nthis to expose sensitive information (kernel memory). (CVE-2023-26607)<\/p>\n
Duoming Zhou discovered that a race condition existed in the infrared USN-6031-1: Linux kernel (OEM) vulnerabilities It was discovered that the Traffic-Control Index (TCINDEX) implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-1281) It was discovered that the Integrity Measurement Architecture (IMA) implementation in the Linux kernel did not properly enforce policy in certain conditions. A privileged attacker could use this to bypass Kernel lockdown restrictions. (CVE-2022-21505) It was discovered that the infrared transceiver USB driver did not properly handle USB control messages. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service (memory exhaustion). (CVE-2022-3903) It was discovered that a race condition existed in the SMSC UFX USB driver implementation in the Linux kernel, leading to a use-after-free vulnerability. A [ more… ]<\/a><\/p>\n<\/div>","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[586],"tags":[587],"class_list":["post-51033","post","type-post","status-publish","format-standard","hentry","category-ubuntu-usn","tag-ubuntu-usn"],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts\/51033","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/comments?post=51033"}],"version-history":[{"count":1,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts\/51033\/revisions"}],"predecessor-version":[{"id":51034,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts\/51033\/revisions\/51034"}],"wp:attachment":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/media?parent=51033"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/categories?post=51033"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/tags?post=51033"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
\nreceiver\/transceiver driver in the Linux kernel, leading to a use-after-
\nfree vulnerability. A privileged attacker could use this to cause a denial
\nof service (system crash) or possibly execute arbitrary code.
\n(CVE-2023-1118)
\nSource: USN-6031-1: Linux kernel (OEM) vulnerabilities<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"