usn-6635-1
Vulnerability from osv_ubuntu
Published
2024-02-14 08:17
Modified
2026-06-03 10:45
Summary
linux-gcp-6.2 vulnerabilities
Details

It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors in certain situations, leading to a out-of-bounds read vulnerability. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-37453)

Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate some attributes passed from userspace. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2023-39189)

Sunjoo Park discovered that the netfilter subsystem in the Linux kernel did not properly validate u32 packets content, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39192)

Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate SCTP data, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39193)

Kyle Zeng discovered that the IPv4 implementation in the Linux kernel did not properly handle socket buffers (skb) when performing IP routing in certain circumstances, leading to a null pointer dereference vulnerability. A privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-42754)

Jason Wang discovered that the virtio ring implementation in the Linux kernel did not properly handle iov buffers in some situations. A local attacker in a guest VM could use this to cause a denial of service (host system crash). (CVE-2023-5158)

Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly handle queue initialization failures in certain situations, leading to a use-after-free vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-5178)

Budimir Markovic discovered that the perf subsystem in the Linux kernel did not properly handle event groups, leading to an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-5717)

It was discovered that the CIFS network file system implementation in the Linux kernel did not properly validate the server frame size in certain situation, leading to an out-of-bounds read vulnerability. An attacker could use this to construct a malicious CIFS image that, when operated on, could cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-6606)

Xingyuan Mo discovered that the netfilter subsystem in the Linux kernel did not properly handle inactive elements in its PIPAPO data structure, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6817)

Budimir Markovic, Lucas De Marchi, and Pengfei Xu discovered that the perf subsystem in the Linux kernel did not properly validate all event sizes when attaching new events, leading to an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6931)

It was discovered that the IGMP protocol implementation in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6932)

Kevin Rich discovered that the netfilter subsystem in the Linux kernel did not properly check deactivated elements in certain situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-0193)


{
  "affected": [
    {
      "database_specific": {
        "cves_map": {
          "cves": [
            {
              "id": "CVE-2023-5158",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2023-5178",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2023-5717",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2023-6606",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2023-6817",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "high",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2023-6931",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "high",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2023-6932",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "high",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2023-37453",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2023-39189",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:L",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2023-39192",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2023-39193",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2023-42754",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2024-0193",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "high",
                  "type": "Ubuntu"
                }
              ]
            }
          ],
          "ecosystem": "Ubuntu:22.04:LTS"
        }
      },
      "ecosystem_specific": {
        "availability": "No subscription required",
        "binaries": [
          {
            "binary_name": "linux-buildinfo-6.2.0-1021-gcp",
            "binary_version": "6.2.0-1021.23~22.04.1"
          },
          {
            "binary_name": "linux-gcp-6.2-headers-6.2.0-1021",
            "binary_version": "6.2.0-1021.23~22.04.1"
          },
          {
            "binary_name": "linux-gcp-6.2-tools-6.2.0-1021",
            "binary_version": "6.2.0-1021.23~22.04.1"
          },
          {
            "binary_name": "linux-headers-6.2.0-1021-gcp",
            "binary_version": "6.2.0-1021.23~22.04.1"
          },
          {
            "binary_name": "linux-image-unsigned-6.2.0-1021-gcp",
            "binary_version": "6.2.0-1021.23~22.04.1"
          },
          {
            "binary_name": "linux-modules-6.2.0-1021-gcp",
            "binary_version": "6.2.0-1021.23~22.04.1"
          },
          {
            "binary_name": "linux-modules-extra-6.2.0-1021-gcp",
            "binary_version": "6.2.0-1021.23~22.04.1"
          },
          {
            "binary_name": "linux-tools-6.2.0-1021-gcp",
            "binary_version": "6.2.0-1021.23~22.04.1"
          }
        ]
      },
      "package": {
        "ecosystem": "Ubuntu:22.04:LTS",
        "name": "linux-gcp-6.2",
        "purl": "pkg:deb/ubuntu/linux-gcp-6.2@6.2.0-1021.23~22.04.1?arch=source\u0026distro=jammy"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.2.0-1021.23~22.04.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "6.2.0-1009.9~22.04.3",
        "6.2.0-1010.10~22.04.1",
        "6.2.0-1011.11~22.04.1",
        "6.2.0-1011.11~22.04.3",
        "6.2.0-1012.12~22.04.1",
        "6.2.0-1013.13~22.04.1",
        "6.2.0-1014.14~22.04.1",
        "6.2.0-1016.18~22.04.1",
        "6.2.0-1017.19~22.04.1",
        "6.2.0-1018.20~22.04.1",
        "6.2.0-1019.21~22.04.1"
      ]
    }
  ],
  "aliases": [],
  "details": "It was discovered that the USB subsystem in the Linux kernel contained a\nrace condition while handling device descriptors in certain situations,\nleading to a out-of-bounds read vulnerability. A local attacker could\npossibly use this to cause a denial of service (system crash).\n(CVE-2023-37453)\n\nLucas Leong discovered that the netfilter subsystem in the Linux kernel did\nnot properly validate some attributes passed from userspace. A local\nattacker could use this to cause a denial of service (system crash) or\npossibly expose sensitive information (kernel memory). (CVE-2023-39189)\n\nSunjoo Park discovered that the netfilter subsystem in the Linux kernel did\nnot properly validate u32 packets content, leading to an out-of-bounds read\nvulnerability. A local attacker could use this to cause a denial of service\n(system crash) or possibly expose sensitive information. (CVE-2023-39192)\n\nLucas Leong discovered that the netfilter subsystem in the Linux kernel did\nnot properly validate SCTP data, leading to an out-of-bounds read\nvulnerability. A local attacker could use this to cause a denial of service\n(system crash) or possibly expose sensitive information. (CVE-2023-39193)\n\nKyle Zeng discovered that the IPv4 implementation in the Linux kernel did\nnot properly handle socket buffers (skb) when performing IP routing in\ncertain circumstances, leading to a null pointer dereference vulnerability.\nA privileged attacker could use this to cause a denial of service (system\ncrash). (CVE-2023-42754)\n\nJason Wang discovered that the virtio ring implementation in the Linux\nkernel did not properly handle iov buffers in some situations. A local\nattacker in a guest VM could use this to cause a denial of service (host\nsystem crash). (CVE-2023-5158)\n\nAlon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel\ndid not properly handle queue initialization failures in certain\nsituations, leading to a use-after-free vulnerability. A remote attacker\ncould use this to cause a denial of service (system crash) or possibly\nexecute arbitrary code. (CVE-2023-5178)\n\nBudimir Markovic discovered that the perf subsystem in the Linux kernel did\nnot properly handle event groups, leading to an out-of-bounds write\nvulnerability. A local attacker could use this to cause a denial of service\n(system crash) or possibly execute arbitrary code. (CVE-2023-5717)\n\nIt was discovered that the CIFS network file system implementation in the\nLinux kernel did not properly validate the server frame size in certain\nsituation, leading to an out-of-bounds read vulnerability. An attacker\ncould use this to construct a malicious CIFS image that, when operated on,\ncould cause a denial of service (system crash) or possibly expose sensitive\ninformation. (CVE-2023-6606)\n\nXingyuan Mo discovered that the netfilter subsystem in the Linux kernel did\nnot properly handle inactive elements in its PIPAPO data structure, leading\nto a use-after-free vulnerability. A local attacker could use this to cause\na denial of service (system crash) or possibly execute arbitrary code.\n(CVE-2023-6817)\n\nBudimir Markovic, Lucas De Marchi, and Pengfei Xu discovered that the perf\nsubsystem in the Linux kernel did not properly validate all event sizes\nwhen attaching new events, leading to an out-of-bounds write vulnerability.\nA local attacker could use this to cause a denial of service (system crash)\nor possibly execute arbitrary code. (CVE-2023-6931)\n\nIt was discovered that the IGMP protocol implementation in the Linux kernel\ncontained a race condition, leading to a use-after-free vulnerability. A\nlocal attacker could use this to cause a denial of service (system crash)\nor possibly execute arbitrary code. (CVE-2023-6932)\n\nKevin Rich discovered that the netfilter subsystem in the Linux kernel did\nnot properly check deactivated elements in certain situations, leading to a\nuse-after-free vulnerability. A local attacker could use this to cause a\ndenial of service (system crash) or possibly execute arbitrary code.\n(CVE-2024-0193)\n",
  "id": "USN-6635-1",
  "modified": "2026-06-03T10:45:37Z",
  "published": "2024-02-14T08:17:09Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://ubuntu.com/security/notices/USN-6635-1"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2023-5158"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2023-5178"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2023-5717"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2023-6606"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2023-6817"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2023-6931"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2023-6932"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2023-37453"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2023-39189"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2023-39192"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2023-39193"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2023-42754"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2024-0193"
    }
  ],
  "related": [],
  "schema_version": "1.7.0",
  "summary": "linux-gcp-6.2 vulnerabilities",
  "upstream": [
    "UBUNTU-CVE-2023-5158",
    "UBUNTU-CVE-2023-5178",
    "UBUNTU-CVE-2023-5717",
    "UBUNTU-CVE-2023-6606",
    "UBUNTU-CVE-2023-6817",
    "UBUNTU-CVE-2023-6931",
    "UBUNTU-CVE-2023-6932",
    "UBUNTU-CVE-2023-37453",
    "UBUNTU-CVE-2023-39189",
    "UBUNTU-CVE-2023-39192",
    "UBUNTU-CVE-2023-39193",
    "UBUNTU-CVE-2023-42754",
    "UBUNTU-CVE-2024-0193"
  ]
}



Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…