CanonicalCVELIST:CVE-2023-2612CVE-2023-2612 shiftfs lock unbalance in Ubuntu-specific kernels
4.4 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
5.7 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%
Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu Linux kernel contained a race condition when handling inode locking in some situations. A local attacker could use this to cause a denial of service (kernel deadlock).
CNA Affected
[
{
"collectionURL": "https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/kinetic/refs/",
"packageName": "ubuntu-linux",
"platforms": [
"Linux"
],
"product": "ubuntu-linux",
"repo": "https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/kinetic/",
"vendor": "Canonical Ltd.",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "02b47547824b1cd0d55c6744f91886f04de8947e",
"versionType": "commit"
}
]
}
]References
packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSN-0095-1.html
git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/kinetic/commit/?id=02b47547824b1cd0d55c6744f91886f04de8947e
ubuntu.com/security/CVE-2023-2612
ubuntu.com/security/notices/USN-6122-1
ubuntu.com/security/notices/USN-6123-1
ubuntu.com/security/notices/USN-6124-1
ubuntu.com/security/notices/USN-6127-1
Related
4.4 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
5.7 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%