CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
46.8%
Jiasheng Jiang discovered that the HSA Linux kernel driver for AMD Radeon
GPU devices did not properly validate memory allocation in certain
situations, leading to a null pointer dereference vulnerability. A local
attacker could use this to cause a denial of service (system crash).
(CVE-2022-3108)
Zheng Wang discovered that the Intel i915 graphics driver in the Linux
kernel did not properly handle certain error conditions, leading to a
double-free. A local attacker could possibly use this to cause a denial of
service (system crash). (CVE-2022-3707)
It was discovered that the infrared transceiver USB driver did not properly
handle USB control messages. A local attacker with physical access could
plug in a specially crafted USB device to cause a denial of service (memory
exhaustion). (CVE-2022-3903)
Haowei Yan discovered that a race condition existed in the Layer 2
Tunneling Protocol (L2TP) implementation in the Linux kernel. A local
attacker could possibly use this to cause a denial of service (system
crash). (CVE-2022-4129)
Jordy Zomer and Alexandra Sandulescu discovered that syscalls invoking the
do_prlimit() function in the Linux kernel did not properly handle
speculative execution barriers. A local attacker could use this to expose
sensitive information (kernel memory). (CVE-2023-0458)
Jordy Zomer and Alexandra Sandulescu discovered that the Linux kernel did
not properly implement speculative execution barriers in usercopy functions
in certain situations. A local attacker could use this to expose sensitive
information (kernel memory). (CVE-2023-0459)
It was discovered that the Human Interface Device (HID) support driver in
the Linux kernel contained a type confusion vulnerability in some
situations. A local attacker could use this to cause a denial of service
(system crash). (CVE-2023-1073)
It was discovered that a memory leak existed in the SCTP protocol
implementation in the Linux kernel. A local attacker could use this to
cause a denial of service (memory exhaustion). (CVE-2023-1074)
It was discovered that the TLS subsystem in the Linux kernel contained a
type confusion vulnerability in some situations. A local attacker could use
this to cause a denial of service (system crash) or possibly expose
sensitive information. (CVE-2023-1075)
It was discovered that the TUN/TAP driver in the Linux kernel did not
properly initialize socket data. A local attacker could use this to cause a
denial of service (system crash). (CVE-2023-1076)
It was discovered that the Real-Time Scheduling Class implementation in the
Linux kernel contained a type confusion vulnerability in some situations. A
local attacker could use this to cause a denial of service (system crash).
(CVE-2023-1077)
It was discovered that the Reliable Datagram Sockets (RDS) protocol
implementation in the Linux kernel contained a type confusion vulnerability
in some situations. An attacker could use this to cause a denial of service
(system crash). (CVE-2023-1078)
It was discovered that the ASUS HID driver in the Linux kernel did not
properly handle device removal, leading to a use-after-free vulnerability.
A local attacker with physical access could plug in a specially crafted USB
device to cause a denial of service (system crash). (CVE-2023-1079)
Duoming Zhou discovered that a race condition existed in the infrared
receiver/transceiver driver in the Linux kernel, leading to a use-after-
free vulnerability. A privileged attacker could use this to cause a denial
of service (system crash) or possibly execute arbitrary code.
(CVE-2023-1118)
It was discovered that the Traffic-Control Index (TCINDEX) implementation
in the Linux kernel contained a use-after-free vulnerability. A local
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2023-1281)
It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux
kernel did not properly perform data buffer size validation in some
situations. A physically proximate attacker could use this to craft a
malicious USB device that when inserted, could cause a denial of service
(system crash) or possibly expose sensitive information. (CVE-2023-1380)
Xingyuan Mo discovered that the x86 KVM implementation in the Linux kernel
did not properly initialize some data structures. A local attacker could
use this to expose sensitive information (kernel memory). (CVE-2023-1513)
It was discovered that the Xircom PCMCIA network device driver in the Linux
kernel did not properly handle device removal events. A physically
proximate attacker could use this to cause a denial of service (system
crash). (CVE-2023-1670)
It was discovered that the Traffic-Control Index (TCINDEX) implementation
in the Linux kernel did not properly perform filter deactivation in some
situations. A local attacker could possibly use this to gain elevated
privileges. Please note that with the fix for this CVE, kernel support for
the TCINDEX classifier has been removed. (CVE-2023-1829)
It was discovered that a race condition existed in the Xen transport layer
implementation for the 9P file system protocol in the Linux kernel, leading
to a use-after-free vulnerability. A local attacker could use this to cause
a denial of service (guest crash) or expose sensitive information (guest
kernel memory). (CVE-2023-1859)
Jose Oliveira and Rodrigo Branco discovered that the Spectre Variant 2
mitigations with prctl syscall were insufficient in some situations. A
local attacker could possibly use this to expose sensitive information.
(CVE-2023-1998)
It was discovered that a use-after-free vulnerability existed in the iSCSI
TCP implementation in the Linux kernel. A local attacker could possibly use
this to cause a denial of service (system crash). (CVE-2023-2162)
It was discovered that the BigBen Interactive Kids’ gamepad driver in the
Linux kernel did not properly handle device removal, leading to a use-
after-free vulnerability. A local attacker with physical access could plug
in a specially crafted USB device to cause a denial of service (system
crash). (CVE-2023-25012)
Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu
Linux kernel contained a race condition when handling inode locking in some
situations. A local attacker could use this to cause a denial of service
(kernel deadlock). (CVE-2023-2612)
Lianhui Tang discovered that the MPLS implementation in the Linux kernel
did not properly handle certain sysctl allocation failure conditions,
leading to a double-free vulnerability. An attacker could use this to cause
a denial of service or possibly execute arbitrary code. (CVE-2023-26545)
It was discovered that a use-after-free vulnerability existed in the HFS+
file system implementation in the Linux kernel. A local attacker could
possibly use this to cause a denial of service (system crash).
(CVE-2023-2985)
Reima Ishii discovered that the nested KVM implementation for Intel x86
processors in the Linux kernel did not properly validate control registers
in certain situations. An attacker in a guest VM could use this to cause a
denial of service (guest crash). (CVE-2023-30456)
Gwangun Jung discovered that the Quick Fair Queueing scheduler
implementation in the Linux kernel contained an out-of-bounds write
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2023-31436)
Sanan Hasanov discovered that the framebuffer console driver in the Linux
kernel did not properly perform checks for font dimension limits. A local
attacker could use this to cause a denial of service (system crash).
(CVE-2023-3161)
Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in
the netfilter subsystem of the Linux kernel when processing batch requests,
leading to a use-after-free vulnerability. A local attacker could use this
to cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2023-32233)
It was discovered that the NET/ROM protocol implementation in the Linux
kernel contained a race condition in some situations, leading to a use-
after-free vulnerability. A local attacker could use this to cause a denial
of service (system crash) or possibly execute arbitrary code.
(CVE-2023-32269)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 20.04 | noarch | linux-image-5.4.0-1024-xilinx-zynqmp | < 5.4.0-1024.28 | UNKNOWN |
Ubuntu | 20.04 | noarch | linux-buildinfo-5.4.0-1024-xilinx-zynqmp | < 5.4.0-1024.28 | UNKNOWN |
Ubuntu | 20.04 | noarch | linux-headers-5.4.0-1024-xilinx-zynqmp | < 5.4.0-1024.28 | UNKNOWN |
Ubuntu | 20.04 | noarch | linux-image-5.4.0-1024-xilinx-zynqmp-dbgsym | < 5.4.0-1024.28 | UNKNOWN |
Ubuntu | 20.04 | noarch | linux-modules-5.4.0-1024-xilinx-zynqmp | < 5.4.0-1024.28 | UNKNOWN |
Ubuntu | 20.04 | noarch | linux-tools-5.4.0-1024-xilinx-zynqmp | < 5.4.0-1024.28 | UNKNOWN |
Ubuntu | 20.04 | noarch | linux-xilinx-zynqmp-headers-5.4.0-1024 | < 5.4.0-1024.28 | UNKNOWN |
Ubuntu | 20.04 | noarch | linux-xilinx-zynqmp-tools-5.4.0-1024 | < 5.4.0-1024.28 | UNKNOWN |
Ubuntu | 20.04 | noarch | linux-image-xilinx-zynqmp | < 5.4.0.1024.27 | UNKNOWN |
Ubuntu | 20.04 | noarch | linux-headers-xilinx-zynqmp | < 5.4.0.1024.27 | UNKNOWN |
ubuntu.com/security/CVE-2022-3108
ubuntu.com/security/CVE-2022-3707
ubuntu.com/security/CVE-2022-3903
ubuntu.com/security/CVE-2022-4129
ubuntu.com/security/CVE-2023-0458
ubuntu.com/security/CVE-2023-0459
ubuntu.com/security/CVE-2023-1073
ubuntu.com/security/CVE-2023-1074
ubuntu.com/security/CVE-2023-1075
ubuntu.com/security/CVE-2023-1076
ubuntu.com/security/CVE-2023-1077
ubuntu.com/security/CVE-2023-1078
ubuntu.com/security/CVE-2023-1079
ubuntu.com/security/CVE-2023-1118
ubuntu.com/security/CVE-2023-1281
ubuntu.com/security/CVE-2023-1380
ubuntu.com/security/CVE-2023-1513
ubuntu.com/security/CVE-2023-1670
ubuntu.com/security/CVE-2023-1829
ubuntu.com/security/CVE-2023-1859
ubuntu.com/security/CVE-2023-1998
ubuntu.com/security/CVE-2023-2162
ubuntu.com/security/CVE-2023-25012
ubuntu.com/security/CVE-2023-2612
ubuntu.com/security/CVE-2023-26545
ubuntu.com/security/CVE-2023-2985
ubuntu.com/security/CVE-2023-30456
ubuntu.com/security/CVE-2023-31436
ubuntu.com/security/CVE-2023-3161
ubuntu.com/security/CVE-2023-32233
ubuntu.com/security/CVE-2023-32269