USN-5939-1: Linux kernel (GCP) vulnerabilities

Mar 8, 2023 10:00 pm Cyber Security 129

Releases


Packages


  • linux-gcp-5.4 - Linux kernel for Google Cloud Platform (GCP) systems

    • Details


    It was discovered that the Upper Level Protocol (ULP) subsystem in theLinux kernel did not properly handle sockets entering the LISTEN state incertain protocols, leading to a use-after-free vulnerability. A localattacker could use this to cause a denial of service (system crash) orpossibly execute arbitrary code. (CVE-2023-0461)


    It was discovered that the NVMe driver in the Linux kernel did not properlyhandle reset events in some situations. A local attacker could use this tocause a denial of service (system crash). (CVE-2022-3169)


    It was discovered that a use-after-free vulnerability existed in the SGIGRU driver in the Linux kernel. A local attacker could possibly use this tocause a denial of service (system crash) or possibly execute arbitrarycode. (CVE-2022-3424)


    Gwangun Jung discovered a race condition in the IPv4 implementation in theLinux kernel when deleting multipath routes, resulting in an out-of-boundsread. An attacker could use this to cause a denial of service (systemcrash) or possibly expose sensitive information (kernel memory).(CVE-2022-3435)


    It was discovered that a race condition existed in the Kernel ConnectionMultiplexor (KCM) socket implementation in the Linux kernel when releasingsockets in certain situations. A local attacker could use this to cause adenial of service (system crash). (CVE-2022-3521)


    It was discovered that the Netronome Ethernet driver in the Linux ..

    Support the originator by clicking the read the rest link below.

    linux kernel vulnerabilities
    Read The Rest from the original source
    ubuntu.com

    Related News

    Be in Touch

    All Rights Reserved #1 Source for Cyber Security News, Reports and Threat Intelligence
    Powered By The Internet!!!!