Releases
Packages
Details
It was discovered that the IPv6 implementation in the Linux kernelcontained a high rate of hash collisions in connection lookup table. Aremote attacker could use this to cause a denial of service (excessive CPUconsumption). (CVE-2023-1206)
Ross Lagerwall discovered that the Xen netback backend driver in the Linuxkernel did not properly handle certain unusual packets from aparavirtualized network frontend, leading to a buffer overflow. An attackerin a guest VM could use this to cause a denial of service (host systemcrash) or possibly execute arbitrary code. (CVE-2023-34319)
It was discovered that the bluetooth subsystem in the Linux kernel did notproperly handle L2CAP socket release, leading to a use-after-freevulnerability. A local attacker could use this to cause a denial of service(system crash) or possibly execute arbitrary code. (CVE-2023-40283)
It was discovered that some network classifier implementations in the Linuxkernel contained use-after-free vulnerabilities. A local attacker could usethis to cause a denial of service (system crash) or possibly executearbitrary code. (CVE-2023-4128)
Andy Nguyen discovered that the KVM implementation for AMD processors inthe Linux kernel with Secure Encrypted Virtualization (SEV) contained arace condition when accessing the GHCB page. A local attacker in a SEVguest VM could possibly use this to cause a denial of service (host systemcrash). (CVE-2023-4155)
It was discovered that the TUN/TAP driver in the Linux kernel did notproperly initialize socket data. A local attacker could use this to cause ..
Support the originator by clicking the read the rest link below.
