{"id":"USN-6454-2","summary":"linux-aws, linux-azure, linux-gcp, linux-oracle, linux-raspi vulnerabilities","details":"Kyle Zeng discovered that the netfilter subsystem in the Linux kernel\ncontained a race condition in IP set operations in certain situations. A\nlocal attacker could use this to cause a denial of service (system crash).\n(CVE-2023-42756)\n\nAlex Birnberg discovered that the netfilter subsystem in the Linux kernel\ndid not properly validate register length, leading to an out-of- bounds\nwrite vulnerability. A local attacker could possibly use this to cause a\ndenial of service (system crash). (CVE-2023-4881)\n\nIt was discovered that the Quick Fair Queueing scheduler implementation in\nthe Linux kernel did not properly handle network packets in certain\nconditions, leading to a use after free vulnerability. A local attacker\ncould use this to cause a denial of service (system crash) or possibly\nexecute arbitrary code. (CVE-2023-4921)\n\nKevin Rich discovered that the netfilter subsystem in the Linux kernel did\nnot properly handle removal of rules from chain bindings in certain\ncircumstances, leading to a use-after-free vulnerability. A local attacker\ncould possibly use this to cause a denial of service (system crash) or\nexecute arbitrary code. (CVE-2023-5197)\n","modified":"2026-02-04T04:29:56.731568Z","published":"2023-10-30T16:13:25.361824Z","related":["CVE-2023-42756","CVE-2023-4921","CVE-2023-5197","UBUNTU-CVE-2023-42756","UBUNTU-CVE-2023-4881","UBUNTU-CVE-2023-4921","UBUNTU-CVE-2023-5197"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-6454-2"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2023-4921"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2023-5197"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2023-42756"}],"affected":[{"package":{"name":"linux-aws","ecosystem":"Ubuntu:23.10","purl":"pkg:deb/ubuntu/linux-aws@6.5.0-1009.9?arch=source&distro=mantic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.5.0-1009.9"}]}],"versions":["6.2.0-1003.3","6.2.0-1004.4","6.5.0-1005.5","6.5.0-1007.7","6.5.0-1008.8"],"ecosystem_specific":{"binaries":[{"binary_name":"linux-aws-cloud-tools-6.5.0-1009","binary_version":"6.5.0-1009.9"},{"binary_name":"linux-aws-headers-6.5.0-1009","binary_version":"6.5.0-1009.9"},{"binary_name":"linux-aws-tools-6.5.0-1009","binary_version":"6.5.0-1009.9"},{"binary_name":"linux-buildinfo-6.5.0-1009-aws","binary_version":"6.5.0-1009.9"},{"binary_name":"linux-cloud-tools-6.5.0-1009-aws","binary_version":"6.5.0-1009.9"},{"binary_name":"linux-headers-6.5.0-1009-aws","binary_version":"6.5.0-1009.9"},{"binary_name":"linux-image-unsigned-6.5.0-1009-aws","binary_version":"6.5.0-1009.9"},{"binary_name":"linux-image-unsigned-6.5.0-1009-aws-dbgsym","binary_version":"6.5.0-1009.9"},{"binary_name":"linux-modules-6.5.0-1009-aws","binary_version":"6.5.0-1009.9"},{"binary_name":"linux-modules-extra-6.5.0-1009-aws","binary_version":"6.5.0-1009.9"},{"binary_name":"linux-tools-6.5.0-1009-aws","binary_version":"6.5.0-1009.9"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6454-2.json"}},{"package":{"name":"linux-azure","ecosystem":"Ubuntu:23.10","purl":"pkg:deb/ubuntu/linux-azure@6.5.0-1008.8?arch=source&distro=mantic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.5.0-1008.8"}]}],"versions":["6.2.0-1003.3","6.2.0-1004.4","6.5.0-1004.4","6.5.0-1006.6","6.5.0-1007.7"],"ecosystem_specific":{"binaries":[{"binary_name":"linux-azure-cloud-tools-6.5.0-1008","binary_version":"6.5.0-1008.8"},{"binary_name":"linux-azure-headers-6.5.0-1008","binary_version":"6.5.0-1008.8"},{"binary_name":"linux-azure-tools-6.5.0-1008","binary_version":"6.5.0-1008.8"},{"binary_name":"linux-buildinfo-6.5.0-1008-azure","binary_version":"6.5.0-1008.8"},{"binary_name":"linux-cloud-tools-6.5.0-1008-azure","binary_version":"6.5.0-1008.8"},{"binary_name":"linux-headers-6.5.0-1008-azure","binary_version":"6.5.0-1008.8"},{"binary_name":"linux-image-unsigned-6.5.0-1008-azure","binary_version":"6.5.0-1008.8"},{"binary_name":"linux-image-unsigned-6.5.0-1008-azure-dbgsym","binary_version":"6.5.0-1008.8"},{"binary_name":"linux-modules-6.5.0-1008-azure","binary_version":"6.5.0-1008.8"},{"binary_name":"linux-modules-extra-6.5.0-1008-azure","binary_version":"6.5.0-1008.8"},{"binary_name":"linux-modules-iwlwifi-6.5.0-1008-azure","binary_version":"6.5.0-1008.8"},{"binary_name":"linux-tools-6.5.0-1008-azure","binary_version":"6.5.0-1008.8"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6454-2.json"}},{"package":{"name":"linux-gcp","ecosystem":"Ubuntu:23.10","purl":"pkg:deb/ubuntu/linux-gcp@6.5.0-1008.8?arch=source&distro=mantic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.5.0-1008.8"}]}],"versions":["6.2.0-1005.5","6.2.0-1006.6","6.5.0-1004.4","6.5.0-1006.6","6.5.0-1007.7"],"ecosystem_specific":{"binaries":[{"binary_name":"linux-buildinfo-6.5.0-1008-gcp","binary_version":"6.5.0-1008.8"},{"binary_name":"linux-gcp-headers-6.5.0-1008","binary_version":"6.5.0-1008.8"},{"binary_name":"linux-gcp-tools-6.5.0-1008","binary_version":"6.5.0-1008.8"},{"binary_name":"linux-headers-6.5.0-1008-gcp","binary_version":"6.5.0-1008.8"},{"binary_name":"linux-image-unsigned-6.5.0-1008-gcp","binary_version":"6.5.0-1008.8"},{"binary_name":"linux-image-unsigned-6.5.0-1008-gcp-dbgsym","binary_version":"6.5.0-1008.8"},{"binary_name":"linux-modules-6.5.0-1008-gcp","binary_version":"6.5.0-1008.8"},{"binary_name":"linux-modules-extra-6.5.0-1008-gcp","binary_version":"6.5.0-1008.8"},{"binary_name":"linux-modules-iwlwifi-6.5.0-1008-gcp","binary_version":"6.5.0-1008.8"},{"binary_name":"linux-tools-6.5.0-1008-gcp","binary_version":"6.5.0-1008.8"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6454-2.json"}},{"package":{"name":"linux-oracle","ecosystem":"Ubuntu:23.10","purl":"pkg:deb/ubuntu/linux-oracle@6.5.0-1011.11?arch=source&distro=mantic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.5.0-1011.11"}]}],"versions":["6.2.0-1003.3","6.2.0-1004.4","6.5.0-1005.5","6.5.0-1009.9","6.5.0-1010.10"],"ecosystem_specific":{"binaries":[{"binary_name":"linux-buildinfo-6.5.0-1011-oracle","binary_version":"6.5.0-1011.11"},{"binary_name":"linux-headers-6.5.0-1011-oracle","binary_version":"6.5.0-1011.11"},{"binary_name":"linux-image-unsigned-6.5.0-1011-oracle","binary_version":"6.5.0-1011.11"},{"binary_name":"linux-image-unsigned-6.5.0-1011-oracle-dbgsym","binary_version":"6.5.0-1011.11"},{"binary_name":"linux-modules-6.5.0-1011-oracle","binary_version":"6.5.0-1011.11"},{"binary_name":"linux-modules-extra-6.5.0-1011-oracle","binary_version":"6.5.0-1011.11"},{"binary_name":"linux-modules-iwlwifi-6.5.0-1011-oracle","binary_version":"6.5.0-1011.11"},{"binary_name":"linux-oracle-headers-6.5.0-1011","binary_version":"6.5.0-1011.11"},{"binary_name":"linux-oracle-tools-6.5.0-1011","binary_version":"6.5.0-1011.11"},{"binary_name":"linux-tools-6.5.0-1011-oracle","binary_version":"6.5.0-1011.11"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6454-2.json"}},{"package":{"name":"linux-raspi","ecosystem":"Ubuntu:23.10","purl":"pkg:deb/ubuntu/linux-raspi@6.5.0-1006.8?arch=source&distro=mantic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.5.0-1006.8"}]}],"versions":["6.2.0-1004.5","6.5.0-1002.2","6.5.0-1003.4","6.5.0-1004.6","6.5.0-1005.7"],"ecosystem_specific":{"binaries":[{"binary_name":"linux-buildinfo-6.5.0-1006-raspi","binary_version":"6.5.0-1006.8"},{"binary_name":"linux-headers-6.5.0-1006-raspi","binary_version":"6.5.0-1006.8"},{"binary_name":"linux-image-6.5.0-1006-raspi","binary_version":"6.5.0-1006.8"},{"binary_name":"linux-image-6.5.0-1006-raspi-dbgsym","binary_version":"6.5.0-1006.8"},{"binary_name":"linux-modules-6.5.0-1006-raspi","binary_version":"6.5.0-1006.8"},{"binary_name":"linux-modules-extra-6.5.0-1006-raspi","binary_version":"6.5.0-1006.8"},{"binary_name":"linux-raspi-headers-6.5.0-1006","binary_version":"6.5.0-1006.8"},{"binary_name":"linux-raspi-tools-6.5.0-1006","binary_version":"6.5.0-1006.8"},{"binary_name":"linux-tools-6.5.0-1006-raspi","binary_version":"6.5.0-1006.8"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6454-2.json"}}],"schema_version":"1.7.3"}