CVE-2023-21264

Related Files

Ubuntu Security Notice USN-6466-1

Posted Nov 13, 2023

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6466-1 - Hyunwoo Kim discovered that the DVB Core driver in the Linux kernel contained a race condition during device removal, leading to a use-after- free vulnerability. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code. Hyunwoo Kim discovered that the Technotrend/Hauppauge USB DEC driver in the Linux kernel did not properly handle device removal events. A physically proximate attacker could use this to cause a denial of service.

tags | advisory, denial of service, arbitrary, kernel

systems | linux, ubuntu

advisories | CVE-2022-45886, CVE-2022-45887, CVE-2022-48425, CVE-2023-1206, CVE-2023-20569, CVE-2023-20588, CVE-2023-21264, CVE-2023-2156, CVE-2023-31083, CVE-2023-3212, CVE-2023-34319, CVE-2023-3772, CVE-2023-38427, CVE-2023-38430

SHA-256 | d231e9eb22491a28681d89631f3af4b06d452c694529f3f61e5a1f1f2333a3c8

Download | Favorite | View

Ubuntu Security Notice USN-6383-1

Posted Sep 20, 2023

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6383-1 - Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. It was discovered that the ARM64 KVM implementation in the Linux kernel did not properly restrict hypervisor memory access. An attacker in a guest VM could use this to execute arbitrary code in the host OS.

tags | advisory, arbitrary, kernel, local

systems | linux, ubuntu

advisories | CVE-2023-20588, CVE-2023-21264, CVE-2023-40283, CVE-2023-4128, CVE-2023-4569

SHA-256 | c5be03314d6525a0dd88d31e6ba90e7d12a4b76d20a1e301e71a80a7805ade26

Download | Favorite | View