what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

CVE-2023-4569

Status Candidate

Overview

A memory leak flaw was found in nft_set_catchall_flush in net/netfilter/nf_tables_api.c in the Linux Kernel. This issue may allow a local attacker to cause double-deactivations of catchall elements, which can result in a memory leak.

Related Files

Kernel Live Patch Security Notice LSN-0103-1
Posted May 1, 2024
Authored by Benjamin M. Romer

Lonial Con discovered that the netfilter subsystem in the Linux kernel contained a memory leak when handling certain element flush operations. A local attacker could use this to expose sensitive information (kernel memory). Xingyuan Mo discovered that the netfilter subsystem in the Linux kernel did not properly handle inactive elements in its PIPAPO data structure, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, memory leak
systems | linux
advisories | CVE-2023-4569, CVE-2023-51781, CVE-2023-6817, CVE-2024-0193, CVE-2024-1085, CVE-2024-1086, CVE-2024-26597
SHA-256 | 9e5eb976874c7a13fcf2a71119849f5abece485528a92084501d9c7e0d3b4529
Download | Favorite | View
Kernel Live Patch Security Notice LSN-0102-1
Posted Apr 9, 2024
Authored by Benjamin M. Romer

It was discovered that a race condition existed in the io_uring subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Lonial Con discovered that the netfilter subsystem in the Linux kernel contained a memory leak when handling certain element flush operations. A local attacker could use this to expose sensitive information (kernel memory). Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, memory leak
systems | linux
advisories | CVE-2023-1872, CVE-2023-4569, CVE-2023-51781, CVE-2023-6176, CVE-2024-0646, CVE-2024-1086
SHA-256 | 5d360530cd59a1d5483a776654fdfec33b0978f21c0af5d79f7f2f3fb4c9a39c
Download | Favorite | View
Ubuntu Security Notice USN-6386-3
Posted Oct 4, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6386-3 - Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. It was discovered that the bluetooth subsystem in the Linux kernel did not properly handle L2CAP socket release, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-20588, CVE-2023-40283, CVE-2023-4128, CVE-2023-4569
SHA-256 | 9e6acdc1fc5617ecd41b5df8f4a74a5d8fff08867f2f3ba7e58deb983fa599cf
Download | Favorite | View
Ubuntu Security Notice USN-6386-2
Posted Sep 29, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6386-2 - Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. It was discovered that the bluetooth subsystem in the Linux kernel did not properly handle L2CAP socket release, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-20588, CVE-2023-40283, CVE-2023-4128, CVE-2023-4569
SHA-256 | 7cd557b2e2e3d2b14432e8c2e2789eb58ccb6872a0ba1afc3e86b015c5384f97
Download | Favorite | View
Ubuntu Security Notice USN-6386-1
Posted Sep 20, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6386-1 - Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. It was discovered that the bluetooth subsystem in the Linux kernel did not properly handle L2CAP socket release, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-20588, CVE-2023-40283, CVE-2023-4128, CVE-2023-4569
SHA-256 | bb3fec09c344ab02a8e97c9b05a2f5ec011b794fb1ce3732497d718508ca5052
Download | Favorite | View
Ubuntu Security Notice USN-6384-1
Posted Sep 20, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6384-1 - Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. Lonial Con discovered that the netfilter subsystem in the Linux kernel contained a memory leak when handling certain element flush operations. A local attacker could use this to expose sensitive information.

tags | advisory, kernel, local, memory leak
systems | linux, ubuntu
advisories | CVE-2023-20588, CVE-2023-4569
SHA-256 | 86d4f986dbf26d2b8344d0f408ab0eb7fb4ec29c9e1181c7b908d23ecbd28bf5
Download | Favorite | View
Ubuntu Security Notice USN-6383-1
Posted Sep 20, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6383-1 - Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. It was discovered that the ARM64 KVM implementation in the Linux kernel did not properly restrict hypervisor memory access. An attacker in a guest VM could use this to execute arbitrary code in the host OS.

tags | advisory, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-20588, CVE-2023-21264, CVE-2023-40283, CVE-2023-4128, CVE-2023-4569
SHA-256 | c5be03314d6525a0dd88d31e6ba90e7d12a4b76d20a1e301e71a80a7805ade26
Download | Favorite | View
Page 1 of 1
Back1Next

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    0 Files
  • 10
    May 10th
    0 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    0 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    0 Files
  • 17
    May 17th
    0 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close