Bugs fixes in "linux-oem-6.0"

Origin Bug number Title Date fixed
CVE CVE-2023-1075 A flaw was found in the Linux Kernel. The tls_is_tx_ready() incorrectly checks for list emptiness, potentially accessing a type confused entry to the 2023-09-19
CVE CVE-2023-1380 A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel. 2023-09-19
CVE CVE-2023-2269 A denial of service problem was found, due to a possible recursive locking scenario, resulting in a deadlock in table_clear in drivers/md/dm-ioctl.c 2023-09-19
CVE CVE-2023-0458 A speculative pointer dereference problem exists in the Linux Kernel on the do_prlimit() function. The resource argument value is controlled and is u 2023-09-19
CVE CVE-2023-28328 A NULL pointer dereference flaw was found in the az6027 driver in drivers/media/usb/dev-usb/az6027.c in the Linux Kernel. The message from user space 2023-09-19
CVE CVE-2023-2898 There is a null-pointer-dereference flaw found in f2fs_write_end_io in fs/f2fs/data.c in the Linux kernel. This flaw allows a local privileged user t 2023-09-19
CVE CVE-2023-32269 An issue was discovered in the Linux kernel before 6.1.11. In net/netrom/af_netrom.c, there is a use-after-free because accept is also allowed for a 2023-09-19
CVE CVE-2023-31436 qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed QFQ_MIN_LMAX. 2023-09-19
CVE CVE-2023-2162 A use-after-free vulnerability was found in iscsi_sw_tcp_session_create in drivers/scsi/iscsi_tcp.c in SCSI sub-component in the Linux Kernel. In thi 2023-09-19
CVE CVE-2023-4004 A use-after-free flaw was found in the Linux kernel's netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a 2023-09-19
CVE CVE-2023-20593 An issue in \u201cZen 2\u201d CPUs, under specific microarchitectural ... 2023-09-19
CVE CVE-2023-3777 netfilter: nf_tables: skip bound chain on rule flush 2023-09-19
CVE CVE-2023-3995 ** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is a duplicate of CVE-2023-4147. 2023-09-19
CVE CVE-2023-4015 netfilter: nf_tables: skip immediate deactivate in _PREPARE_ERROR 2023-09-19
CVE CVE-2023-2002 A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. This f 2023-09-19
CVE CVE-2023-2163 bpf: Fix incorrect verifier pruning due to missing register precision taints 2023-09-19
CVE CVE-2023-28466 do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition (with a resultant use-a 2023-09-19
CVE CVE-2022-4269 A flaw was found in the Linux kernel Traffic Control (TC) subsystem. Using a specific networking configuration (redirecting egress packets to ingress 2023-09-19
CVE CVE-2023-3220 An issue was discovered in the Linux kernel through 6.1-rc8. dpu_crtc_atomic_check in drivers/gpu/drm/msm/disp/dpu1/dpu_crtc.c lacks check of the ret 2023-09-19
CVE CVE-2023-3141 A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a local attacker 2023-09-19

About   -   Send Feedback to @ubuntu_updates