all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

USN-5976-1: Linux kernel (OEM) vulnerabilities

Add to bookmarks
March 27, 2023, 10:26 p.m. |

Ubuntu security notices ubuntu.com

It was discovered that the Upper Level Protocol (ULP) subsystem in the
Linux kernel did not properly handle sockets entering the LISTEN state in
certain protocols, leading to a use-after-free vulnerability. A local
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2023-0461)

It was discovered that the KVM VMX implementation in the Linux kernel did
not properly handle indirect branch prediction isolation between L1 and L2
VMs. An attacker in a …

code crash cve denial of service free host information isolation kernel linux linux kernel local oem prediction protocol protocols sensitive information service sockets state subsystem system use-after-free usn vms vmx vulnerabilities vulnerability

Visit resource

More from ubuntu.com / Ubuntu security notices

USN-6750-1: Thunderbird vulnerabilities 8 hours ago | ubuntu.com
arbitrary code attacker browsing bypass +19
USN-6743-3: Linux kernel (Azure) vulnerabilities 13 hours ago | ubuntu.com
attacker azure bpf compromise +16
USN-6657-2: Dnsmasq vulnerabilities 16 hours ago | ubuntu.com
advisory attacker dnsmasq dnssec +10
USN-6749-1: FreeRDP vulnerabilities 18 hours ago | ubuntu.com
arbitrary code attacker code context +12
USN-6748-1: Sanitize vulnerabilities 1 day, 6 hours ago | ubuntu.com
attack attacker cross-site cve +9
USN-6747-1: Firefox vulnerabilities 1 day, 7 hours ago | ubuntu.com
arbitrary code attacker code cve +16
USN-6742-2: Linux kernel vulnerabilities 1 day, 18 hours ago | ubuntu.com
attacker authentication bluetooth connections +14
USN-6746-1: Google Guest Agent and Google OS Config Agent vulnerability 2 days ago | ubuntu.com
agent attacker config denial of service +7
USN-6728-3: Squid vulnerability 2 days ago | ubuntu.com
advisory crash cve disabled +12

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Cyber Systems Administration

@ Peraton | Washington, DC, United States
View on infosec-jobs.com

Android Security Engineer, Public Sector

@ Google | Reston, VA, USA
View on infosec-jobs.com

Lead Electronic Security Engineer, CPP - Federal Facilities - Hybrid

@ Black & Veatch | Denver, CO, US
View on infosec-jobs.com

Profissional Sênior de Compliance & Validação em TI - Montes Claros (MG)

@ Novo Nordisk | Montes Claros, Minas Gerais, BR
View on infosec-jobs.com

Principal Engineer, Product Security Engineering

@ Google | Sunnyvale, CA, USA
View on infosec-jobs.com
View more jobs