all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

USN-6349-1: Linux kernel (Azure) vulnerabilities

Add to bookmarks
Sept. 6, 2023, 4:59 p.m. |

Ubuntu security notices ubuntu.com

Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did
not properly perform permissions checks when handling HCI sockets. A
physically proximate attacker could use this to cause a denial of service
(bluetooth communication). (CVE-2023-2002)

Zi Fan Tan discovered that the binder IPC implementation in the Linux
kernel contained a use-after-free vulnerability. A local attacker could use
this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2023-21255)

Juan Jose Lopez Jaimez, Meador Inge, …

attacker azure bluetooth communication cve denial of service fan free handling hci implementation ipc kernel linux linux kernel permissions service sockets subsystem use-after-free usn vulnerabilities vulnerability

Visit resource

More from ubuntu.com / Ubuntu security notices

USN-6757-2: PHP vulnerabilities 2 days, 4 hours ago | ubuntu.com
advisory arbitrary code attacker code +15
USN-6762-1: GNU C Library vulnerabilities 2 days, 7 hours ago | ubuntu.com
arbitrary code attacker attackers code +14
USN-6747-2: Firefox regressions 2 days, 17 hours ago | ubuntu.com
advisory attacker denial of service domains +14
USN-6760-1: Gerbv vulnerability 3 days, 21 hours ago | ubuntu.com
application attacker crash data +10
LSN-0103-1: Kernel Live Patch Security Notice 4 days, 9 hours ago | ubuntu.com
attacker con cve data +21
USN-6758-1: JSON5 vulnerability 4 days, 9 hours ago | ubuntu.com
access application attacker denial of service +12
USN-6761-1: Anope vulnerability 4 days, 12 hours ago | ubuntu.com
accounts attacker changing credentials +7
USN-6759-1: FreeRDP vulnerabilities 5 days, 3 hours ago | ubuntu.com
attacker crash denial of service issue +7
USN-6757-1: PHP vulnerabilities 5 days, 6 hours ago | ubuntu.com
arbitrary code attacker code cookie +15

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Senior Security Officer

@ eSimplicity | Remote
View on infosec-jobs.com

Senior - Automated Cyber Attack Engineer

@ Deloitte | Madrid, España
View on infosec-jobs.com

Public Key Infrastructure (PKI) Senior Engineer

@ Sherwin-Williams | Cleveland, OH, United States
View on infosec-jobs.com

Consultant, Technology Consulting, Cyber Security - Privacy (Senior) (Multiple Positions) (1502793)

@ EY | Chicago, IL, US, 60606
View on infosec-jobs.com

Principal Associate, CSOC Analyst

@ Capital One | McLean, VA
View on infosec-jobs.com

Real Estate Portfolio & Corporate Security Lead

@ Lilium | Munich
View on infosec-jobs.com
View more jobs