Nov. 21, 2023, 7:58 p.m. |

Ubuntu security notices

Yu Hao discovered that the UBI driver in the Linux kernel did not properly
check for MTD with zero erasesize during device attachment. A local
privileged attacker could use this to cause a denial of service (system
crash). (CVE-2023-31085)

Bien Pham discovered that the netfiler subsystem in the Linux kernel
contained a race condition, leading to a use-after-free vulnerability. A
local user could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2023-4244)

Maxim …

attachment attacker check crash cve denial of service device driver kernel linux linux kernel local privileged race race condition service subsystem system usn vulnerabilities

Security Specialist

@ Protect Democracy | Remote, US

Environmental Compliance Lead

@ EDF Energy | Bristol, GB

IT Consultant Network w/m/d Wireless (WiFi6, Mobilfunk 5G)

@ Computacenter | Berlin, DE, 12099

Senior - Cyber Infrastructure Protection

@ Deloitte | Madrid, España

GRC (Governance, Risk & Compliance) | 4 to 6 Years | Mumbai, Bengaluru & Chennai

@ Capgemini | Bengaluru, MH, IN

Technology Risk & Controls Advisory - Experienced Consultant

@ Wavestone | London, United Kingdom