all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

USN-6534-1: Linux kernel vulnerabilities

Add to bookmarks
Dec. 5, 2023, 11:21 p.m. |

Ubuntu security notices ubuntu.com

It was discovered that the USB subsystem in the Linux kernel contained a
race condition while handling device descriptors in certain situations,
leading to a out-of-bounds read vulnerability. A local attacker could
possibly use this to cause a denial of service (system crash).
(CVE-2023-37453)

Lin Ma discovered that the Netlink Transformation (XFRM) subsystem in the
Linux kernel did not properly initialize a policy data structure, leading
to an out-of-bounds vulnerability. A local privileged attacker could use
this to cause a …

attacker crash cve denial of service device handling kernel linux linux kernel local netlink out-of-bounds race race condition service subsystem system transformation usb usn vulnerabilities vulnerability

Visit resource

More from ubuntu.com / Ubuntu security notices

USN-6777-2: Linux kernel (Azure) vulnerabilities 3 hours ago | ubuntu.com
attacker azure broadcom crash +20
USN-6766-3: Linux kernel (AWS) vulnerabilities 4 hours ago | ubuntu.com
action attacker aws conditions +19
USN-6778-1: Linux kernel vulnerabilities 3 days, 23 hours ago | ubuntu.com
attacker broadcom crash cve +20
USN-6777-1: Linux kernel vulnerabilities 4 days ago | ubuntu.com
attacker broadcom crash cve +20
USN-6776-1: Linux kernel vulnerabilities 4 days ago | ubuntu.com
attacker broadcom crash cve +20
USN-6775-1: Linux kernel vulnerabilities 4 days, 1 hour ago | ubuntu.com
attacker broadcom crash cve +20
USN-6774-1: Linux kernel vulnerabilities 4 days, 3 hours ago | ubuntu.com
attacker broadcom crash cve +18
USN-6773-1: .NET vulnerabilities 4 days, 3 hours ago | ubuntu.com
attacker code code execution cve +10
USN-6766-2: Linux kernel vulnerabilities 5 days, 2 hours ago | ubuntu.com
action attacker conditions crash +19

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada
View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA
View on infosec-jobs.com

Senior Application Security Engineer

@ Austin Community College | HMO99: Field Office - MO Remote Location, Remote City, MO, 65043 USA
View on infosec-jobs.com

Sr. Information Assurance Security Analyst

@ SMS Data Products Group, Inc. | San Antonio, TX, United States
View on infosec-jobs.com

Product Cybersecurity Test Infrastructure Engineer (Remote)

@ SNC-Lavalin | HCT99: Field Office - CT Remote Location, Remote City, CT, 06101 USA
View on infosec-jobs.com