Ubuntu update for linux-bluefield



Published: 2023-09-27
Risk Low
Patch available YES
Number of vulnerabilities 3
CVE-ID CVE-2023-20588
CVE-2023-40283
CVE-2023-4128
CWE-ID CWE-369
CWE-416
Exploitation vector Local
Public exploit N/A
Vulnerable software
Subscribe
Ubuntu
Operating systems & Components / Operating system

linux-image-raspi2 (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-raspi (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-bluefield (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-5.4.0-1094-raspi (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-5.4.0-1071-bluefield (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-raspi-hwe-18.04 (Ubuntu package)
Operating systems & Components / Operating system package or component

Vendor Canonical Ltd.

Security Bulletin

This security bulletin contains information about 3 vulnerabilities.

1) Division by zero

EUVDB-ID: #VU79239

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2023-20588

CWE-ID:

Exploit availability:

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to a divide by zero error that can return speculative data. A local user can gain access to potentially sensitive information.

Mitigation

Update the affected package linux-bluefield to the latest version.

Vulnerable software versions

Ubuntu: 18.04 - 20.04

linux-image-raspi2 (Ubuntu package): before 5.4.0.1094.124

linux-image-raspi (Ubuntu package): before 5.4.0.1094.124

linux-image-bluefield (Ubuntu package): before 5.4.0.1071.66

linux-image-5.4.0-1094-raspi (Ubuntu package): before Ubuntu Pro

linux-image-5.4.0-1071-bluefield (Ubuntu package): before 5.4.0-1071.77

linux-image-raspi-hwe-18.04 (Ubuntu package): before Ubuntu Pro

Fixed software versions

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6387-2


Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

2) Use-after-free

EUVDB-ID: #VU79714

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2023-40283

CWE-ID:

Exploit availability:

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the l2cap_sock_release() function in net/bluetooth/l2cap_sock.c. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package linux-bluefield to the latest version.

Vulnerable software versions

Ubuntu: 18.04 - 20.04

linux-image-raspi2 (Ubuntu package): before 5.4.0.1094.124

linux-image-raspi (Ubuntu package): before 5.4.0.1094.124

linux-image-bluefield (Ubuntu package): before 5.4.0.1071.66

linux-image-5.4.0-1094-raspi (Ubuntu package): before Ubuntu Pro

linux-image-5.4.0-1071-bluefield (Ubuntu package): before 5.4.0-1071.77

linux-image-raspi-hwe-18.04 (Ubuntu package): before Ubuntu Pro

Fixed software versions

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6387-2


Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

3) Use-after-free

EUVDB-ID: #VU79486

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2023-4128

CWE-ID:

Exploit availability:

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within net/sched/cls_fw.c in classifiers (cls_fw, cls_u32, and cls_route) in the Linux Kernel. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package linux-bluefield to the latest version.

Vulnerable software versions

Ubuntu: 18.04 - 20.04

linux-image-raspi2 (Ubuntu package): before 5.4.0.1094.124

linux-image-raspi (Ubuntu package): before 5.4.0.1094.124

linux-image-bluefield (Ubuntu package): before 5.4.0.1071.66

linux-image-5.4.0-1094-raspi (Ubuntu package): before Ubuntu Pro

linux-image-5.4.0-1071-bluefield (Ubuntu package): before 5.4.0-1071.77

linux-image-raspi-hwe-18.04 (Ubuntu package): before Ubuntu Pro

Fixed software versions

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6387-2


Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###