Ubuntu update for linux-bluefield

1) Division by zero

EUVDB-ID: #VU79239

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2023-20588

CWE-ID:

Exploit availability:

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to a divide by zero error that can return speculative data. A local user can gain access to potentially sensitive information.

Mitigation

Update the affected package linux-bluefield to the latest version.

Vulnerable software versions

Ubuntu: 18.04 - 20.04

linux-image-raspi2 (Ubuntu package): before 5.4.0.1094.124

linux-image-raspi (Ubuntu package): before 5.4.0.1094.124

linux-image-bluefield (Ubuntu package): before 5.4.0.1071.66

linux-image-5.4.0-1094-raspi (Ubuntu package): before Ubuntu Pro

linux-image-5.4.0-1071-bluefield (Ubuntu package): before 5.4.0-1071.77

linux-image-raspi-hwe-18.04 (Ubuntu package): before Ubuntu Pro

Fixed software versions

CPE2.3

• cpe:2.3:o:canonical:ubuntu:20.04:*:*:*:*:*:*:*

External links

http://ubuntu.com/security/notices/USN-6387-2

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

2) Use-after-free

EUVDB-ID: #VU79714

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2023-40283

CWE-ID:

Exploit availability:

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the l2cap_sock_release() function in net/bluetooth/l2cap_sock.c. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package linux-bluefield to the latest version.

Vulnerable software versions

Ubuntu: 18.04 - 20.04

linux-image-raspi2 (Ubuntu package): before 5.4.0.1094.124

linux-image-raspi (Ubuntu package): before 5.4.0.1094.124

linux-image-bluefield (Ubuntu package): before 5.4.0.1071.66

linux-image-5.4.0-1094-raspi (Ubuntu package): before Ubuntu Pro

linux-image-5.4.0-1071-bluefield (Ubuntu package): before 5.4.0-1071.77

linux-image-raspi-hwe-18.04 (Ubuntu package): before Ubuntu Pro

Fixed software versions

CPE2.3

• cpe:2.3:o:canonical:ubuntu:20.04:*:*:*:*:*:*:*

External links

http://ubuntu.com/security/notices/USN-6387-2

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

3) Use-after-free

EUVDB-ID: #VU79486

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2023-4128

CWE-ID:

Exploit availability:

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within net/sched/cls_fw.c in classifiers (cls_fw, cls_u32, and cls_route) in the Linux Kernel. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package linux-bluefield to the latest version.

Vulnerable software versions

Ubuntu: 18.04 - 20.04

linux-image-raspi2 (Ubuntu package): before 5.4.0.1094.124

linux-image-raspi (Ubuntu package): before 5.4.0.1094.124

linux-image-bluefield (Ubuntu package): before 5.4.0.1071.66

linux-image-5.4.0-1094-raspi (Ubuntu package): before Ubuntu Pro

linux-image-5.4.0-1071-bluefield (Ubuntu package): before 5.4.0-1071.77

linux-image-raspi-hwe-18.04 (Ubuntu package): before Ubuntu Pro

Fixed software versions

CPE2.3

• cpe:2.3:o:canonical:ubuntu:20.04:*:*:*:*:*:*:*

External links

http://ubuntu.com/security/notices/USN-6387-2

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?