Ubuntu update for linux-aws



Published: 2024-01-26
Risk Low
Patch available YES
Number of vulnerabilities 3
CVE-ID CVE-2023-6606
CVE-2023-6931
CVE-2023-6932
CWE-ID CWE-125
CWE-787
CWE-416
Exploitation vector Local
Public exploit N/A
Vulnerable software
Subscribe
Ubuntu
Operating systems & Components / Operating system

linux-image-4.4.0-1165-aws (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-aws (Ubuntu package)
Operating systems & Components / Operating system package or component

Vendor Canonical Ltd.

Security Bulletin

This security bulletin contains information about 3 vulnerabilities.

1) Out-of-bounds read

EUVDB-ID: #VU85442

Risk: Low

CVSSv3.1: 6.2 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-6606

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to a boundary condition within the smbCalcSize() function in fs/smb/client/netmisc.c file. A local user can trigger an out-of-bounds read error and gain access to sensitive information or crash the kernel.

Mitigation

Update the affected package linux-aws to the latest version.

Vulnerable software versions

Ubuntu: 16.04

linux-image-4.4.0-1165-aws (Ubuntu package): before Ubuntu Pro

linux-image-aws (Ubuntu package): before Ubuntu Pro (Infra-only)

External links

http://ubuntu.com/security/notices/USN-6603-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Out-of-bounds write

EUVDB-ID: #VU85021

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-6931

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error in the Linux kernel's Performance Events system component. A local user can trigger an out-of-bounds write and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package linux-aws to the latest version.

Vulnerable software versions

Ubuntu: 16.04

linux-image-4.4.0-1165-aws (Ubuntu package): before Ubuntu Pro

linux-image-aws (Ubuntu package): before Ubuntu Pro (Infra-only)

External links

http://ubuntu.com/security/notices/USN-6603-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Use-after-free

EUVDB-ID: #VU84585

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-6932

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local authenticated user to execute arbitrary code.

The vulnerability exists due to a use-after-free error within the ipv4 igmp component in Linux kernel. A local authenticated user can trigger a use-after-free error and execute arbitrary code.

Mitigation

Update the affected package linux-aws to the latest version.

Vulnerable software versions

Ubuntu: 16.04

linux-image-4.4.0-1165-aws (Ubuntu package): before Ubuntu Pro

linux-image-aws (Ubuntu package): before Ubuntu Pro (Infra-only)

External links

http://ubuntu.com/security/notices/USN-6603-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###