usn-6603-1
Vulnerability from osv_ubuntu
Published
2024-01-25 20:24
Modified
2026-06-25 10:46
Summary
linux-aws vulnerabilities
Details

It was discovered that the CIFS network file system implementation in the Linux kernel did not properly validate the server frame size in certain situation, leading to an out-of-bounds read vulnerability. An attacker could use this to construct a malicious CIFS image that, when operated on, could cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-6606)

Budimir Markovic, Lucas De Marchi, and Pengfei Xu discovered that the perf subsystem in the Linux kernel did not properly validate all event sizes when attaching new events, leading to an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6931)

It was discovered that the IGMP protocol implementation in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6932)


{
  "affected": [
    {
      "database_specific": {
        "cves_map": {
          "cves": [
            {
              "id": "CVE-2023-6606",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2023-6931",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "high",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2023-6932",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "high",
                  "type": "Ubuntu"
                }
              ]
            }
          ],
          "ecosystem": "Ubuntu:Pro:16.04:LTS"
        }
      },
      "ecosystem_specific": {
        "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
        "binaries": [
          {
            "binary_name": "linux-aws-cloud-tools-4.4.0-1165",
            "binary_version": "4.4.0-1165.180"
          },
          {
            "binary_name": "linux-aws-headers-4.4.0-1165",
            "binary_version": "4.4.0-1165.180"
          },
          {
            "binary_name": "linux-aws-tools-4.4.0-1165",
            "binary_version": "4.4.0-1165.180"
          },
          {
            "binary_name": "linux-buildinfo-4.4.0-1165-aws",
            "binary_version": "4.4.0-1165.180"
          },
          {
            "binary_name": "linux-cloud-tools-4.4.0-1165-aws",
            "binary_version": "4.4.0-1165.180"
          },
          {
            "binary_name": "linux-headers-4.4.0-1165-aws",
            "binary_version": "4.4.0-1165.180"
          },
          {
            "binary_name": "linux-image-4.4.0-1165-aws",
            "binary_version": "4.4.0-1165.180"
          },
          {
            "binary_name": "linux-modules-4.4.0-1165-aws",
            "binary_version": "4.4.0-1165.180"
          },
          {
            "binary_name": "linux-modules-extra-4.4.0-1165-aws",
            "binary_version": "4.4.0-1165.180"
          },
          {
            "binary_name": "linux-tools-4.4.0-1165-aws",
            "binary_version": "4.4.0-1165.180"
          }
        ]
      },
      "package": {
        "ecosystem": "Ubuntu:Pro:16.04:LTS",
        "name": "linux-aws",
        "purl": "pkg:deb/ubuntu/linux-aws@4.4.0-1165.180?arch=source\u0026distro=esm-infra/xenial"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.4.0-1165.180"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "4.4.0-1001.10",
        "4.4.0-1003.12",
        "4.4.0-1004.13",
        "4.4.0-1007.16",
        "4.4.0-1009.18",
        "4.4.0-1011.20",
        "4.4.0-1012.21",
        "4.4.0-1013.22",
        "4.4.0-1016.25",
        "4.4.0-1017.26",
        "4.4.0-1018.27",
        "4.4.0-1020.29",
        "4.4.0-1022.31",
        "4.4.0-1026.35",
        "4.4.0-1028.37",
        "4.4.0-1030.39",
        "4.4.0-1031.40",
        "4.4.0-1032.41",
        "4.4.0-1035.44",
        "4.4.0-1037.46",
        "4.4.0-1038.47",
        "4.4.0-1039.48",
        "4.4.0-1041.50",
        "4.4.0-1043.52",
        "4.4.0-1044.53",
        "4.4.0-1047.56",
        "4.4.0-1048.57",
        "4.4.0-1049.58",
        "4.4.0-1050.59",
        "4.4.0-1052.61",
        "4.4.0-1054.63",
        "4.4.0-1055.64",
        "4.4.0-1057.66",
        "4.4.0-1060.69",
        "4.4.0-1061.70",
        "4.4.0-1062.71",
        "4.4.0-1063.72",
        "4.4.0-1065.75",
        "4.4.0-1066.76",
        "4.4.0-1067.77",
        "4.4.0-1069.79",
        "4.4.0-1070.80",
        "4.4.0-1072.82",
        "4.4.0-1073.83",
        "4.4.0-1074.84",
        "4.4.0-1075.85",
        "4.4.0-1077.87",
        "4.4.0-1079.89",
        "4.4.0-1081.91",
        "4.4.0-1083.93",
        "4.4.0-1084.94",
        "4.4.0-1085.96",
        "4.4.0-1087.98",
        "4.4.0-1088.99",
        "4.4.0-1090.101",
        "4.4.0-1092.103",
        "4.4.0-1094.105",
        "4.4.0-1095.106",
        "4.4.0-1096.107",
        "4.4.0-1098.109",
        "4.4.0-1099.110",
        "4.4.0-1100.111",
        "4.4.0-1101.112",
        "4.4.0-1102.113",
        "4.4.0-1104.115",
        "4.4.0-1105.116",
        "4.4.0-1106.117",
        "4.4.0-1107.118",
        "4.4.0-1109.120",
        "4.4.0-1110.121",
        "4.4.0-1111.123",
        "4.4.0-1112.124",
        "4.4.0-1113.126",
        "4.4.0-1114.127",
        "4.4.0-1117.131",
        "4.4.0-1118.132",
        "4.4.0-1119.133",
        "4.4.0-1121.135",
        "4.4.0-1122.136",
        "4.4.0-1123.137",
        "4.4.0-1124.138",
        "4.4.0-1126.140",
        "4.4.0-1127.141",
        "4.4.0-1128.142",
        "4.4.0-1129.143",
        "4.4.0-1130.144",
        "4.4.0-1131.145",
        "4.4.0-1132.146",
        "4.4.0-1133.147",
        "4.4.0-1134.148",
        "4.4.0-1135.149",
        "4.4.0-1137.151",
        "4.4.0-1138.152",
        "4.4.0-1139.153",
        "4.4.0-1140.154",
        "4.4.0-1143.158",
        "4.4.0-1145.160",
        "4.4.0-1146.161",
        "4.4.0-1147.162",
        "4.4.0-1148.163",
        "4.4.0-1150.165",
        "4.4.0-1151.166",
        "4.4.0-1152.167",
        "4.4.0-1153.168",
        "4.4.0-1154.169",
        "4.4.0-1155.170",
        "4.4.0-1156.171",
        "4.4.0-1157.172",
        "4.4.0-1158.173",
        "4.4.0-1159.174",
        "4.4.0-1160.175",
        "4.4.0-1161.176",
        "4.4.0-1162.177",
        "4.4.0-1163.178",
        "4.4.0-1164.179"
      ]
    }
  ],
  "aliases": [],
  "details": "It was discovered that the CIFS network file system implementation in the\nLinux kernel did not properly validate the server frame size in certain\nsituation, leading to an out-of-bounds read vulnerability. An attacker\ncould use this to construct a malicious CIFS image that, when operated on,\ncould cause a denial of service (system crash) or possibly expose sensitive\ninformation. (CVE-2023-6606)\n\nBudimir Markovic, Lucas De Marchi, and Pengfei Xu discovered that the perf\nsubsystem in the Linux kernel did not properly validate all event sizes\nwhen attaching new events, leading to an out-of-bounds write vulnerability.\nA local attacker could use this to cause a denial of service (system crash)\nor possibly execute arbitrary code. (CVE-2023-6931)\n\nIt was discovered that the IGMP protocol implementation in the Linux kernel\ncontained a race condition, leading to a use-after-free vulnerability. A\nlocal attacker could use this to cause a denial of service (system crash)\nor possibly execute arbitrary code. (CVE-2023-6932)\n\n",
  "id": "USN-6603-1",
  "modified": "2026-06-25T10:46:18Z",
  "published": "2024-01-25T20:24:48Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://ubuntu.com/security/notices/USN-6603-1"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2023-6606"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2023-6931"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2023-6932"
    }
  ],
  "related": [],
  "schema_version": "1.7.0",
  "summary": "linux-aws vulnerabilities",
  "upstream": [
    "UBUNTU-CVE-2023-6606",
    "UBUNTU-CVE-2023-6931",
    "UBUNTU-CVE-2023-6932"
  ]
}



Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…